Slashdot Mirror

← Back to Stories (view on slashdot.org)

Snapchat Users' Phone Numbers Exposed To Hackers

Posted by timothy on from the take-a-memo-it'll-last-longer dept.

beaverdownunder writes with an extract from The Guardian, based on a security diclosure from Gibson Security: "Snapchat users' phone numbers may be exposed to hackers due to an unresolved security vulnerability, according to a new report released by a group of Australian hackers. Snapchat is a social media program that allows users to send pictures to each other that disappear within 10 seconds. Users can create profiles with detailed personal information and add friends that can view the photos a user shares. But Gibson Security, a group of anonymous hackers from Australia, has published a new report with detailed coding that they say shows how a vulnerability can be exploited to reveal phone numbers of users, as well as their privacy settings." Snapchat downplays the significance of the hole.

8 of 69 comments (clear)

  1. Re:Why in God's name... by mstra · · Score: 4, Informative

    Not defending it, but the way Snapchat works is that you find your "friends" based on their phone number. Not amazingly brilliant, but that's why.

    --
    Photography, technology, and my dog Scout - http://mattstratton.com
  2. Dumb people by DogDude · · Score: 2, Insightful

    People who give out their phone number to random Internet "services" that they are not customers of quite frankly deserve to be assaulted by telemarketers at all hours.

    --
    I don't respond to AC's.
    1. Re:Dumb people by vlueboy · · Score: 2

      People who give out their phone number to random Internet "services" that they are not customers of quite frankly deserve to be assaulted by telemarketers at all hours.

      You really think it's their fault? Common sense has never been too strong when compared to status quo and people follow by lead. Thankfully, that helped us win some battles, in the past. After all, people now know about firefox and Ubuntu without being geeks themselves. Because they followed a geek trend that eventually became mainstream.

      But trends are exactly what all big and small companies are following now. You can't sign up to Yahoo, Hotmail or Gmail without being asked for a cellphone number. Since that is so normal, Facebook, Whatsapp and probably many others I haven't been asked to help with, are already making it a norm. My mother is mad that her FB App autofills her number on the login screen.

      Since it has become the norm to be asked, people sooner or later give in. Or didn't most of us realize that RealName started out just like this, and yet few non-geeks ever obfuscate it on their Facebook and G+ profiles?
      Ultimately, the wise man is he who follows common sense despite trends, percentages and friendly pressures. But online nobody is truly wise with the NSA listening in.

      Funny thought: Phone numbers are nothing --they're in the phonebook after all...
      a really bad day for the web is the day some Dark Snowden comes to release some exploit with even a percent of the treasure trove of data that governments themselves have at their disposal.

  3. Re:Why in God's name... by Anonymous Coward · · Score: 3, Interesting

    Especially when they basically have lied about the photos being deleted.

  4. It's OK by bigdavex · · Score: 3, Funny

    But the phone numbers disappear after 10 seconds, right?

    --
    -Dave
  5. Re:Snapchat... Yeah... by Frosty+Piss · · Score: 2, Funny

    THANK GOODNESS.

    I was on edge all day today, wondering whether this concerned you.

    Now that I have my answer, I can reset easy tonight.

    You're welcome! I try! Sorry to stress you out, if only I had your phone number, I could keep you more up to date.

    --
    If you want news from today, you have to come back tomorrow.
  6. Public service announcement by WOOFYGOOFY · · Score: 2

    For some of the younger readers: snapchat can't actually guarantee that your photo is deleted, so don't send anything you don't want all over the web, as ever.

    For instance, anyone you send your photo to could screen capture your photo before it disappears, then pass that screen capture around.

    Someone could also be between you and your recipient and be capturing everything you send.

    Just so you know.

  7. Fake it by pubwvj · · Score: 4, Insightful

    This is why I give out fake information. I have no reason to trust them so I give fake birthdays, fake phone numbers, fake addresses, fake names, what ever it takes. There is no reason to give them valid information. They are not to be trusted. You should pick and choose which information you want to give. Feel no obligation to answer a question truthfully just because some corporation asks you.

    Obstificate.