Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Five Alternatives To Snapchat

timothy posted about 10 months ago | from the quantum-tin-can dept.

Privacy 94

Nerval's Lobster writes "Snapchat isn't having the best 2014: less than a week after a cyber-security collective revealed an exploit that could allow hackers to swipe users' personal data from the messaging service, a couple hackers reportedly went right ahead and stole 4.6 million usernames and phone numbers, posting them as a downloadable database. It's easy to see why Snapchat's become so popular: the idea of messages that vaporize within a few seconds of opening holds a lot of appeal to not only the excessively paranoid, but also anyone who simply wants to keep their online footprint to a minimum. But as several security experts are pointing out, the idea of 'disappearing messages' was never a foolproof one. 'If you took a photo of your phone while the risky image was on screen, or took a screenshot, or dumped your phone's graphics RAM, or used basic forensic data recovery techniques to retrieve the "deleted" files after viewing them, or fetched the image through a session-logging web proxy,' Phil Ducklin wrote in a Jan. 1 posting on the Naked Security Website, 'then you'd quickly have realised that Snapchat's promises of "disappearing images" were fanciful.' For those who no longer trust Snapchat, but want that same vaporizing-message functionality, some alternatives exist, including Silent Circle (which offers a messaging app, for a subscription fee, that forces messages to self-destruct after a set period of time) and Wickr (features military-grade encryption — AES256, ECDH521, RSA4096, TLS — and the app-builders claim they don't have the keys to decrypt; messages vaporize after a set time)."

Sorry! There are no comments related to the filter you selected.

I wonder if this will affect their valuation (4, Funny)

QilessQi (2044624) | about 10 months ago | (#45846637)

Perhaps they should have taken the $3B offer from Facebook (or the alleged $4B from Google) when they had the chance. Especially since people have endless opportunities to abandon services like Snapchat for the Next Cool Thing anyway.

 

Re:I wonder if this will affect their valuation (0)

Anonymous Coward | about 10 months ago | (#45846721)

Nuke Australia

Re:I wonder if this will affect their valuation (0)

Anonymous Coward | about 10 months ago | (#45846791)

It wasnt Google, it was a company in China that valued them at 4 billion. But yea . . . that 3-4 bil is looking pretty good.

Re:I wonder if this will affect their valuation (0)

Billly Gates (198444) | about 10 months ago | (#45847141)

It wasnt Google, it was a company in China that valued them at 4 billion. But yea . . . that 3-4 bil is looking pretty good.

Valuation based on what?

They produce no money. The valuation is 0.

Ever watch SharkTank? Mark Cuban and others shoot down anyone who says I am valued at X, when they produce Y results in a year. Maybe, just maybe they can gain more if they can show they have increased exponential revenue by each quarter but that is pushing it. This company takes in more money then it generates and it is just speculation and gambling.

The financial mathematics makes no sense.

Re:I wonder if this will affect their valuation (0)

Anonymous Coward | about 10 months ago | (#45847355)

It doesn't have to make sense. If somebody offers me $3Bn for something and I take it then I have $3Bn, regardless of the true worth of my Widgetizer.

Re:I wonder if this will affect their valuation (1)

Kelbear (870538) | about 10 months ago | (#45847567)

I've audited valuation reports for used for the acquisitions of tech start-ups on behalf of a few companies. They're typically huge documents 100-200 pages long looking at historical trends, economic factors, strategy & expectations, market comparables, user base, tangle and intangible assets, if applicable, DCFs and the variables factored into that calc, revenue and opex trends/forecasting, evaluation of prior year forecasts vs. actuals. etc. etc. Lots of stuff.

But when it comes down to it, all of the calculations that really swing the valuations are all based on assumptions and judgementally selected variables. I can't prove they're doing it, but it's simple for these valuation consultants to just pick out a number and then just tweak assumptions and valuations until the calculations land on the number they wanted.

It's such a judgemental subject that the auditors can rarely call them out for having blown the valuation unless they're basing the calculations on things that are plainly and factually wrong, the assumptions need to be wildly outlandish to be seriously fought over by auditors, because the auditors argument would also have to be based on assumptions the auditors have chosen. It'd be an argument based on subjective opinion and since the auditors are being paid by the company they're auditing, the auditors only want to push on subjective matters when it's so outrageous the risk of a lawsuit outweighs the benefit of collecting audit fees from that company.

Re:I wonder if this will affect their valuation (0)

Anonymous Coward | about 10 months ago | (#45847737)

... are all based on assumptions and judgementally selected variables

Exactly.

This is why investors like Mark Cuban wont care if you find the cure for cancer. If you generate x amount in 1 year that is your worth. No more and no less. Yes it could someday be worth more that is not math.

