Slashdot Mirror

← Back to Stories (view on slashdot.org)

Snapchats Don't Disappear

Posted by timothy on from the un-disappearing-ink dept.

Mobile photo-sharing app SnapChat has one claim to fame, compared to other ways people might share photos from their cellphones: the photos, once viewed, disappear from view, after a pre-set length of time. However, it turns out they don't disappear as thoroughly as users might like. New submitter nefus writes with this excerpt from Forbes: "Richard Hickman of Decipher Forensics found that it's possible to pull Snapchat photos from Android phones simply by downloading data from the phone using forensics software and removing a '.NoMedia' file extension that was keeping the photos from being viewed on the device. He published his findings online and local TV station KSL has a video showing how it's done."

51 of 85 comments (clear)

  1. But on Colbert by Anonymous Coward · · Score: 2, Funny

    The two douches who made it said it deletes it off the internet forever.

    1. Re:But on Colbert by neverwhere9 · · Score: 2

      They also said people use it to "talk," whereas if people really wanted to see each others faces, they'd use Skype. It's really a pointless app. It's boring to use to talk, and people can take screenshots of sexy pics.

    2. Re:But on Colbert by greentshirt · · Score: 1

      It automatically informs the other user if it detects a screenshot. I've tried multiple screenshot apps as well as the screenshot feature native to CM to test this. Of course, it's still completely pointless since someone properly motivated can simply take a photograph of the phone while the photo is being displayed. People need to realize that nothing that you send to another person can ever be guaranteed to "self-destruct".

    3. Re:But on Colbert by gl4ss · · Score: 1

      ..run it on a emulator? at the very least use a silent screenshot app.
      or take the screenshots with the screenshot tool that comes with the adt.

      --
      world was created 5 seconds before this post as it is.
    4. Re:But on Colbert by BasilBrush · · Score: 3, Funny

      People need to realize that nothing that you send to another person can ever be guaranteed to "self-destruct".

      Sure it can. I've seen it on Mission Impossible.

    5. Re:But on Colbert by AvitarX · · Score: 1

      There's a pretty big difference between someone has a small window to archive a pic, and everything automatically archived.

      It's not about protecting oneself from a pre-planned malicious act, but from something accidentally surfacing ten years later, or even intentionally, as the default for everything is a fairly permanent archive. The odds that the type of person that is going to go through the effort to make the screenshots (via emulator) doesn't send off so many creeper vibes as to never get relevant pics seems like enough to me.

      It'd be nice if it could block the built in screen shot, but the notification should be enough of disincentive for people to do it as a routine archiving.

      --
      Wow, sent an e-mail as suggested when clicking on "use classic" banner, and got a fast response that addressed my msg
    6. Re:But on Colbert by Keybounce · · Score: 1

      Sure it can. I've seen it on Mission Impossible.

      And didn't we see that on Mythbusters?

  2. Keep it in memory by nzac · · Score: 4, Insightful

    How hard could it be to store it in RAM as it is received and then zero out the memory when finished. Sure it is not remotely hack proof but at least when it is broken you can only get new photos.

    Or if you don't have the RAM to store the pic store an encryption key.

    1. Re:Keep it in memory by reve_etrange · · Score: 1

      They could actually delete the file, at least, even if they have to save one for some reason. I have no idea what the Android camera API is like, maybe they wanted to avoid requiring a certain permission?

      --
      .: Semper Absurda :.
    2. Re:Keep it in memory by Shikaku · · Score: 4, Interesting

      Actually I do know how much it is.

      It's like 6MB, at worst. While it isn't enough for an uncompressed image, most JPEGS fall under the size limit of this.

      http://ryanolson.wordpress.com/2010/07/13/test-how-changing-the-max-amount-of-memory-per-vm-heap-can-effect-your-rom-cyanogen/

    3. Re:Keep it in memory by Osgeld · · Score: 2

      whats the difference, its not 1983 anymore, you dont run one app and shut off your machine, when was your phone rebooted last? why cant they just zero out the flash memory, what is your point of RAM, if they are not going to delete it off your phone what makes you think they are going to delete it off their SERVERs

    4. Re:Keep it in memory by pavon · · Score: 1

      Then how do applications even display images to the user if they won't fit in memory?

