Slashdot Mirror
Snapchat Says Users Were Victimized By Their Use of Third-Party Apps
Lucas123 writes: Reports that the servers of photo messaging site Snapchat were hacked are being denied by the company, which is now is saying its users were instead victimized by their use of third-party apps to send and receive Snaps. Hackers on 4chan have said broke into the site and they're preparing to release 200,000 photos or videos in their own database that will be searchable by Snapchatter name. According to one report, the third-party Snapchat client app enabled access for years to the data that was supposed have been deleted. The hackers have said they have a 13GB photo library. For its part, Snapchat in a statement reiterated its Terms of Use Policy, that "expressly prohibits" third-party app use "because they compromise our users' security."
Will someone please stop this anonymous mystery hacker? he's causing havoc all over the place.
Are they going to ban development systems and emulators? Pretty sure BlueStacks can take all the screenshots I want. How about cameras? Eyeballs? Is the analog hole closed yet?
Anyone who thought a Snapchat image was truly ephemeral was, at best, ignorant.
So why didn't Snapchat take a proactive approach and ban the third parties?
It wouldn't help. Their system is fundamentally flawed because it relies on trusting the client, and the client's OS. The image is displayed on the screen and the app is supposed to then erase it, making sure it can't be screen captured. If the OS allows screen capture, or the app has been modified then the image can be captured.
All they needed to do was release a modified Snapchat app that allowed users to save images on to warez sites. As well as saving imagines to the phone it also sent them to the hacker's server. The victims didn't even use the app themselves, it was the people they were sending images to.
const int one = 65536; (Silvermoon, Texture.cs)
SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
Boyfriend: "Wow, that's a great picture....but after the recent photo problem, are you sure you should be sending these kinds of pictures?"
Jennifer: "No, it's OK. I'm using this App called SnapChat and it deletes them automatically! They can't be saved or end up in the stupid cloud anymore."
It's around 200,000 pictures, actually. No need to figure out how many pictures are in 13GB when they say, right there, how many pictures there are.
"Our two-party system is like a bowl of shit looking at itself in a mirror." - Lewis Black
No, it's like a bank telling you that it's not their fault when you make a check out to "cash" and someone other then who you intend cashes it.
Assuming snap chat is correct. In order to be a victim here one of two things needs to have happened:
1: You use a 3rd party client that leaked your photo - This is 100% your fault
2: You need to have sent a photo to someone using a 3rd party client which leaked your photo - Maybe you should have shown better judgement when sending out a photo if you were going to get upset about it being released.
Given that roughly half of Snapchat's userbase is between the ages of 13-17, you very likely do not want to subscribe to this if you value your freedom.
Any sufficiently advanced technology is indistinguishable from magic.
-- Arthur C. Clarke
Pretty sure that's the definition of ignorance.
While I suppose it's possible that that the reference to 'users' in 'their' is a different subset, the phrasing makes it seem that somebody who sent a picture was victimized by their own use of a third party app, while in reality all signs are pointing to the recipient of the photo using said app.
The recipients hopefully feel doubly-awful not just for betraying their friend's trust (not saving the image implied by the use of snapchat - technical feasibility and analog loopholes aside) in the first place, but for playing a pivotal role in those images possibly becoming public.
While I'm certainly in favor of educating people that when you send stuff to others, you have lost all control over it, no matter what assurances you get, I'm also in favor of educating people not to be jerks (be that the recipients, or the hackers).
I'm not sure if this has always been the case, or was added later, but for a very long time now, at least the Play Store's description has included:
So nobody should have been under the illusion that it was, in fact, impossible to save these images even if they lived a sheltered life and never imagined the analog loophole.
Yeah but that's like the really fast voice at the end of the drug commercial talking about death.
Snapchat's entire premise when it started out was that things were transient. Everybody told the founders it was a stupid idea, because, well, it's a stupid idea. But the people saying it was a stupid idea were making those statements based on impossibility, that the concept was akin to founding a company that would rent out genies that could give out wishes to people.
Obviously, the founders have the last laugh, because one way to make a lot of money is to rely on a gullible public and ignore the laws of reality. They aren't the first, and won't be the last, to make fortunes based on snake oil.
Back around the year 2000, ISPs used to offer free web hosting to their customers. Some ISPs had templates that you could fill in with text and uploaded images, to make it simple to create a web page.
If ISPs still offered that service, and if customers who don't know how to write a web page used the service, then private web sites would be more dispersed, and therefore less tempting to crack. (Also, the customers wouldn't have to give out personal information, besides the info that they already needed to give out for their Internet connection.)
This service should let the customers password-protect their web pages.
This could be a more private and secure service for customers who just want a simple "Hello, this is me" web site.