I am rather simple in my opinion. You make money or you do not and that should be your only valuation. You might make it big but the big but is that is an angel investor who is gambling. Not a real investor who only looks at profit.

Anyway I understand people want to show how big their ego is by having a the biggest house, yatch, and 0's in their bank account. But these kids never struggled and have no idea what is will be like if this fails and they have to work at Walmart or move back in with their parents when they have a major medical emergency etc.

I would have sold 90% of my shares so I can still make some more if it takes off and invent something else with the extra cash if it doesn't.

Re:I wonder if this will affect their valuation (0)

Anonymous Coward | about 10 months ago | (#45847605)

Same AC

Calm your tits. I didn't say i agreed with it, just repeated what was reported . . . I would assume their value would be calculated the same way FB's was pre going public, the potential ad revenue they could bring in.

Re:I wonder if this will affect their valuation (0)

Anonymous Coward | about 10 months ago | (#45847619)

>They produce no money. The valuation is 0.

So what that they don't produce money yet? They have the POTENTIAL to produce money based on their large user base.

You are an idiot if you say they are valued at $0. They have at least 4.6 million users as per the leak. Let's say there are 2-3x that overall, and that only 10% are active. That's still like 1.5 million users. If they start to make money from ads & small in-app purchases, even $1/month per user would be almost $20 million/year.

Are we just making shit up here? Of course. But it's to show that it's easy to show there is a potential value because they already have the hard part- the customer base. Should they have taken $3-4 billion in my opinion? Hell yes.

But the point is: if you think they are really valued at $0, would you not pay $1 for them? How about $2? How about $3? Get it? It has a value. Just because you can't think of what to do with the company or disagree with what others project doesn't mean it's valueless.

Re:I wonder if this will affect their valuation (0)

Anonymous Coward | about 10 months ago | (#45854519)

I have to agree.

Take the money, then move onto the next project.

With that kind of money behind you pretty much any project you want to attempt would be possible.

Re:Greed knows no bounds (1)

Billly Gates (198444) | about 10 months ago | (#45847057)

Maybe because I am struggling paying student loans and keeping expenses down like 60% of Americans, but if I were offered $1,000,000,000 for a company that makes more no money I would fucking take it!

If my other 2 partners got greedy and think they are the next Bill Gates and deserve to the be the top richest people for providing no value then I would have sold my share to Zuckerberg and told the other 2 partners to bite me or pay me the $1,000,000,000 themselves!

I mean come on what is so freaking innovative about a chat client written in java that can be done by any freshmen level CS student with pics that vanish after a timer?! ... and if I were retarded enough to be an investor you bet your ass I would sue the hell out of all of the partners for $3,000,000,000 or try to recoup my money back. They did not have the shareholder interests at heart either.

Re:Greed knows no bounds (1)

wvmarle (1070040) | about 10 months ago | (#45847169)

It has nothing to do with how innovative the product is - even though it did bring something that no other apps did at the time, what matters is that it had many users. That's all that counts.

Re:Greed knows no bounds (1)

Billly Gates (198444) | about 10 months ago | (#45847239)

It has nothing to do with how innovative the product is - even though it did bring something that no other apps did at the time, what matters is that it had many users. That's all that counts.

Well call me old fashioned, but what matters to me is money. It is a corporation after all.

Users do not mean jack if it does not bring in money. So yes these guys were idiots and blinded by greed and did the shareholders (assuming they had outside investors and help) not only a disservice but broke the law by not selling.

So if I were one of the 3 partners I would have sold out and pains like the security issue show its age. It is new and doesn't have an IT department more than a few people. It also shows how naive they are in the fact that there are many SQL and No-SQL databases to use that are mature, tested, have huge apis, and most importantly get regular security updates.

Perhaps I am bitter I was not offered billions so do not discard that part :-)

Re:Greed knows no bounds (1)

QilessQi (2044624) | about 10 months ago | (#45848135)

Yes. The value of Snapchat isn't the app itself -- the app and its server-side infrastructure could be replicated in a matter of weeks by Facebook engineers. The value of Snapchat was and is entirely its current user base. If you're Facebook and you can suddenly acquire millions of non-Facebook users (or tether existing users more tightly to Facebook) then you have millions of more opportunities to sell ads, and to sell user metadata to whoever.

But once the bubble pops and the users go elsewhere, Snapchat goes the way of... um... well, any company I can't remember the name of because they've gone the way that Snapchat will go. If you know what I mean.
 

Re:Greed knows no bounds (0)

Anonymous Coward | about 10 months ago | (#45850371)

Here, have a good example [wikipedia.org] .

