Things that are forever ...
So, death, taxes, herpes and now we add 'anything you ever put online' ...
Privacy experts have been warning for some time that images shared using self-destructing-photo service Snapchat may not be as stalker-proof as expected. Now the company has revealed that users shouldn't assume their snaps are off-limits to the police, either. The basic idea of Snapchat is that recipients of images can only …
Really? They could be seen 'before deletion from the servers.'
You actually mean 'under national laws we are obliged to keep ALL information accessible to law enforcement agencies and anyone who wants to have a look for a period of no less than 6 years, though in certain circumstances we can insist on this information being kept forever.'
Would be fairly trivial to allow each user to set up a crypto key, so Snapchat themselves could never have access to the plaintext pics…
If you're privacy-minded, the best defence against enforced disclosure is not having the data. My previous ISP in New York (bway.net) used to make a *point* of not keeping logs of which IP address was assigned to which user at any given time, so any request or demand for information was met with a shrug and a 'sorry, we don't keep that data'. AnonDSL was what they called the service.
...nah, I'm not even going to bother with the tired comparisons.
This kind of story is more than old. It's a depressing reminder that people simply refuse to accept basic concepts.
The internet is a public network. It's multihomed, multipath, and multitenant. You cannot presume that anything you transmit into it is not public knowledge.
Yet everyday there's someone new trying to convince you that they have the magic secret to making this most public of systems completely private. And people always buy it.
The other tired old falicy is that you have control over data you send once it's sent.
Whether it's streaming audio, or streaming video, or even frigging 10-seconds-to-view photos, once the data has left your hands you are no longer in control, and ultimately no DRM facade or custom app can change this.
Yet everyday there's someone new trying to convince you that they have the magic secret to making this most public of systems completely private. And people always buy it.
Do you buy envelopes or always use postcards ? And if the former, is this because envelopes can't be steamed open, or because the privacy gained is worth the cost of doing this which generally outweighs the benefits to the attacker of this kind of attack ?
"The internet is a public network. It's multihomed, multipath, and multitenant. You cannot presume that anything you transmit into it is not public knowledge.
Yet everyday there's someone new trying to convince you that they have the magic secret to making this most public of systems completely private. And people always buy it."
Looks like it's the rebirth of the Sneakernet to me.
Back when I ran a simple mailing list, I had an even simpler privacy policy. "This information will not be used for any other purpose, not even keeping our own sorry arses out of jail". It never came to it, but I was quite prepared to take those addresses to the grave rather than let them into the hands of the Authorities.
The world needs more people prepared to choose what is right over what petty control freaks demand.
If Snapchat wants to continue being a going concern, saying, "Fuck the law, man, we won't comply with any requests, warrants or not!@@@" is a really bad way to do it.
It's one thing if you're operating a small-scale thing, or a specific type of community, maybe, but being disappointed in Snapchat not just telling the authorities to roll it up tight is unreasonable in the extreme; your policy would essentially make it impossible for a public-facing company to do business anywhere with a legal system.
Well, it was all a long time ago; I was younger, more impetuous, had less to lose, and there was no RIPA. And nothing ever happened anyway; there was no heroic last stand, with me plunging from a bridge clutching the laptop with the only copy of the data or anything like that .....
But I still admire the spirit shown by people like Caroline Lucas MP, who is quite prepared to risk the consequences of standing up for her own convictions. And I think we need more people like that, instead of spinelessly kowtowing to the authorities' demands.
There are about a million ways this could be prevented, starting with encrypted storage of stuff to which the servers don't have the key (as has been mentioned) and ending with never passing actual pictures through the server in the first place (direct peer-to-peer). It just seems that nobody really gives a damn - and those that do simply stay away.
I question the integrity of those using snap chat! Hardly surprising in post millenium Britian. Seems most partens have dragged their kids up, not raised them with decency, integrity or respect.
There is only one thing that can be said "If you get your tiits out for the lads, expect them to be posted everywhere!" At least Page 3/porn stars are proud to have them displayed.
"only he and Snapchat CTO Bobby Murphy have access to the tools used for extracting unopened selfies from the company's servers."
"...As a matter of fact, I'd better make sure those tools are still working. Can't be too sure, you know. I'll be in my underground lai - err, my office. Hold my calls, Sally."
So in that case why transfer them to the phone when requested? transmit them to the handset immediately and delete them from the server, encrypt them and when the user requests to view them, transmit the decryption key. That way you cut down on the storage time massively, things only being stored if the handset is not in data reception reach.