As Snapchat “hack” highlights, promises of privacy and security can be very dangerous

7 Comments

Credit: Dano

In the wake of this week’s apparent hacking of hundreds of thousands of Snapchat images via a third-party service, it’s worth revisiting some fundamentals about the scary business of security and privacy recommendations.

I’ve been paying a fair amount of attention to this scene in recent years, particularly after Edward Snowden’s mass surveillance revelations last year. One thing I keep hoping to do is to write a guide to safer internet usage — but so far, I’ve been too scared to do so. Above all, I’m terrified about giving someone inaccurate or overconfident advice that could get them hurt in some way.

Even something like PGP email encryption — technically speaking, a very secure mechanism — has potentially disastrous pitfalls. Correct usage takes place within strict guidelines that are in many circumstances difficult to follow, so the last thing I’d want to do at this point is to encourage someone who might be non-technical to try using it, certainly if they would be doing so to pass me sensitive information (this may change as smart people evolve the user experience). My correspondent might mess up as they navigate the complex key management process. To be frank, so might I — something I’m sorry to say, but there it is.

(If both parties definitely know what they’re doing, of course, then by all means use PGP. I’m still trying to figure out whether I should implement it for receiving tip-offs — unfortunately email inherently leaks metadata, even with PGP, and even encrypted conversations have to start with an unencrypted first contact.)

Use cases

The closest I’ve come to a how-to guide came earlier this week, when I posted some musings about the smartphone “privacy pouch” – a simple device that’s easy to use, technically speaking, but that could in some cases be misused. As a commenter pointed out to me in slightly over-strenuous terms, someone who knows they’re being actively monitored could be endangered if they use the pouch as infrequently as I suggested in my piece.

I countered that my advice was mainly meant for people who want to strategically drop off the radar every now and again, but that’s a specific use case. It’s true that in certain circumstances — say, someone being pursued by secret police in a nasty regime — you’d want to use the pouch on a near-constant basis (if indeed you’d have a phone on you at all.) Did I say that in my article? No, because I wasn’t exhaustively listing all possible use cases. That’s fair in a way, but I might potentially have been offering dangerous advice to one or two individuals.

Gigaom illustration

Gigaom illustration

The Snowden revelations continue to come, albeit at a slower pace than in 2013, and they’re joined by news of other dangerous vulnerabilities such as Heartbleed (affecting industry-standard web encryption) and Shellshock (affecting many things Unix-based). You and I never know what the next weak link in the internet security chain will turn out to be, and that makes it damn hard to recommend anything with certainty.

That’s not to say we should all give up: It’s better to try use the security and privacy mechanisms that are most likely to work, rather than to use none at all. Use a password manager and two-factor authentication! Encrypt what you can! But it does make the recommendations business a hair-raising one for someone — like myself — who wants the recommendations to be suitable for as wide an audience as possible, including non-technical types.

Snapchat hack

Which brings us back to Snapchat and this week’s apparent hack of a third-party service, which some Snapchat customers had been using to save supposedly self-destructing photos for repeated viewing. According to some reports, this service was quietly filing away copies of the pictures passing through its systems, and then someone else stole that trove. With the promised searchable database yet to appear at the time of writing, there’s still a chance it may all turn out to be an elaborate 4Chan hoax (some of the “proof” pictures that have appeared are old), but the scenario is technically plausible and Snapchat is treating it as a thing that happened.

Also, on Saturday someone who’s maybe the hacker said he’s realised releasing all this stuff would be a bad idea for everyone concerned:

Almost but not quite reassuringly, the writer of that anonymous post claims there is “little to no child pornography in this archive”. It seems others may have that archive too, though.

Going on the assumption that the hack occurred, or even just considering that it could, this both is and isn’t Snapchat’s fault. As the company stressed in response to the incident, its terms and conditions expressly forbid “Snapchatters” from using third-party apps to send or receive the service’s self-destructing messages, and the firm tries to stamp out these apps when it finds them. These apps are impossible to police definitively, due to the ease with which they can be distributed outside of the official [company]Apple[/company] and [company]Google[/company] app stores (arguably more so with Android than iOS), but it seems true that Snapchat is doing almost everything it can to combat the problem.

Snapchat no longer promises its users that their photos will “disappear forever”, but that’s only because the U.S. Federal Trade Commission ordered it to stop doing so five months ago. Its users still know it as that app with the reliably temporary photos, and those that send sexual pictures over Snapchat trust that this mechanism will keep them safe from revenge porn, or the kind of nastiness we’re seeing this week. That level of protection is what the service is for – otherwise people wouldn’t use it. I wouldn’t recommend that they do, at least not with any false sense of security.

Claim caution

Snapchat bears some responsibility if it makes promises it can’t keep, no matter how hard it tries. That makes it somewhat disappointing to see the company try to shift the blame entirely onto those users who secretly saved the snaps they received – even though these users must certainly bear the majority of the blame, Snapchat’s inability to stop them, combined with the image it projects to vulnerable people (its users are largely young, remember), means the company must share some of the blame too.

