Snapchat’s System Revealed

This past week the group of researchers who were examining Snapchat’s security features leaked user information onto a site SnapchatDB.info.

By: Allie Brogan, Staff Writer

It has slowly become common practice for today’s youth and young adults to monitor what they put online. You are careful of what to post on Twitter, Instagram and Facebook in case it could one day effect your employment, acceptance into a school or position on an athletic team. People hand craft their LinkedIn pages in order to represent themselves in the best light possible for the public to view. However, there is a very young social media platform on the rise where users have become much less cautious: Snapchat, a picture sharing app that is designed to help you share photos and videos for very limited amounts of time.

But why do we all trust this new app so much? Why do we believe we can send photos privately and then they just evaporate into the great abyss? A group of security researchers were not so trusting and completed a study on the security features of the app.

It has now been found that even though Snapchat markets itself as a safer web based application than Instagram and Facebook, its data storing system is not far off what other large internet companies use. Snapchat, in fact, collects and stores the user names and phone numbers of all its users.

This past week, the group of researchers who were examining Snapchat’s security features leaked user information onto a site SnapchatDB.info. They made usernames and numbers of the members of Snapchat available for download, in attempts to get the company’s attention as well as create awareness among users about the breach in the system. The data that was collected came from Snapchat’s servers where user data was stored in plain text. Data should be going through an encrypting process in order to make it difficult for hackers to access information from the site, but it is reported by one researcher that this is not the case.

Once Snapchat acknowledged the research that had taken place this past week they responded, “on New Year’s Eve, an attacker released a database of partially redacted phone numbers and usernames. No other information, including Snaps, was leaked or accessed in these attacks.” They then went on to include, “we don’t display the phone numbers to other users and we don’t support the ability to look up phone numbers based on someone’s username.”

Stroz Friedberg researchers found this to prove true on IOS systems, however they found Snapchat on Androids could allow images to be saved to the phone when unopened. The App would only delete the images after every last one was viewed.

The researchers followed up their study by saying, “it is understandable that tech startups have limited resources but security and privacy should not be a secondary goal. Security matters as much as user experience does.”

Allie Brogan is a Toronto freelance writer with an education in broadcast journalism; with a highlighted interest in business news.

Banner image courtesy of Yutaka Tsutano
Feature image courtesy of William Hook

Show more