At its height in January 1997, News Corporation made an offer of $450 million to purchase the company

[several failed attempts to sell skipped]

Instead, they sold out for about $7 million in May 1999 to Launchpad Technologies, Inc., a San Diego company founded and backed by Idealab, and the PointCast network was shut down the next year.

Re:Greed knows no bounds (0)

Anonymous Coward | about 10 months ago | (#45847925)

If my other 2 partners got greedy and think they are the next Bill Gates and deserve to the be the top richest people for providing no value then I would have sold my share to Zuckerberg and told the other 2 partners to bite me or pay me the $1,000,000,000 themselves!

It's not publicly traded. Private corporations can and do have rules about selling out. Often times the other owners must agree to any sale. Would you want to risk getting into a business venture and suddenly discover your partner is now Zuckerberg?

Re:I wonder if this will affect their valuation (0)

Anonymous Coward | about 10 months ago | (#45847129)

I'm too lazy to look it up on the internet. What the fuck is Snapchat and why should I care?

Re:I wonder if this will affect their valuation (0)

Anonymous Coward | about 10 months ago | (#45848127)

some company that turned down a buy out offer from facebook for $3billion a few months ago because they thought they could get even more, and now the founders are really wishing they had taken that offer because they just found out they are worth absolutely nothing.

that is pretty much all you need to know.

Re:I wonder if this will affect their valuation (0)

Anonymous Coward | about 10 months ago | (#45851083)

I'm too lazy to look it up on the internet. What the fuck is Snapchat and why should I care?

It's a "sexting" service for idiot teenagers. Basically you upload your naked pictures/video, when the person you sent it to "opens" it, it starts a timer and purges the data from the servers 10 minutes later.

Now the immediate reaction from most people with a working brain is "Well can't the person who looks at it just take a screen shot or something like that, making the entire thing completely useless?" Yes... yes it does.

how insightful (0)

Anonymous Coward | about 10 months ago | (#45858329)

Yes, it is used exclusively by 4.6 million teenagers who all have no understanding of a mobile phone's screen capture capability and only communicate with nude images of themselves.

Re:I wonder if this will affect their valuation (0)

Anonymous Coward | about 10 months ago | (#45847443)

Yeah, I came here to say that they can't be valued at more than $2 billion after all that bad news.

What about... pgp/gpg? (1)

mlts (1038732) | about 10 months ago | (#45846653)

What about using PGP/gpg, setting up a web of trust, sending the encrypted data via whatever messaging protocol one wants, and not depending on someone else's word that they will destroy data on an expiration date?

Yes, having a promise that a photo will go poof is nice, but this assumes that the client-side DRM is working, and this may not be the case... so might as well just give up pretenses and use something time tested.

Yes, web of trusts take some time to build, but it is more secure than trusting a third party to do all the work.

Re:What about... pgp/gpg? (2)

N1AK (864906) | about 10 months ago | (#45846713)

All well and good, however from what I've seen so far 99.9% of the issue with things on snap chat being shared beyond the senders intent are where the recipient saves a copy. If you present the data to a user un-encoded at any point, barring you being able to restrict the device they are using (and even then if they have a camera), then they will still be able to do that.

Ok, I'll bite... (0)

Anonymous Coward | about 10 months ago | (#45846661)

...tell me how they stop you taking a photo of the screen when the message is on it...

Re:Ok, I'll bite... (1)

Anonymous Coward | about 10 months ago | (#45846723)

Read the summary before posting and you will know that they don't try to stop that. They don't even stop screenshots directly from the device (although on many phones they will notify the sender that such a screenshot was taken). SnatchChat's Raison d'être (I am sure /. will make that look stupid because they don't handle unicode - it meant "reason for existence) is sexting. It is for the Anthony Weiner's of the world. Folks that either don't care that there are ways around the auto destruction of the photo or aren't bright enough to figure it out.

Re:Ok, I'll bite... (0)

Anonymous Coward | about 10 months ago | (#45846865)

They don't but the sender gets a notice they the receiver took a screenshot.

Re:Ok, I'll bite... (1)

cayenne8 (626475) | about 10 months ago | (#45848173)

How about...not sending pics out on the internet or over phone lines/cell towers, that you'd not want the majority of people to see??

How hard is that? When did people lose common sense???

If you value your privacy at all...don't join up to FB and other "social networks". And if you actually MUST join them...don't share personal shit you don't want getting out to the general public. It is a simple litmus test...

Fundamentally Impossible (1)

Anonymous Coward | about 10 months ago | (#45846671)

And what if I take a picture of my phone while the image is displayed? You have to face the truth: Self-destructing messages are a type of DRM, which can always be defeated.

