Rapid-fire photo sharing app SnapChat is no stranger to controversy— in its relatively short life, it’s been dubbed “the sexting app”— but on January 22, things got a little bit more tangled when an everyday college student broke through its seemingly secure privacy barriers.

For those who aren’t familiar, SnapChat allows users to take a photo, set a self-destruct timer between one and ten seconds, and send along to friends. The app senses when recipients view the photo and deletes it from both phones within the set timeframe. For added peace of mind, it also alerts the sender if their “friends” attempt to take a screenshot on the sly. Because of this sense of security, SnapChat has become incredibly popular—founder Evan Spiegel told Mashable that the app moderates 20 million “snaps” each day.

However, after student/hacker/web designer Raj Vir discovered a security loophole that even your Grandma could break through, SnapChat’s relative safety and privacy is nothing more than an illusion. While we’re not encouraging saving compromising pics for your personal stash, let’s review Vir’s method to illustrate how simple it really is.

  • Take a screenshot by pressing the home and power buttons simultaneously— continue holding down on the screen to make sure the photo is captured
  • Once your screenshot is complete, the photo will disappear from your screen and you’ll return to your snap list
  • Before the photo times out, double tap on the home button to initiate the multitasking bar. Once the bar is in use, SnapChat will be none the wiser of your secret screenshot.

Vir says that this 3-step hack is possible because of how SnapChat detects iOS screenshots. The app senses touch cancellation events, which is exactly how the average screenshot functions. The key, however, is pulling up the multitasking bar; also a touch cancellation: When SnapChat becomes “inactive,” its internal screenshot detector cancels itself out. “This work-around occurs because SnapChat isn’t officially supported by Apple, so it’s a hack in the first place,” Vir explained to Mashable. Facebook’s similar app, Poke, is susceptible to hacks through the same method. “You can force quit the app and take screen shots this way… too,” asserts Vir.

Although SnapChat is no doubt hustling to make this problem disappear ASAP, one can only imagine this is one of many privacy hacks— in fact, another security breach was discovered just a month ago. Will that lead to SnapChat’s downfall? Doubtful. However, whether you’re using sharing apps or developing them, Mindgruve developers Kevin and Chris have a few tips to ensure you stay and build secure:

  • Assume anything shared or put online will be made public
  • Don’t write bad code. It sounds like a no-brainer, but clearly, it happens. “Apps have security issues because of their code,” explains Chris. Take the time to think like a hacker to ensure your app is as solid as possible

Kevin relates this back to a recent issue when Randi Zuckerberg, sister of Facebook founder Mark Zuckerberg, started a Twitter war with VoxMedia’s Callie Schweitzer over a family photo. Zuckerberg posted the photo on Facebook to share with friends only, but it turned up on Schweitzer’s, who subscribes to Zuckerberg, feed. Schweitzer found the photo “endearing,” tweeted it out, and the rest is history. Turns out, Ms. Zuckerberg’s privacy settings allowed her subscribers to see the picture in question.

Key takeaways: 1) Feel comfortable with what could happen if someone got their hands on whatever you’re sharing 2) Check your privacy settings, and then check them again — if the founder of Facebook’s own sister isn’t immune to a social media snafu, who is?

Sources

Empson, Rip. “Not-So-Ephemeral Messaging: New SnapChat ‘Hack’ Lets Users Save Photos Forever.” techcrunch.com . N.p., 22 Jan. 2013. Web. 22 Jan. 2013. <http://techcrunch.com/2013/01/22/not-so-ephemeral-messaging-new-snapchat-hack-lets-users-save-photos-forever/>.

Larson, Eric. “Photo-Messaging App ‘SnapChat’ Launches on Android.” mashable.com. N.p., 29 Oct. 2012. Web. 22 Jan. 2013. <http://mashable.com/2012/10/29/snapchat-launches-android/>.

Murphy, Samantha. “Hacker Finds Easy Way to Secretly Save SnapChat Pictures.” mashable.com. N.p., 22 Jan. 2013. Web. 22 Jan. 2013. <http://mashable.com/2013/01/22/hacker-finds-easy-way-to-secretly-save-snapchat-poke-pictures/>.

Tsotsis, Alexia. “‘Bug’ Lets People Save Snapchat And Poke Videos, But Why Would Anyone Want To Do That?.” techcrunch.com . N.p., 28 Dec. 2012. Web. 23 Jan. 2013. <http://techcrunch.com/2012/12/28/for-sex-reasons/>.

Wasserman, Todd. “Randi Zuckerberg Not Happy About Facebook Photo Privacy Breach.” mashable.com. N.p., 26 Dec. 2012. Web. 31 Jan. 2013. <http://mashable.com/2012/12/26/randi-zuckerberg-privacy-breach-photo/>.