Well that was quick. An hour after Snapchat’s new security update was seeded to the public, it was succinctly hacked in under an hour.
The popular ghost-messaging service has come under fire recently after 4.6 million Snapchat users’ data was disseminated online due to a security vulnerability in Snapchat’s software.
The news is quite a big blow to Snapchat; it doesn’t look too good when a company’s attempt at protecting its users falls flat on its face immediately.
The new security featured touted by Snapchat is called ‘Snap-tcha’. It’s a simple means of distinguishing human users from bots. Users are supposed to identify, through a series of images, Snapchat’s ghost mascot from other similar images.
The logic was that bots wouldn’t be able to identify the ghosts, and therefore, wouldn’t be able to do what bots do: farm for email addresses, phone numbers, and other user data.
However, hacker Steven Hickson has alleged that he’s developed a tool that would easily allow bots to identify ghosts by matching key areas and points that correlate to the shape of the ghost. The fact that the iconic mascot’s shape doesn’t change suggests that the tool would, in theory, be easy to create and implement on a wide scale.
Hickson isn’t the only hacker that has voiced concerns about Snapchat’s insecurity. Graham Smith, a 17 year old app developer and hacker from Texas, has found Snapchat exploits in the past. He says that the problem isn’t just with Snapchat’s software, but with its approach to user security altogether:
“Snapchat is doomed forever as far as security. Even if they fix this once and for all. They have the wrong idea. They don’t work well with outsiders.”
Is this going to stop you from using Snapchat? Do you think it will stop others?