It's best to use encrypting free and open source software, and only send data to friends whom you can trust to disable logging. OTR messaging does this, and has many FOSS implementations. The proprietary programs from TFA can't guarantee security, because the source code can't be examined.

vaporize? (2)

trybywrench (584843) | about 10 months ago | (#45846675)

So does your phone steadily run out of RAM as the chips are incinerated? ...I didn't know the batteries were that powerful either, I'm so far behind the times.

I can't see much use for them.. (3, Funny)

3.5 stripes (578410) | about 10 months ago | (#45846677)

then again, I don't have a body that too many people are interested in seeing in a state of undress, or a burning desire to show it to other people.

Re:I can't see much use for them.. (1)

K. S. Kyosuke (729550) | about 10 months ago | (#45846773)

Well, you can always cause yourself some interesting lesions and then admit yourself to a teaching hospital.

Re:I can't see much use for them.. (1)

3.5 stripes (578410) | about 10 months ago | (#45846843)

I'd imagine that if the lesions were that interesting, they'd prefer hi-res images that they could use as reference for future students...

Re:I can't see much use for them.. (1)

sunderland56 (621843) | about 10 months ago | (#45849317)

then again, I don't have a body that too many people are interested in seeing in a state of undress

Neither did Anthony Weiner. Didn't stop him.

Facebook (0)

Anonymous Coward | about 10 months ago | (#45846689)

Bet turning down $3B from Facebook is looking pretty arrogant and stupid now

Sorry, correction . . . (1)

Kimomaru (2579489) | about 10 months ago | (#45846719)

Let's be fair, an "excessively paranoid" person wouldn't trust a free service, they'd roll their own. Second, honestly, why on earth would anyone think that any free service is unexploitable? What example do we have of a free service that's been reliable in terms of privacy and security? Maybe I'm wrong, but I can't think of one.

Re:Sorry, correction . . . (0)

Anonymous Coward | about 10 months ago | (#45846939)

http://www.speaking-clock.com/

Re:Sorry, correction . . . (0)

Anonymous Coward | about 10 months ago | (#45847541)

They could be excessively paranoid and also excessively stupid.

Re:Sorry, correction . . . (1)

Minupla (62455) | about 10 months ago | (#45848401)

Truecrypt.

Paying for something is not an implicit guarantee of quality. In point of fact we use Wickr at home for casual level messaging. Why? The guys behind it are known in the infosec community and therefore have a reputational stake in not doing dumb things. Additionally it has survived an audit by forensics professionals where snapchat failed:

http://www.youtube.com/watch?v=LwW9g_SQn9Y [youtube.com]

Min

Re:Sorry, correction . . . (1)

Kimomaru (2579489) | about 10 months ago | (#45848473)

Well, no, we're not talking about paying for something, we're talking about using a free service. Both may be innadequate.

Re:Sorry, correction . . . (1)

kenshin33 (1694322) | about 10 months ago | (#45848833)

if by free you mean "free and open source", they're not "unexploitable". The only thing that is IMHO guarateed is the chances for a quick fix in the case of an exploit are higher!

Re:Sorry, correction . . . (1)

Kimomaru (2579489) | about 10 months ago | (#45849127)

No, I mean "free" as in "you didn't pay anything, so what do you expect?"

Re:Sorry, correction . . . (1)

kenshin33 (1694322) | about 10 months ago | (#45851535)

oh, well, free has nothing to do with it.
But I see and agree with what you're saying!

Re:Sorry, correction . . . (1)

Kimomaru (2579489) | about 10 months ago | (#45852259)

Ok, so I must disagree. When you don't pay for something, the person giving it to you doesn't have much of an obligation or incentive. That isn't to say that people who get paid directly for a service will do it properly, but if you don't pay for a service directly and your information is being used to support the system financially through ads, then the relationship between your information and its monetization is what's important. It's baffling that someone would look at the exploits and breaches on so many of these "free" sites that happened in 2013 and be appalled that their information wasn't being secured properly.

PC equivalent? (1)

Tridus (79566) | about 10 months ago | (#45846803)

Is there a good PC version of any of these? It seems odd that they're phone-only, messaging on the computer is still very much a thing.

Re:PC equivalent? (0)

Anonymous Coward | about 10 months ago | (#45846959)

Given that all the tools to defeat this kind of service are exponetially more available on the PC, I doubt it.

If there is, it wouldn't last long at all.

