Security News

Snapchat blurts out the S-word

Snapchat blurts out the S-word: Team Snapchat, as it calls itself, has finally used the S-word.

Over Christmas 2013, the selfie-sharing site was confronted with warnings that its “find a friend by phone number” service was open to abuse.

Snapchat wrote off the risk as “theoretical.”

We’ll assume that Snapchat didn’t mean to throw down the gauntlet with its choice of words, but that seems to have been the outcome.

By New Year 2014, the selfie-sharing site was confronted with an online data dump of 4,600,000 usernames and phone numbers, apparently acquired by means of this “theoretical” attack.

→ Fair enough, an attack can’t be possible in practice without also being possible in theory, so Snapchat’s claim was true. But the phrase “theoretical attack” is a loaded one, typically implying that the attack should be considered highly unlikely.

Clearly, the anti-data-scraping protection Snapchat claimed to have put in place hadn’t worked that well.

Nevertheless, the company’s curious response was to avoid apologising, suggesting instead that it had as good as closed the door on the attack through smart programming.

Standard