Snapchat Photo Leak Exposes Flawed Premise, Security Challenge

Advertisement
By Reuters | Updated: 15 October 2014 09:20 IST
The prospect of tens of thousands of potentially racy Snapchat photos hitting the Internet has driven home a simple fact: the mobile app's core feature - delivering photos and videos that vanish seconds after viewing - is flawed.

The negative publicity surrounding that speculation has spurred criticism about its lax security. But whether this will affect the valuation of the 3-year-old Silicon Valley start-up as it seeks another round of funding remains to be seen.

A range of venture capitalists and tech insiders say they believe it will not, for now. One person close to the company's fundraising efforts who asked not to be named said Snapchat is still expecting a $10 billion valuation in the current funding round, one of the startup industry's richest and the same level being considered by investors before news of the breach surfaced last week.

Advertisement

"Once a company is hot, investors will be keen to continue investing unless the issue seems to be life-threatening," said Anand Sanwal, chief executive of venture capital consultancy CB Insights.

The brouhaha has not yet hurt the popularity of Snapchat among teenagers, partly because no mass publication of leaked photos has materialized. The messaging service remained among the five most-downloaded photo and video apps over the weekend, according to analytics service App Annie.

The issue arose last week when hacker forums claimed unknown parties had created a file holding at least 100,000 stolen Snapchat photos, including many of minors, that could end up being posted online. The anticipated event, dubbed "the snappening," was widely reported, including by Reuters.

While Snapchat said its servers were not breached, it confirmed that rogue third-party apps have been storing its users' pictures. That points to a longer-term challenge for the Los Angeles company: its inability to fully block the external parties it blames for undermining its business.

Advertisement

The snappening
Even before any talk of "the snappening," security experts were faulting Snapchat for what they call a cavalier approach toward privacy, which may have given users a false sense of comfort.

The third-party apps, which allow users to enter their Snapchat password and log-in information, connect to the main service and provide unauthorized features such as image-saving.

Advertisement

Such software can be pernicious since the people whose pictures are stored are often unaware of the privacy breach by the downloaders of the third-party apps.

Snapchat does not allow other apps to interact with its service, but many developers manage to break the rules. The company says it monitors for such "illegal" apps and has succeeded in removing some culprits from Google and Apple app stores.

Advertisement

One website, Snapsaved.com, claimed on Monday on its Facebook page that its servers had been hacked and that intruders had accessed its trove of Snapshot photos.

"Any application that isn't ours but claims to offer Snapchat services violates our Terms of Use and can't be trusted," Snapchat warned in a Tuesday blogpost.

But Snapchat should have been able to detect multiple requests for information originating from external services, or to detect when users were alternately logging on from different apps, cybersecurity experts said.

In addition, Snapchat used very elementary encryption to protect photos and videos on its service, said Chris Wysopal, chief technology officer of Veracode, a firm specializing in testing apps for security vulnerabilities.

Instead of requiring two separate cryptographic keys to access images transmitted across Snapchat, the service relied on a single universal key that unlocked everything, "the bare minimum," he said.

"Someone who knew what they were doing, probably in a few hours could reverse-engineer it, find the key and write a program to decrypt the photos as they go over the network."

In May, Snapchat settled charges with U.S. regulators accusing it of deceiving customers by promising that photos on its service disappeared forever. The U.S. Federal Trade Commission also faulted Snapchat for storing unencrypted videos on users' phones, which could be accessed by connecting the device to a personal computer.

Still, even the best security measures could leave Snapchat playing an unwinnable cat-and-mouse game with hackers.

At a very basic level, Snapchat cannot stop anyone from taking a photo of a photo. Anyone who receives a Snapchat image on the phone can use another camera to capture the screen picture, said Michael Coates, director of product security at Shape Security.

Still, Snapchat may have little to worry in the near term, at least on the valuation front, industry insiders say.

David Cowan, a partner at Bessemer Venture Partners, which has not invested in Snapchat but has backed other consumer startups like dating service Zoosk and online bulletin board Pinterest, said Snapchat has little to worry about.

"These types of breaches will definitely stop people from using Snapchat," Cowan said, "until they have a really cool picture to share."

© Thomson Reuters 2014

 

Get your daily dose of tech news, reviews, and insights, in under 80 characters on Gadgets 360 Turbo. Connect with fellow tech lovers on our Forum. Follow us on X, Facebook, WhatsApp, Threads and Google News for instant updates. Catch all the action on our YouTube channel.

Advertisement

Related Stories

Popular Mobile Brands
  1. Best Mobiles Under Rs. 30,000 in India
  2. Amazon Prime Day 2026: Best Deals on Soundbars From JBL, and More
  3. Amazon Prime Day 2026: Top Deals on 65-inch Smart TVs
  4. Moto Buds 2 Review: How Much Bass Is Too Much Bass?
  1. Boat Stone 900 Launched in India With Up to 80W Sound Output, Up to 15 Hours Audio Playback: Price, Features
  2. Cyberpunk 2077 Has Sold 40 Million Copies, CD Projekt Red Confirms
  3. Nothing Phone 1 Receives Final Software Update With Latest Security Patches, Bug Fixes and Improvements
  4. Nokia 235 4G (2026), 215 4G (2026) Launched Alongside Nokia 210 4G, and 200 4G With AI Assistant Button
  5. Samsung Galaxy S27 Ultra Battery Details Leaked; Could Top iPhone 18 Pro Max's Battery Capacity
  6. OnePlus Ace 7 Series Tipped to Feature 185Hz Display, 9,000mAh Battery
  7. WhatsApp Rolls Out Primary Device Support on iPad, Tests New Setup Screen for Android Tablets: Report
  8. Government Directs App Stores to Remove Malicious Apps Used to Disrupt E-Rickshaw Operations: Report
  9. Sony Reportedly Restructures Disc Factory After Announcing End of Physical Game Discs on PlayStation
  10. Maharashtra Legislature Passes Amendment to Bring Virtual Digital Assets Under Depositor Protection Law
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2026. All rights reserved.