Slashdot Mirror

← Back to Stories (view on slashdot.org)

Snapchats Don't Disappear

Posted by timothy on from the un-disappearing-ink dept.

Mobile photo-sharing app SnapChat has one claim to fame, compared to other ways people might share photos from their cellphones: the photos, once viewed, disappear from view, after a pre-set length of time. However, it turns out they don't disappear as thoroughly as users might like. New submitter nefus writes with this excerpt from Forbes: "Richard Hickman of Decipher Forensics found that it's possible to pull Snapchat photos from Android phones simply by downloading data from the phone using forensics software and removing a '.NoMedia' file extension that was keeping the photos from being viewed on the device. He published his findings online and local TV station KSL has a video showing how it's done."

12 of 85 comments (clear)

  1. Keep it in memory by nzac · · Score: 4, Insightful

    How hard could it be to store it in RAM as it is received and then zero out the memory when finished. Sure it is not remotely hack proof but at least when it is broken you can only get new photos.

    Or if you don't have the RAM to store the pic store an encryption key.

    1. Re:Keep it in memory by Shikaku · · Score: 4, Interesting

      Actually I do know how much it is.

      It's like 6MB, at worst. While it isn't enough for an uncompressed image, most JPEGS fall under the size limit of this.

      http://ryanolson.wordpress.com/2010/07/13/test-how-changing-the-max-amount-of-memory-per-vm-heap-can-effect-your-rom-cyanogen/

  2. Re:Never trust an "app" to do anything. by Black+Parrot · · Score: 3, Insightful

    If you wanted actual security, you'd use a real program to do it instead of an app.

    If you wanted actual security, you wouldn't have it on a computer.

    --
    Sheesh, evil *and* a jerk. -- Jade
  3. FUD by az1324 · · Score: 3, Informative

    "However, once the photo is opened, and the timer goes off, Snapchat does in fact delete the photo."

    http://techcrunch.com/2013/05/09/actually-snapchat-photos-are-just-as-deleted-as-any-other-file-you-trash/

  4. Re:Never trust an "app" to do anything. by Anonymous Coward · · Score: 4, Insightful

    If you wanted actual security, you'd use a real program to do it instead of an app.

    If you wanted actual security, you wouldn't have it on a computer.

    If you wanted actual security, you wouldn't send it to someone else's computer.

  5. Wut. by WedgeTalon · · Score: 3, Insightful

    Forensics software? Just open up the folder. I mean, you have to rooted, but that's not really weird. Look, here's someone talking about getting pics and vids before even viewing them in Snapchat. Back in March. If you have to output something to the user, they're going to have to be able to get at it one way or another.

  6. Title is Spot-On Accurate! by Warhawke · · Score: 3, Informative

    Wooh, another completely incorrect Slashdot title for the win. Because the pics DO disappear when you open them. Both from your phone and their servers. There's just an exploit where rooted phones can view/copy the pictures before they are opened/deleted. "Don't disappear" =/ discretely copyable.

    1. Re:Title is Spot-On Accurate! by Gaygirlie · · Score: 3, Insightful

      Snapchat should be overwriting the files instead of just renaming them and queuing for delete in the future...

      No. Due to wear-leveling and the likes that is not good enough for data that is supposed to be gone forever. The correct way would be for the app to generate a random encryption key in RAM, encrypt the file with that, save the file to the filesystem but keep the key in RAM, and when the app is done with the file it should overwrite the encryption key -- with proper encryption there is no way of reversing the encryption in any sort of a reasonable amount of time (1000 years) without the key.

  7. Re:Super DURRRRRRRRR! by JabberWokky · · Score: 5, Insightful

    They'd likely be in your social circles, too, so you'd catch shit for your evil deed.

    Thank goodness that people sending photographs of their genitals to other people don't have any impulsive friends, make poor choices in who to hang out with, or have ever befriended random people on the net and quickly deem them friends.

    Teens in particular are well known for making choices based on long term thinking and a strong sense of never engaging in revenge or social warfare. First world schools are a shining beacon on the hill for compassion, empathy and an overwhelming sense of equality and egalitarian concern for the mental well being of others. You are right: these people would never engage in behavior that damaged another peer. Skilled bullies and social climbers are never popular in middle school and high school, and embarrassing events are quickly hushed up.

    --
    "$30 for the One True Ring. $10 each additional ring!" -- JRR "Bob" Tolkien
  8. Easy fix! by closer2it · · Score: 5, Funny

    All they need to do is create the ".NoMediaNoMedia" file. This will keep the photos and the file ".NoMedia" from being viewed on the device.

  9. Re:Never trust an "app" to do anything. by tsa · · Score: 3, Insightful

    Yep. He means: "Do not feed me. I'm a troll."

    --

    -- Cheers!

  10. Re:But on Colbert by BasilBrush · · Score: 3, Funny

    People need to realize that nothing that you send to another person can ever be guaranteed to "self-destruct".

    Sure it can. I've seen it on Mission Impossible.