Printed from http://www.electronista.com

Researcher: Snapchat API exploits enable user data collection

updated 09:18 pm EST, Thu December 26, 2013

Ephemeral message service sender's privacy potentially in danger

An unpatched code flaw in Snapchat's API is allowing rogue coders to generate a script to associate actual phone numbers with Snapchat user names, display names, and account privacy settings. This information, combined with other data breaches can be sold, as well as pose a significant amount of data on a Snapchat user that has been identified in such a matter.

Snapchat is a service which allows users to exchange videos or messages that Snapchat deletes after ten seconds after they are opened. The exploit doesn't change this fact, but does give API script users implementing the undocumented hooks more access to personal information about the senders. Gibson Security claims that the hooks are easily removable from the API, and can be deleted with little effect to the rest of the API.

Researchers at Gibson Security published the undocumented hooks in the Snapchat API, after being ignored by Snapchat since August. Gibson Security told ZDnet in an email that a coded script harvesting user data could "automatically build profiles about users, which could be sold for a lot of money."



By Electronista Staff
Post tools:

TAGS :

toggle

Comments

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

Sound Blaster Roar Bluetooth speaker

There could very well be a new king of the hill for Bluetooth speakers, with Sound Blaster's recent entry into the marketplace. Bringi ...

Kenu Airframe Plus

Simple, stylish and effective, the Kenu Airframe + portable car mount is the latest addition to Kenu's lineup. Released earlier this y ...

Plantronics Rig Surround 7.1 headset

Trying to capture the true soundscape of video games can be a daunting task. Looking to surround-sound home theater options, users hav ...

Sponsor

toggle

Most Commented

 
toggle

Popular News