Re:PC equivalent? (1)

CastrTroy (595695) | about 10 months ago | (#45847095)

Any PC version would be easily susceptible to the print screen button. At least on Android (earlier versions anyway, not sure about new ones) they made it extremely difficult to get a screenshot, even if the phone was rooted. I can understand why they wouldn't want apps collecting screenshots, but as a general system function, I can't see how it's survived so long without being there.

Re:PC equivalent? (1)

kenshin33 (1694322) | about 10 months ago | (#45848877)

on android, as far as I can remember (but I've never used official images, cyanogenmod or equivalent), vol- / power was the combination to take a screen shot

Re:PC equivalent? (2)

deconfliction (3458895) | about 10 months ago | (#45848555)

Is there a good PC version of any of these? It seems odd that they're phone-only, messaging on the computer is still very much a thing.

People who are advanced enough to use a keyboard interface to a computing device are smart enough to know the entire premise for the product is a fraud.

DRM (2)

flyingfsck (986395) | about 10 months ago | (#45846827)

Snapchat and it's ilk is a kind of DRM. As such it will never really work.

Re:DRM (0)

Anonymous Coward | about 10 months ago | (#45847579)

Exactly. It's physically impossible to prevent someone from accessing data while allowing them to access it. You can't build a computer that allows you to view a file without copying it. As such, any attempt at self-destructing messages is really an attempt to write a computer virus that hides the data from the user well enough that they can't find it before time runs out. The whole thing is a silly novelty, really. If you don't trust the person you're sending your message to, then you shouldn't be giving them that data.

Re:DRM (1)

kenshin33 (1694322) | about 10 months ago | (#45848949)

on the other hand of the person trust the person you're sending the image to, you can assume safely that they wont keep it. By that an ecrypted *insert any trasport medium* would be enough as you know for a fact (since the receiving party is a trusted one) the pic/msg will be deleted!
services like snapchat will just induce false sense of security (for those who don't understant what you said), and eliminate the only requirement needed which is trust in the persone receiving the data!

I can take a picture of my phone (0)

Anonymous Coward | about 10 months ago | (#45846845)

No amount of security is going to prevent that from happening. If you send someone a photo, prepare for it to be stored somewhere, no matter how you send it.

Fail the same way, once more (0)

Anonymous Coward | about 10 months ago | (#45846903)

None of the five alternatives provide client source. "Trust us, we're secure".
Makes me wonder if that last one uses military-grade encryption to hash timestamps.

I can think of one alternative. (1)

ciderbrew (1860166) | about 10 months ago | (#45846923)

Don't take or post pictures you don't want to be seen by others.
It would be nice to beat people who bring cameras or take out their phone on a Stag do.

Re:I can think of one alternative. (0)

Anonymous Coward | about 10 months ago | (#45847087)

But you're not addressing the issue.

The issue is wanting to share a file with a limited group of users for a defined time period.

Yes, as you've deduced, not sharing or creating the file in the first place is a rock sure way to keep control of the (non-exisitant?) file... though I would advise against following through with your second suggestion unless you enjoy breaking the law.

5 alternatives to Slashdot? :-O (1)

hodet (620484) | about 10 months ago | (#45847007)

Woops I read that wrong.

Oh, no! (1, Funny)

Lisandro (799651) | about 10 months ago | (#45847019)

Not Snapchat!

"Military-Grade" Encryption (2, Informative)

Anonymous Coward | about 10 months ago | (#45847043)

Please stop saying this, it just sounds stupid.

Re:"Military-Grade" Encryption (1)

Em Adespoton (792954) | about 10 months ago | (#45849467)

Please stop saying this, it just sounds stupid.

Especially when you think of FIPS... the Military uses it. Therefore Dual_EC_DRBG can be part of Military-Grade encryption.

#6 - dont use it (1)

Gothmolly (148874) | about 10 months ago | (#45847065)

Or don't use it. Are you better off with or without it?

Disappearing data can't work (3, Insightful)

swillden (191260) | about 10 months ago | (#45847119)

The summary presents Silent Circle's subscription service as an alternative that accomplishes what Snapchat doesn't, but that's crap. Nearly all of the listed ways of preserving Snapchat messages will work with Silent Circle... and anything else that tries to do the same thing. Oh, I have no doubt that the Silent Circle app is a lot better at protecting your data in transit, and I'm sure it reduces message access to key access, so once you can verify that the keys are gone, the contents are effectively gone, but those keys are still vulnerable to all sorts of device hacks. They have to be.

I have hopes that in the future we may be able to embed secure key management hardware in devices, which will make this kind of stuff a lot harder to defeat, but ultimately nothing will ever be able to make sure that digital data actually goes away. DRM -- which is what this is, just in a slightly different form and for a different purpose -- doesn't work, and can never work, not in an absolute sense.