    5. Re:Keep it in memory by RulerOf · · Score: 1

      Perhaps it's necessary to write it out to the file system before you can transfer it to the GPU RAM, likely due to that tiny heap issue the guys above mentioned? So you'd need to write portions of it to RAM and flush it out to the GPU, tiny chunks at a time perhaps?

      Normally works great, but... looks like someone screwed up, perhaps? Maybe a debug flag that renames the file extension instead of deleting the image got left on... We could speculate for hours, but if it wasn't an accident... that's pretty pathetic. Given how small the images are, it'd be trivial to "dd if=/dev/urandom of=/media/dongpic.jpg.nomedia count=filesize" or whatever, for every single one that comes in!

      --
      Boot Windows, Linux, and ESX over the network for free.
    6. Re:Keep it in memory by gl4ss · · Score: 1

      The dalvik VM has a (small) fixed heap size. Storing received photos in RAM wouldn't be a viable option here.

      they could use the ndk to get around that.

      --
      world was created 5 seconds before this post as it is.
    7. Re:Keep it in memory by Urza9814 · · Score: 1

      it would need to store more than one picture in RAM though -- to never touch the flash memory it would need to store every picture you have not yet viewed. Of course, the bigger concern is probably that rebooting your phone would wipe every image you haven't yet seen.

  3. Good? by Anonymous Coward · · Score: 1, Insightful

    Down with DRM in all forms.

    Vanishing pictures... thats drm. don't care how you spin it.

  4. Re:Never trust an "app" to do anything. by Black+Parrot · · Score: 3, Insightful

    If you wanted actual security, you'd use a real program to do it instead of an app.

    If you wanted actual security, you wouldn't have it on a computer.

    --
    Sheesh, evil *and* a jerk. -- Jade
  5. FUD by az1324 · · Score: 3, Informative

    "However, once the photo is opened, and the timer goes off, Snapchat does in fact delete the photo."

    http://techcrunch.com/2013/05/09/actually-snapchat-photos-are-just-as-deleted-as-any-other-file-you-trash/

  6. Re: Foresnics software? by Anonymous Coward · · Score: 1

    What makes you think that the forensics software isn't a 3rd party file manager that lets you see more than the 70% of your crappy file manager?

  7. Super DURRRRRRRRR! by jtownatpunk.net · · Score: 1, Redundant

    What morons thought their claims were even remotely possible. You don't even need to be a techie to save the images forever. Just snap a screenshot while the image is being displayed. Done.

    1. Re:Super DURRRRRRRRR! by Anonymous Coward · · Score: 1, Informative

      Just snap a screenshot while the image is being displayed. Done.

      Yeah but that notifies the other person, and I think that it can even be disabled.

    2. Re:Super DURRRRRRRRR! by jtownatpunk.net · · Score: 2

      I don't see how notifying the sender does anything to change the fact that I now have a permanent copy of their junk. Or I could get a 3rd party screen capture program that doesn't inform anyone that the images has been saved.

    3. Re:Super DURRRRRRRRR! by JabberWokky · · Score: 5, Insightful

      They'd likely be in your social circles, too, so you'd catch shit for your evil deed.

      Thank goodness that people sending photographs of their genitals to other people don't have any impulsive friends, make poor choices in who to hang out with, or have ever befriended random people on the net and quickly deem them friends.

      Teens in particular are well known for making choices based on long term thinking and a strong sense of never engaging in revenge or social warfare. First world schools are a shining beacon on the hill for compassion, empathy and an overwhelming sense of equality and egalitarian concern for the mental well being of others. You are right: these people would never engage in behavior that damaged another peer. Skilled bullies and social climbers are never popular in middle school and high school, and embarrassing events are quickly hushed up.

      --
      "$30 for the One True Ring. $10 each additional ring!" -- JRR "Bob" Tolkien
    4. Re:Super DURRRRRRRRR! by SkimTony · · Score: 1

      This is a fantastic piece of literature that you've created. I want to turn it into a pamphlet or something, to pass out to people.

      Actually, I'd make this part of the login/click-through screen for uploading anything to FaceBook, Twitter, YouTube, etc. Imagine what it could change!

  8. Re:Never trust an "app" to do anything. by Anonymous Coward · · Score: 4, Insightful

    If you wanted actual security, you'd use a real program to do it instead of an app.

    If you wanted actual security, you wouldn't have it on a computer.

    If you wanted actual security, you wouldn't send it to someone else's computer.

