Saucy Snapchat addicts EXPOSED: Exploit code to poke holes goes wild Four months ago Gibson Security, a group of freelance vulnerability researchers, notified Snapchat that it had found serious flaws in the image-flinging service's security and privacy systems. Having heard nothing back, the group has now released the details and some exploit code to back up its claims. "Given that it's been …
Despite all my years on the internets I honestly did not understand why anyone would want self-destructing photos. It took me way too long to understand that it's a service designed to let highschool girls post photos of their tits without risking that they get featured on some teen porn site.
Schools should be explaining security and the possible downsides of posting stuff to any social media website, as well as the impossibility of ensuring that what goes on Snapchat really disappears. Because then in future employers will know that the idiots who post their drunken binges on Facebook either weren't paying attention in class, or really are dysfunctional narcissists.
Schools have a very difficult time explaining things like this to kids. Remember, the adults who manage your life are the enemy. They're old, don't understand how today's world works. They're stupid, if they knew what they were talking about they wouldn't be teaching, etc...
The 'young adult' age bracket is so highly prized because kids that age are really beginning to assert their individuality. Because of this they're extremely susceptible to marketing. They haven't yet had enough experience to realize that they are being aggressively targeted. They truly think they're the first ones to figure this stuff out. If some brand/thing/fad 'speaks' to them it's because that brand/thing/fad understands them.
They'll look back and say 'god damn' I was stupid, and in most cases it won't matter, it's part of being a kid. One of the first steps in actually being an adult, not adult aged, but an actual adult is admitting you don't know shit. Most of these kids will get there, then one day they'll be 'old' and those stupid kids today are just throwing their lives away but they won't listen. Then they'll get a little older and just say fuck it, it doesn't matter. Then they'll have about 20 years to enjoy it :)
Before schools can explain it, they first have to know it themselves.
You can dance around it, but fundamentally this is a moral consideration. And we've made it nearly impossible for a society as a whole to make moral judgements. Especially about things involving sex/naughty bits.
... it's a service designed to let people post risqué photos of their bits while lowering—but not completely eliminating—the risk that the photos see lots of eyeballs. Else, where's the titillation, that frisson?
FTFY.
In any case, twits with their bits should not act on a belief that the magic conjured on the internet is perfect, and will keep them safe and sound. The charm of Snapchat will likely wear off very quickly when (or each time) the guy behind the curtain is exposed.
I wonder how long tech companies are going to keep up this "LA LA LA LA LA I CAN'T HEAR YOU!!" approach to dealing with (or not dealing with) security experts telling them "Hey, guys, there's a big Effing* hole in your system"
(*From Effing Forest - Just finished my Christmas copy of Raising Steam.)
For as long as they can blame the evil hackers every time they get caught with their pants down because they leave the door open.
No one expects these companies to have air-tight security, clever people will find new attacks. We do expect them to learn from mistakes and not keep repeating them ad nauseam.
That's part of running a business. You're going to have to take risks or you'll be out of business faster than if you had no product at all. You absolutely cannot go running around responding to every third party comment, that's not a viable way to run a business, in any industry. The business will survive or perish based on what you determine is a serious risk and what isn't.
The point is that the people who invent these things, and the people who invest in them, seem to have a complete lack of imagination. They assume that, having thought of a use case, everybody will follow it slavishly.
In the past this was excusable because things were being done for the first time, e.g. the many holes in email. But it seems that many software company founders have no idea of the history of their own industry.
But it seems that many software company founders have no idea of the history of their own industry.
If you'll pardon a graybeard for saying it but it isn't really surprising when you consider how old these founders are. Consider that email and compact discs have been around longer than Mark Zuckerberg. Besides the only industry specific history that they've ever read was likely "Netscape Time".
I too would be a greybeard if growing a beard didn't make me look like Captain Birdseye.
What is surprising to me is that people emerge from computer science courses with no understanding of security whatsoever, whereas nowadays they wouldn't graduate in, say, physics or chemistry, without some notion of safe practice in experiments.
BTDT. You come up with a few good ideas, then you think you're a genius, you're smarter than everybody in the world, and you act that way. But you're not. If you're lucky, you make a few mill before it starts to run down. If you're very lucky, you become Zuck. If not, you crash and burn from your arrogance.
Or just take a screenshot.
I wouldn't be surprised if there was someone out there that disassembled the Snapchat client and replicated all its features but rather than deleting the photo, it just saves it somewhere. There is no way for a remote server to verify that the client hasn't been modified (See: Trusting Trust).
working for a giant consultancy company, I was involved in a healthcare product that made a big deal of the fact that patient records could not be printscreened from the application, and that images expired so they were secure. Of course if you ran the client in a VM, you could still screenshot it. If you pointed a cameraphone at the monitor you'd stil get a reasonable picture. Utterly brainless.
Growing up to become politicians
Imagine if camera phones had been around 20years ago, you now wouldn't be able to open your email without the risk of seeing some image of Cameron or Boris putting their wedding tackle somewhere 'hilarious' .
T' internet will collapse from the horror
I DO like the 'reply' from makers men
Over the past year we’ve implemented various safeguards to make it more difficult to do
so they are effectively saying the vuln IS real, and it works, they are working to make it more difficult NOT to stop it
and the reality of someone actually falling for the BS of a 10 second picture ...................
seems like the old adage of ONE born every minute will need to be revised to a significantly larger figure :o(
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