This isn't to say that Snapchat's disappearing messages aren't good enough for many purposes, and that Silent Circle's implementation isn't adequate for even more (assuming the people you want to talk to also have it), but anyone who thinks that they can send digital photos of their genitals to their friends, confident that only the recipient will ever see them, is simply mistaken. And anyone who wants to use ephemeral messaging for any more important purpose is a fool.

Re:Disappearing data can't work (1)

mrchaotica (681592) | about 10 months ago | (#45847391)

I have hopes that in the future we may be able to embed secure key management hardware in devices, which will make this kind of stuff a lot harder to defeat, but ultimately nothing will ever be able to make sure that digital data actually goes away. DRM -- which is what this is, just in a slightly different form and for a different purpose -- doesn't work, and can never work, not in an absolute sense.

Given the latter, why have hope for the former?

Re:Disappearing data can't work (2)

swillden (191260) | about 10 months ago | (#45847887)

I have hopes that in the future we may be able to embed secure key management hardware in devices, which will make this kind of stuff a lot harder to defeat, but ultimately nothing will ever be able to make sure that digital data actually goes away. DRM -- which is what this is, just in a slightly different form and for a different purpose -- doesn't work, and can never work, not in an absolute sense.

Given the latter, why have hope for the former?

Because "can't work in an absolute sense" isn't the same as "isn't useful". And having stronger key management will extend the range of utility by reducing the avenues of attack and increasing the scope of threat models under which it's secure.

Of course, this still leaves open the problem of how to get people to understand the practical limits of the technology.

Re:Disappearing data can't work (1)

kenshin33 (1694322) | about 10 months ago | (#45849147)

local vs global : ex (may be not usefull bu illustrate the concept) a mobius (http://en.wikipedia.org/wiki/M%C3%B6bius_strip) strip is locally orientable (take any open peice of it, and it has an orientation), but not globally (the whole surface can not have an orientation).

silent circle encrypts the messages on the device, (0)

Anonymous Coward | about 10 months ago | (#45851511)

silent circle encrypts the messages on the device, the keys are not vulnerable to this attacks you mention because they require user passphrase to unlock the decryption key. Silent Circle is real crypto designed by people who know crypto.

Re:silent circle encrypts the messages on the devi (1)

swillden (191260) | about 10 months ago | (#45852133)

Go back and read the list of attacks against Snapchat. Silent Circle is still subject to screen shot attacks, device malware attacks, device graphics RAM dumping attacks, etc. It probably isn't subject to retrieval of deleted messages, and really shouldn't be subject to grabbing of messages through a session-logging proxy. But that's my point... though it's vulnerable to fewer attacks because, it's still vulnerable.

BTW, I'm a guy who builds systems with real crypto, and who knows real crypto. I respect the Silent Circle authors, and have every reason to believe they're doing the best job that can be done. But the best job that can be done is far from perfect due to other limitations.

the app-builders claim they don't have the keys... (2)

fustakrakich (1673220) | about 10 months ago | (#45847125)

Yeah yeah, pull the other one. A quick national security letter telling them to log everything will take care of that issue, and who's gonna know? We will never have privacy. The only solution is to make sure the authorities don't have any either.

WICKR! (1)

grub (11606) | about 10 months ago | (#45847271)


Wickr [mywickr.com] works amazingly well.

Taking a picture of your phone (3, Insightful)

kruach aum (1934852) | about 10 months ago | (#45847325)

None of the alternatives, no matter how technologically sophisticated (within the bounds of current smartphone technology) can protect against a picture of the screen being taken with a second device.

Re:Taking a picture of your phone (1)

deconfliction (3458895) | about 10 months ago | (#45848631)

Or a good artist with a decent memory creating a realistic rendition with oil on canvas, pencil on paper, or perhaps even a grid of castles in the sand. I'm beginning to think Snapchat is a Psy-Op by the CIA to convince people like me that the rest of the population really is so stupid they deserve to be treated as pets of the state. It's like that first episode of the first (or fifth?) season of 'The Wire' where they convince the low level criminal that a xerox machine is a lie detector to provoke a confession. Snapchat is the cop's new xerox machine.

Re:Taking a picture of your phone (2)

Kjella (173770) | about 10 months ago | (#45848781)

Exactly, it's still trivially easy but it's more about intent and premeditation. It's more like the logic of a cooldown period for gun purchase, you shouldn't be able to go directly from getting fired down to the gun store, buy a gun and go postal. Same way you can't go nuts with SnapChat pictures you never saved and if you did it proves you planned to keep those pictures against your partner's will and you went to great lengths to be deceptive about it - there is really no other reason to avoid the standard screenshot which will notify the sender. So many will be unable to leak the photos, the rest will be punished harder because they've prepared to share the photos.