  9. Wut. by WedgeTalon · · Score: 3, Insightful

    Forensics software? Just open up the folder. I mean, you have to rooted, but that's not really weird. Look, here's someone talking about getting pics and vids before even viewing them in Snapchat. Back in March. If you have to output something to the user, they're going to have to be able to get at it one way or another.

  10. Pooh loves his honey by Torodung · · Score: 1

    And that, my friends, is what we call a honeypot. Don't trust anyone with your data if you're about to do something stupid/illegal with your computing device.

  11. So, Uhmm, Yeah... by jampola · · Score: 1

    My data doesn't disappear when I run # mkfs.ext3 /dev/sda either. Make ya think eh?

  12. This is a surprise to anybody? by gweihir · · Score: 1

    Seems that people still do not have a clue how computers work. None at all. Here is a hint: If it can be viewed, it can be copied.

    --
    Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
    1. Re:This is a surprise to anybody? by slashkitty · · Score: 1

      Yeah. I never understood this app. Screenshot to keep the photos..

      --
      -- these are only opinions and they might not be mine.
  13. Title is Spot-On Accurate! by Warhawke · · Score: 3, Informative

    Wooh, another completely incorrect Slashdot title for the win. Because the pics DO disappear when you open them. Both from your phone and their servers. There's just an exploit where rooted phones can view/copy the pictures before they are opened/deleted. "Don't disappear" =/ discretely copyable.

    1. Re:Title is Spot-On Accurate! by Jah-Wren+Ryel · · Score: 2

      > Because the pics DO disappear when you open them. Both from your phone and their servers
      > There's just an exploit where rooted phones can view/copy the pictures before they are opened/deleted.

      No. This is explicitly about recovering the images AFTER they have been viewed. Grabbing them before they have been viewed is old news.

      This guy has proved that "deleted" just means renamed and pending actual delete. Even then it sounds like an undelete file tool could get some back. Snapchat should be overwriting the files instead of just renaming them and queuing for delete in the future...

      --
      When information is power, privacy is freedom.
    2. Re:Title is Spot-On Accurate! by Gaygirlie · · Score: 3, Insightful

      Snapchat should be overwriting the files instead of just renaming them and queuing for delete in the future...

      No. Due to wear-leveling and the likes that is not good enough for data that is supposed to be gone forever. The correct way would be for the app to generate a random encryption key in RAM, encrypt the file with that, save the file to the filesystem but keep the key in RAM, and when the app is done with the file it should overwrite the encryption key -- with proper encryption there is no way of reversing the encryption in any sort of a reasonable amount of time (1000 years) without the key.

    3. Re:Title is Spot-On Accurate! by hankwang · · Score: 1

      Due to wear-leveling and the likes that is not good enough for data that is supposed to be gone forever.

      You're presenting it as an all-or-nothing issue. There are a couple of shades of gray in between. The internal storage of Android devices is typically formatted as ext4, wtih the wear-leveling (I think) done by the flash memory controller. Accessing the "overwritten" data would require quite a bit more work than just analyzing a block-device image. I suspect that you might have to desolder the NAND memory modules.

      And even if the file is deleted but not overwriten, I don't think it's that easy to find the right blocks in the correct sequence; compressed JPEG data past the header data looks pretty much like random data.

      --
      Avantslash: low-bandwidth mobile slashdot.
    4. Re:Title is Spot-On Accurate! by swillden · · Score: 1

      Still, the encryption approach is the right one. It's fast, easy and much harder to circumvent.

      --
      Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
    5. Re:Title is Spot-On Accurate! by hankwang · · Score: 1

      the encryption approach is the right one. It's fast, easy and much harder to circumvent.

      If you are paranoid enough to encrypt the data locally after receipt at the phone, then you had better also examine the how the sender and the snapchat server deal with the data. Better setup a public-key system and figure out how to do the key management without discouraging Joe and Jane User.

      --
      Avantslash: low-bandwidth mobile slashdot.
    6. Re:Title is Spot-On Accurate! by Jherek+Carnelian · · Score: 1

      . Due to wear-leveling and the likes that is not good enough for data that is supposed to be gone forever. The correct way would be for the app to generate a random encryption key in RAM, encrypt the file with that, save the file to the filesystem but keep the key in RAM,

      If you are at the level where you have to worry about an attacker who is able to pull data off of a drive's internally managed wear-leveling management buffers then you also have to worry about all kinds of other less complex attack vectors like a daemon process that silently takes a screenshot every time snapchat displays a photo.

