Slashdot Mirror

← Back to Stories (view on slashdot.org)

More Details On The 3rd-Party Apps That Led to Snapchat Leaks

Posted by timothy on from the you-didn't-really-think-they-were-secure-did-you dept.

Yesterday we posted a link to Computerworld's reports that (unnamed) third-party apps were responsible for a massive leak of Snapchat images from the meant-to-be-secure service. An anonymous reader writes with some more details: Ars Technica identifies the culprit as SnapSaved, which was created to allow Snapchat users to access their sent and received images from a browser but which also secretly saved those images on a SnapSaved server hosted by HostGator. Security researcher Adam Caudill warned Snapchat about the vulnerability of their API back in 2012, and although the company has reworked their code multiple times as advised by other security researchers, Caudill concludes that the real culprit is the concept behind Snapchat itself. "Without controlling the endpoint devices themselves, Snapchat can't ensure that its users' photos will truly be deleted. And by offering that deletion as its central selling point, it's lured users into a false sense of privacy."

2 of 101 comments (clear)

  1. Re:Excuse me while.. by TWX · · Score: 3, Interesting

    I don't feel sorry for those who thought this was seriously secure, and two, who the hell sends naked pictures of themselves and actually thinks other people won't see them? 1999 called and it wants it's noobs back.

    See, I can feel some mild sympathy, basically pity, for those that were stupid enough to think that something electronic and stored in a common format over a common communications medium was secure. That doesn't mean that don't assign at least some blame for their circumstances though.

    This has been a problem since well before 1999. Naked pictures were exchanged on BBSes and on Usenet since the inventions of the scanner and the digital camera. The only difference is that it's easier than ever to do that distribution now, and sharing requiring human interaction has been supplemented by software that seeks out and stores such content.

    Until the technology has actually matured there's no safe solution. Even computer professionals don't necessarily understand all aspects of all of the software that could have access to the content on a user's electronic devices; simple users literally have no chance.

    --
    Do not look into laser with remaining eye.
  2. Re:Nice article by sumdumass · · Score: 3, Interesting

    I'm currious if anyone is being exploited in the sense of exploiting children if they take their own pics and you end up seeing them.

    I'm not saying it is ok to view them or anything, I'm just under the impression that the exploitation comes from children being forced or enticed into the photos and the viewer while not participating in the actual act, it enabling it by creating demand. So if a child takes a photo of themselves for their own reasons, is anyone actual being exploited?

    Or is that a legal term that applied in all situations regardless of any inherent or lack of logical connection?