1

At the start of the year, DaniWeb reported how Snapchat, the self-destruct photo messaging service, had been hacked and information regarding 4.5 million users had been stolen. Fast forward to now, and Snapchat is again in the mire: nude images have started to appear on 4chan which have been stolen from Snapchat accounts.

According to new reports images from 200,000 Snapchat accounts have been stolen and are now starting to appear online. Snapchat itself denies that its own servers have been breached, however it does confirm that accounts have been hacked. This rather confusing admission would appear to be due to Snapchat account holders using third party apps to send and receive their photos, something that Snapchat prohibits in the terms of use because of the security risk. Indeed, Snapchat has been successful in having such apps removed from Google Play and the App Store, but inevitably there are plenty out there and plenty in use.

In case you have not come across Snapchat before, it's basically an application driven service which enables users to post images, video and text on a time limited basis to a group of recipient users. These 'snaps' self-destruct, sort of, after 10 seconds. That is, there is a 10 second window during which the recipient can see them after which they are no longer available for viewing. Unless the recipient saves it using a screengrabber, or uses a different app to access the service, and so on. The fact that the service is a magnet for people, and in particular young people, to send naked and often explicit images to each other just adds to the potential security spice.

“The very concept of Snapchat leads the user to believe that their photos or videos are deleted very quickly after they have been shared. In 2013 a complaint with the federal trade commission stated this was not the case and this info could in fact be retrieved after the time limit expired" Mark James, a security specialist with ESET, says. "It would appear that the hundreds of thousands of images that have been hacked have actually come from a third party Snapchat client application or web site that has been storing these images for years. The user having installed these third party apps or using these websites may or may not be aware that these images have been saved and still believe that they are instantly deleted, sadly as more than half of Snapchat users are believed to be between 13 and 17 the potential for underage indecent material is extremely high."

“There is always an inherent risk involved when someone uses a product or service in a way that is unintended. SnapChat itself hasn’t reported any breaches and because it doesn’t keep any of the images that pass through its service, it remains an unlikely target" adds Fred Touchette, manager of security research with AppRiver. “People are very concerned with their privacy, and rightly so. However a lot of people fail to grasp the concept that the internet is not a very private place. The best way to keep those photos safe is to not post them anywhere online, even if you think that server in the cloud is only for your eyes only.”

Edited by happygeek

As Editorial Director and Managing Analyst with IT Security Thing I am putting more than two decades of consulting experience into providing opinionated insight regarding the security threat landscape for IT security professionals. As an Editorial Fellow with Dennis Publishing, I bring more than two decades of writing experience across the technology industry into publications such as Alphr, IT Pro and (in good old fashioned print) PC Pro. I also write for SC Magazine UK and Infosecurity, as well as The Times and Sunday Times newspapers. Along the way I have been honoured with a Technology Journalist of the Year award, and three Information Security Journalist of the Year awards. Most humbling, though, was the Enigma Award for 'lifetime contribution to IT security journalism' bestowed on me in 2011.

4
Contributors
4
Replies
38
Views
3 Years
Discussion Span
Last Post by gtcorwin
3

It seems to me that it's like somebody "flashing" a friend discreetly (if that is possible) in a public place and then complaining because someone else managed to sneak a peak. If you don't want anyone else to see then

  1. don't put it on the web
  2. don't put it on your cell phone
  3. don't email it
  4. just, well ... just don't

Edited by Reverend Jim

Votes + Comments
Right?
1

Number four sums it up. Also applies to posting stuff on DaniWeb you don't want your teacher/employer/wife to see...

0

Exactly what Jim said, if you want to keep something private, don't put it on the net ;)

0

People tend to do stupid stuff to impress their friends. They need to be educated about it. Loss of the device, saving to the cloud, texting. It is all so easy to lose control of your "private information"

I tell my kids, if you don't want me to see it, don't make it happen, because if any other person in this world can see it, so can I.

Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.