    7. Re:Title is Spot-On Accurate! by dcollins117 · · Score: 1

      Because the pics DO disappear when you open them. Both from your phone and their servers

      How do you know the pictures "disappear" from their servers? We've already ascertained they are not actually removed from the phone. How do we know the server admins don't keep some of the more "interesting" photos for their private collection? Of course, they wouldn't disclose that publicly.

      Furthermore, in the United States, the Stored Communications Act mandates that providers must preserve stored data for up to 180 days upon government request. For an application whose target demographic seems to be horny teenagers, I can see this law being used (or abused) in cases of suspected child pornography.

  14. I don't get it by Dominare · · Score: 1

    I'm probably going to show my age and/or a great deal of naiveté here, but can someone please explain why this service is even a thing? I just can't think of a situation in which I would send a photo to someone and subsequently care whether they saved it or not. I mean, if I want them to see it I send it, if I don't want them to see it then I don't send it. How is it more complicated than that?

    1. Re:I don't get it by gweihir · · Score: 2

      And then they trust something like this? "Digital natives", my ass. If that is really the use case for this thing, then people have even less of a clue today.

      --
      Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
    2. Re:I don't get it by hankwang · · Score: 1

      "I just can't think of a situation in which I would send a photo to someone and subsequently care whether they saved it or not. "

      Sending nude pictures to your (teen) lover while reducing the risk that they get to be seen by the rest of the school if the relation goes sour. Or to prevent being charged for spreading child porn, like these kids: http://www.connectsafely.org/Commentaries-Staff/teens-convictions-for-child-porn-upheld.html

      Maybe cheating husbands and wives who don't want to leave too many trails. Although I'd be rather suspicious if my significant other had Snapchat installed on her phone...

      --
      Avantslash: low-bandwidth mobile slashdot.
    3. Re:I don't get it by Si · · Score: 1

      Snap. Chat. Supposedly a method of instant messaging, but with photos. Yeah, I don't get it either. My (still a teen, but just barely) niece uses it to send me pics of her goofing around with her younger siblings. Beyond that I think whatever appeal there is exists in how simple it is to use. Heard a story on NPR where the kids aren't even using SnapChat for sexting.

      --


      Why is it that many people who claim to support standards have such atrocious spelling and grammar?
  15. Re:Never trust an "app" to do anything. by beelsebob · · Score: 2, Insightful

    Apps are worthless pieces of junk that never do anything correctly.

    If you wanted actual security, you'd use a real program to do it instead of an app.

    Sorry, but what's the difference? You do realise that App is short for "Application", i.e. what apple calls every program on your machine. On OS X (and iOS) the equivalent to the .exe extension is .app.

  16. Re:Foresnics software? by greentshirt · · Score: 1

    Root Explorer

  17. Re:Never trust an "app" to do anything. by jones_supa · · Score: 1

    You know what he means.

  18. Easy fix! by closer2it · · Score: 5, Funny

    All they need to do is create the ".NoMediaNoMedia" file. This will keep the photos and the file ".NoMedia" from being viewed on the device.

    1. Re:Easy fix! by Anonymous Coward · · Score: 1

      Another fix would be changing the file extension to ".NothingToSeeHereMoveAlong".

  19. Re:Never trust an "app" to do anything. by tsa · · Score: 3, Insightful

    Yep. He means: "Do not feed me. I'm a troll."

    --

    -- Cheers!

  20. Re:Never trust an "app" to do anything. by beelsebob · · Score: 1

    No, I genuinely don't know what he means –what's the supposed difference between a program that runs on a computer, and a program that runs on a small computer?

  21. Or... by DrYak · · Score: 1

    Another fix would be changing the file extension to ".NothingToSeeHereMoveAlong".

    Or Maybe :
    ".TheseArentTheBoobiesYoureLookingFor.HandWaving"

    --
    "Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
  22. Re:Never trust an "app" to do anything. by Keybounce · · Score: 1

    If you wanted actual security, you'd use a real program to do it instead of an app.

    If you wanted actual security, you wouldn't have it on a computer.

    If you wanted actual security, you wouldn't send it to someone else's computer.

    If you wanted actual security, you would ensure that no other computer could access the files on your computer.