Snapchat's many vulnerabilities have undermined its entire premise of safety and privacy.

1. Augustine Fou- 1 -
Dr. Augustine Fou
http://linkd.in/augustinefou
July 2013
Snapchat’s Many
Vulnerabilities

2. Augustine Fou- 2 -
Snapchat Leaked Personal Data
Source: CleverYou.net Dec 2012
Snapchat lets you find out if any friends who might have you in their
contacts are using the service. To do this it needs your phone-
number: on Android, this is obtained automatically. On iOS, however,
you need to verify your number by sending a SMS to Snapchat with a
unique code (partly to prevent abuse, but mainly because unlike
Android, iOS does not allow system access to the device’s phone
number). The Snapchat app makes a web service call to discover
whether this SMS verification has succeeded or not.
The call looks like this:
POST https://feelinsonice.appspot.com/ph/settings
username=john.smith timestamp=1357768038866
req_token=13f413fwrf4[…]

3. Augustine Fou- 3 -
Snapchat Pictures Are Stored
“The app stores the images by
adding the file extensions
'nomedia' to all files sent using
Snapchat.
This means that you only have
to download the files and open
them in a program that
recognises.nomedia files and
the images can be seen again.
Hickman made the discovery
during his mobile forensics
course at Utah Valley.”
Source: Decipher Forensics via Business Insider May 9, 2013

4. Augustine Fou- 4 -
Snapchat Videos Easily Retrieved
“The videos will show up in
the gallery under a folder
called "tcs_pahn." Upon
clicking on one, the video
player will happily play the
non-obscured video file just as
if it were any plain old video.
Simply put, an Android app
should NEVER save data to
the root of the user's sd card”
Source: Gizmodo Dec 2012

5. Augustine Fou- 5 -
Snapchat Leaked Images / Videos

6. Augustine Fou- 6 -
Electronic Privacy Information
Center Files FTC Complaint
Against Snapchat
http://www.digitaltrends.com/social-media/privacy-organization-epic-files-ftc-complaint-against-snapchat/