Also, people are lazy. If I want to send someone a photo and delete it after they've seen it (in case the phone gets lost, stolen, hacked, sold, whatever) I have to rely on the recipient to actively do it. I'm sure you all know 90%+ never change their defaults. SnapChat flips that default around, unless the recipient has done something very particular in order to keep it the default is that it will be deleted. It's a pretty big friendly hint that hey look at this it's cool, but you don't want Facebook to have a huge dossier on you. When it comes to social media you really should compare it to the alternatives...

Snapchat is FAKE in every possible way (0)

Anonymous Coward | about 10 months ago | (#45847369)

-Snapchat keeps complete records of ALL user activity.
-Snapchat specifically does NOT employ (real) end-point encryption so customers' communications are not secure in any absolute sense
-Snapchat 'communications' can easily be archived for all time by the recipient through the trivial means of a camera, let alone by the myriad of circumventing 'hacks' possible at the recipients end.

Snapchat sells a lie. This does not mean that there are not informed users using the service for fun and convenience, but Snapchat sets out to push another clear NSA agenda- implying to the sheeple that using corporate, heavily compromised services is a 'safe' way to communicate.

The NSA desires that ordinary people are highly groomed in their technology habits to prefer those methods most beneficial to the NSA. Much of this is laying down the future, and has NOTHING to do with any form of specific target today.

Instant Messaging was the very worst example of this. EVERY IM service passed every text message through their central servers, rather than using the far more logical direct user-to-user connection once the 'match-making' had been set-up. And the reason for this was every IM service was, in reality, an intelligence operation, specifically designed to capture the text-communications of millions of Humans.

Snapchat is a different flavour of NSA operation. Snapchat is about gathering compromising information created when people let their guard down. The common use for such 'intelligence' is when a person in an 'important' position is 'invited' to have a private 'chat' with a representative of their government they have never met before. The 'chat' is designed to point out that the victim stands at a crossroads. Path one offers every possibility of a rosy future. Path two is all about how easy it is to stumble and fall, all because of how damaging the revelations of past indiscretions can be to the career prospects of a 'fine' 'upstanding' citizen.

Remember, in the USA politicians can be anything BUT atheists. The demonstrates nicely that in the USA, your apparent form in the eyes of the sheeple could not matter more. When Obama was following his lord and master, Tony Blair, and preparing to hit Syria with the largest air attack seen in Human History, do you think Obama had ANY problem persuading the lesser scum that help authorise such Crimes against Humanity that they were going to vote in favour of the holocaust? Obama only failed because fellow big hitters, far too powerful to fall prey to such blackmail methods, were freaked out by the amount of anti-war sentiment detected by full surveillance NSA programs, despite the saturation of anti-Syria propaganda on the zionist controlled mainstream media outlets in the West.

But if fellow high-ranking elites had NOT been against the holocaust of Syria, Obama would have gained the votes of just about everybody in the two houses (frequently using 'Snapchat' like intelligence as coercion), and millions of Syrians would be now dead.

Misunderstanding the Point of Snapchat (5, Informative)

ASpotySpot (3459659) | about 10 months ago | (#45847667)

As a fairly heavy user of snapchat I see all these comments about it failing due to poor security just plain wrong. Almost no-one uses it for the security. Its about the lack of cost if the picture is 'wrong' or poor. Sending selife's or pictures of what's happening in your day is a nice way to keep in touch with someone. It feels more personal than text or voice and is much easier to do. Who cares if its a bad picture or a little boring, its gone in 10 seconds. Maybe some have a usecase for high security (nude pictures etc) but that isn't the largest market, or at least in my experience.

Re:Misunderstanding the Point of Snapchat (0)

Anonymous Coward | about 10 months ago | (#45848195)

You are not hanging out with the right friends!

Re:Misunderstanding the Point of Snapchat (0)

Anonymous Coward | about 10 months ago | (#45848297)

I can't agree more. I am a 30 something year old and I use it more than I ever thought. I downloaded it at first to see what the latest buzz was with all my younger skateboarding friends. It turns out, I have never once recieved a nude snap - just different skate board spots or tricks or random funny stuff. It's all about not having to take a crappy photo, then send it to your friend, finally, having to delete it off your phone cause it's a picture of your food you made.

Re:Misunderstanding the Point of Snapchat (0)

Anonymous Coward | about 10 months ago | (#45848387)

So what you're saying is there just needs to be an option to send and delete a photo instead of just send and this can be baked right into the OS for any phone?