The fact is, if you face a determined attacker – whether it be someone saving Snapchat images, or someone who knows how to exploit the weaknesses in a service like iCloud, or the NSA, or a stalker in the offline world – you’re in trouble.

That doesn’t mean it’s not worth taking defensive measures, as they can work against less competent or less focused attackers. But it does mean that those promoting defensive measures – whether they be security vendors, or “privacy app” marketers, or journalists like me – had better be extraordinarily careful about what claims they attach to their recommendations.

7 Comments

Anonymous

Snapchat is secure.
A THIRD PARTY APP that GOES AGAINST THEIR TOS is not secure.

Huge difference, and this article is misleading.

David Meyer

Terms of service cannot provide security. If a third-party app could do this, Snapchat is not secure.

Rufo Guerreschi

very nice start. butnif you want to be coherent you should take a look at your posts of the last year and see in how many of those you implicitly or excplicitly supported the validity claims of complete crap or unverifiable stuff. you did a lot of damage. please have the courage to make a new review of those with your newly found wisdom. it’s not too late. lot’s of people that have been reading you could be put on a bit off of the off track they are in

David Meyer

Could you please refer to me to articles in which I “did a lot of damage”? I like to think I stay on the right side of the line between informing people about new products and developments, and recommending that something is safe to use — please let me know where you think I erred in this regard.

AngryDad

>We have to blame the so-called victim when the victim is behaving irresponsibly

The victims are children. Children have poor impulse control because that part of their brain is not fully developed until they reach adulthood.

>these young people know the ins and outs of these devices and services more than the developers

Really? Ask any of these kids to explain elliptical curve cryptography in detail. Then ask the developers. My money is on the developers.

>Sacrificing dignity for fame is something being reinforced on television everyday.

And the same can cost them job opportunities in the future.

>Snapchat cannot and should not be help responsible for that

“It’s the users’ fault. We are just a service!” — Grokster

Snapchat is required to abide by state and federal laws just like everyone else. If they are transmitting child porn, they are on very thin ice if they don’t have any sort of countermeasures to prevent it.

>Celebrities still upload nude pics of themselves (with faces exposed) and we are to blame the cloud service?

The cloud backup of photos is on by default. Celebs are not any better at tech than the general population. It’s a pretty reasonable assumption that these celebs did not know/understand that their photos were being uploaded to ‘the cloud’ in such a manner.

Furthermore, the iCloud backups were available to hackers thanks to law enforcement back doors. If you leave a door open for law enforcement, you’ve left it open for everyone. Apple had been notified before the hack that unlimited password attempts were being allowed and did nothing.

Frankly, it doesn’t matter how good your password is, if I can try to crack it forever, I’ll eventually get it right. Apple is a master of spinning the press, so they escaped public blame pretty easily. That does not mean they are blameless in the scandal.

The H.E.A.T. Exchange

“Quickly take a photo of the screen with another camera – boom, there goes your privacy mechanism.” This point you made is why I agree with you that Snapchat is partly to blame if such a hack occurred.

I disagree with the idea of the ultimate weapon would be for sites like Snapchat to not exist. Think about it. If people used Snapchat to take pics of their pets or scenery, would this article even be necessary?

No. The ultimate weapon would be the first line of defense: the user snapping the photo. We have to blame the so-called victim when the victim is behaving irresponsibly.

You say that Snapchatters are young, but these young people know the ins and outs of these devices and services more than the developers sometimes. I mean, youth does not directly correlate to techno-ignorance.

Young people have a thirst for fame, popularity, and recognition that should’ve been nipped in the bud (Barney Fife’s favorite phrase from the Andy Griffith show) by their parents. Sacrificing dignity for fame is something being reinforced on television everyday.

Snapchat is simply a tool, like any other service. Snap a dog or snap your ass. Snapchat cannot and should not be help responsible for that, even if claims of privacy protection falls short of the promise.

Think about it. Celebrities are being chased by the paparazzi all the time. Celebrities still upload nude pics of themselves (with faces exposed) and we are to blame the cloud service?

We need to hold the so-called victims fully accountable for their actions if we are to see real Internet security.

AngryDad

While I appreciate the effort to instruct the readership on how to defend their online communications, we really should consider Snapchat’s target audience. 70% young females according to the CEO. Doesn’t this article offer advice to teen girls on how to take defensive measures when sending nude selfies and other sexualized imagery of themselves? I suspect most of the ‘boys’ on snapchat are, in fact, old perverts there looking for a naughty peek.

I had hoped that Snapchat was an NSA/FBI honeypot operation on a grand scale. However, given the size of this leak, it seems to be just one giant child porn distribution network run by a bunch of frat boys.

How is it that this company, valued at $10 billion dollars, is not required to do more to prevent the distribution of extremely illegal images? They can’t claim they don’t have the means or opportunity to do so.

Comments are closed.