The tech wizard, Steven Hickson has just hit the charts after claiming to be able to hack Snapchat’s security within 30 minutes. As intriguing as it sounds, the gentleman here promises to prove himself right. His blog contains an article which describes the procedure he adopted to do the same.
2. The tech wizard, Steven Hickson has just hit
the charts after claiming to be able to hack
Snapchat’s security within 30 minutes. As
intriguing as it sounds, the gentleman here
promises to prove himself right. His blog
contains an article which describes the
procedure he adopted to do the same.
3. Steven is currently pursuing his PhD
from Georgia Institute of Technology as a
Graduate Research Assistant. Previously he
has also worked with NSA and has done
some tremendous engineering in the past.
The man loves tinkering and building
robots/devices, the Raspberry Pi, the
Microsoft Kinect, rock climbing, martial
arts, Settlers of Catan, Magic the
Gathering, music, movies, and art. He
maintains his own blog to talk about the
various updates and the new things that
4. Let us get to know him better;
SocialappsHQ- Steven, what made
you think of hacking Snapchat in the
first place?
Steven- I thought of it when I read
the article about the CAPTCHA that
morning. It just seemed really easy
and I knew I could do it fairly fast.
.
5. SocialappsHQ- So, was it really that
easy?
Steven- It was incredibly easy. It could
have been assigned as an undergraduate
project for a computer science student
SocialappsHQ- What was your first
reaction after you successfully hacked
Snapchat?
Steven- I just posted it online and
explained why it was bad. I didn’t expect
it to take very long or be very difficult so I
wasn’t surprised by the fact that it took
6. SocialappsHQ- Were you approached
by the Snapchat authorities regarding the
hacking?
Steven- I have not been approached by
anyone from Snapchat and to my
knowledge they still haven’t fixed this or
started a bug bounty program like the
ones Facebook and Google have
7. SocialappsHQ- What happened next?
Steven- I tweeted the article to the
author of the Techcrunch
article
and he updated his page. Since the news
that Snapchat had a CAPTCHA hadn’t
been picked up by most news
organizations yet, the story blew up when
people read about it. It ended up being
posted by a ton of different tech websites.
8. SocialappsHQ- Why didn’t you actually
hack Snapchat rather than publishing the
loophole?
Steven- I didn’t want to break the law in
any way. Also, I was only interested in
showing how bad their implementation
was as opposed to taking advantage of it.
Someone out there is certainly using a
similar method to do this though.
9. SocialappsHQ- Do you think this hack
applies to only Snapchat or, other apps as
well?
Steven- I would bet there are other apps
out there that are using improper
CAPTCHA methods. Though each one
might require a custom solution for a
computer to solve them, I would bet there
are others out there that might be as bad.
10. SocialappsHQ- Mobile App security is
not a very well understood topic. Do you
have suggestions on how Snapchat or
other apps can be made more secure?
Steven- Snapchat and others need to
consult with professionals and those in
academia to make sure they are secure. It
is also generally a good idea to use
existing, open source solutions rather than
make a custom one.
11. SocialappsHQ- Are there tools/scripts
that you can suggest for checking on
common security loopholes?
Steven- Unfortunately, there isn’t a lot
out there that you can use unless you are
making large security errors. This is
because all apps are different. However, if
you are practicing security through
obscurity, you are probably doing
something wrong.
12. SocialappsHQ- I see that you are
doing a PhD at Georgia Tech. Can you tell
us what are you working on?
Steven- I’m working on a couple things,
foremost, 3D and 4D segmentation, object
recognition, and scene understanding
using the Microsoft Kinect. I’m also
working on using machine learning to
analyze brain waves with respect to
images, music, and videos in hope we can
13. SocialappsHQ- Just one last thing, do
you think Snapchat is far more secure now
or is it still prone to another attack?
Steven- I think Snapchat is probably
almost as insecure as they were. It’s only
a matter of time until they have another
data breach unless they really amp up
their security.