Knock my blackberry all you want, but I can accomplish this same thing using BBM and pressing delete after I send; no extra app required.

Re:Misunderstanding the Point of Snapchat (1)

ShoulderOfOrion (646118) | about 10 months ago | (#45853915)

You're asking a lot from a High Schooler.

Re:Misunderstanding the Point of Snapchat (1)

Darinbob (1142669) | about 10 months ago | (#45851577)

But if you are not in high school then how do you manage to find a second person you know who is using snapchat?

Has anyone else? (0)

Anonymous Coward | about 10 months ago | (#45847719)

has anyone else thought that the Snapchat db breach may have been done at the behest of a company that wanted to buy Snapchat but was rebuffed? Disclaimer- not talking about any specific company; we all know all kinds of deals between players unseen to us are always being floated . Just wondering if this breach isn't somehow strategic to some company. "Let us buy you at this strike price or we'll trash your valuation " is not something anyone would ever SAY to anyone but it MIGHT be the take away lesson other companies watching it all go down could learn.

./ supports DRM now? (0)

Anonymous Coward | about 10 months ago | (#45847735)

Self-destructing content -- isn't that what we have always rallied against? Gladly, as you mention, it can't possibly work.

And how are the alternatives any more secure? (1)

wonkey_monkey (2592601) | about 10 months ago | (#45848145)

you'd quickly have realised that Snapchat's promises of "disappearing images" were fanciful.' For those who no longer trust Snapchat, but want that same vaporizing-message functionality, some alternatives exist

Great. And how do those alternatives stop any of the work-arounds mentioned in the summary?

Or did you mean "alternatives which are just as bad"?

Snapchat (1)

nospam007 (722110) | about 10 months ago | (#45849515)

Security is like a 2 inch steel door with an unbreakable lock.

I know that a plasma thingie would cut right through it, but I lock my frontdoor nonetheless and I sleep well.

Security has to be just good enough. It will never be perfect.

Re:Snapchat (0)

Anonymous Coward | about 10 months ago | (#45850905)

Security is like a 2 inch steel door with an unbreakable lock.

I know that a plasma thingie would cut right through it, but I lock my frontdoor nonetheless and I sleep well.

Security has to be just good enough. It will never be perfect.

In this analogy, Snapchat is like leaving your valuables out on the front porch with a sign that says "Deer Snapchat cliant, chek out my kool valubles. do not steel these valubles plz. kkthxbai".

Damned missing options! (1)

PPH (736903) | about 10 months ago | (#45849879)

How about:

6) None of the above.

Re:Damned missing options! (1)

quenda (644621) | about 10 months ago | (#45854501)

7) Go back to flashing random strangers in the local park.

IRC (0)

Anonymous Coward | about 10 months ago | (#45850203)

IRC on your own network.

Video/Music Streaming (1)

DarthVain (724186) | about 10 months ago | (#45850301)

The same promises were made for Video/Music streaming. In that it is off site, and supposedly used as DRM. However it is bs. There are certain clever ways to go about it. However Once you have it on your machine, you can do all sorts of stuff to it to then save it as something else. This has been done time and again.

Most people probably wouldn't know how to do it, even with snap chat. But all it takes is someone to build a application that does it for you, then you can just use that.

Taking a screen shot of your device for example while using snap chat would seem to be the easiest and most trivial solution. Not having used snap chat maybe it has a way to disable your phones ability to take a screen shot...

Anyway the protection is an illusion. It is better than nothing, but it probably isn't all that secure to begin with.

Re:Video/Music Streaming (1)

neminem (561346) | about 9 months ago | (#45921787)

I haven't used it either. It might have the ability to disable taking a screenshot on your phone. It most certainly doesn't have the ability to disable taking a picture of your phone from another physical device, because that would be impossible.

We burned the sky... (1)

DarthVain (724186) | about 9 months ago | (#45940483)

Never underestimate DRM. This is how the machine wars began...

Android has detected you are trying to violate DRM using another device. Accessing device... shutting down... countermeasures launched...

alternative to snapchat cyber dust (0)

Anonymous Coward | about 10 months ago | (#45853813)

Still in beta. Only on ios. I use it. It works. Better for messaging than snapchat. Simple. Not military complexity like the alternatives mentioned

Worth checking it
Cyber dust

*Paul* Ducklin (1)

xorsyst (1279232) | about 10 months ago | (#45855245)

Come on slashdot, get the guy's name right.

Bullshit (1)

allo (1728082) | about 10 months ago | (#45856821)

You cannot send someone an image, which can be displayed by the user and prevent the user from saving it.

Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?