Experts are saying that the popular photo sharing app is experiencing a lacking in privacy protection.
According to the complaints of a number of experts regarding the Snapchat app, the level of mobile security behind the application is greatly inadequate for protecting the privacy of its users.
Some now feel that the mobile app development team behind the app lacks the necessary understanding.
Among the most recent steps that the company has taken toward improving mobile security includes last week’s introduction of a CAPTCHA code verification. This is designed to help to ensure that all new subscribers are humans and not computer programs. It is important to avoid computer created accounts as these are common methods used by cybercriminals for the distribution of spam or to discover ways to grab personal information from other users of these types of mobile apps.
While the number of fake accounts may be reduced, it doesn’t mean that the mobile security is strong.
Although the CAPTCHA techniques can shrink the number of fake accounts that a service experiences, a graduate research assistant from the Georgia Institute of Technology, Steven Hickson, was able to easily hack into Snapchat despite its latest upgrades.
The CAPTCHA implementation at Snapchat was weak to the point that Hickson required under an hour on the mobile development of a computer program that would be able to trick the system with “100 percent accuracy”. Hickson explained that “They’re a very, very new company and I think they’re just lacking the personnel to do this kind of thing.”
In order to make sure that the potential user of the service is a human, the system selected by Snapchat involves having to choose the white ghost mascot of the company from among nine illustrations. Unfortunately, only the size and angle of the correct image is altered, making it simple for a computer to be able to recognize.
In order to stop a CAPTCHA mobile security system from being hacked, Hickson explained that “you want something that has a lot of variety in the answer,” adding that you essentially want one correct answer, but a vast array of different incorrect answers. This needs to be too complex for a computer to be able to solve while being quite obvious to a human.