Snapchat Vulnerability Can Lead to iPhone Denial-of-Service Attacks

Discussion in 'MacRumors.com News Discussion' started by MacRumors, Feb 7, 2014.

  1. macrumors bot

    MacRumors

    Joined:
    Apr 12, 2001
    #1
    [​IMG]


    [​IMG]
    A vulnerability in the Snapchat app opens the iPhone up to denial-of-service attacks that can cause the device to freeze and crash, according to cyber security researcher Jamie Sanchez [Google Translation] (via The Los Angeles Times).

    A weakness in the app's system can allow a hacker to send thousands of messages to a Snapchat user in seconds, which can cause a crash that requires a hard reset to fix. Tokens generated by the app used to verify user identity can be reused by hackers to send a flood of messages.
    Sanchez demonstrated the flaw for The Los Angeles Times, sending a reporter 1,000 messages within five seconds in a denial-of-service attack, which caused the reporter's iPhone to freeze until it restarted.

    The security researcher declined to contact Snapchat with his findings as he believes the startup "has no respect for the cyber security research community" after ignoring previous app vulnerability reports.

    Snapchat has faced multiple problems as its private messaging app has grown in popularity, including vulnerabilities that allowed users to bypass screenshot notifications and a recent security breach that compromised the user names and phone numbers of more than 4.6 million customers, which Snapchat was warned about ahead of time by a security group.

    When asked about this particular vulnerability, Snapchat said it was unaware of the problem but interested in learning more.

    Article Link: Snapchat Vulnerability Can Lead to iPhone Denial-of-Service Attacks
     
  2. macrumors 6502a

    ZacNicholson

    Joined:
    Jun 25, 2011
    Location:
    Indiana
    #2
    snapchat is more trouble than what its worth. if you wanna sext just use iMessage
     
  3. macrumors member

    Joined:
    Jan 29, 2008
    #3
    Hmm...

    I wish this enterprise-level software wouldn't be so vulnerable to attack.
     
  4. macrumors 68040

    Goldfrapp

    Joined:
    Jul 31, 2005
    #4
    Nothing will deter teens from sexting. LOL
     
  5. macrumors 604

    wordoflife

    Joined:
    Jul 6, 2009
    #5
    If you use snapchat, I would suggest only allowing your friends/contacts to snap you.
     
  6. macrumors G5

    Consultant

    Joined:
    Jun 27, 2007
    #6
    Easily mitigated if you don't let strangers contact you.

    Also, can't people simply go to "do not disturb" mode?
     
  7. macrumors newbie

    Joined:
    Oct 14, 2013
    Location:
    Chicago
    #7
    I'm 19, and even I find Snapchat annoying. Glad I deleted mine months ago. I knew it would only bring problems.

    And as for snapchat only being "interested in learning more," I would think a company would at least put out a statement saying they are working hard on a fix. I agree with Sanchez; they must really not care.
     
  8. macrumors 68000

    Cuban Missles

    Joined:
    Dec 6, 2012
    Location:
    My heart is in Camagüey, the rest in the USA
    #8
    I find all these tools a bit much. I understand that there are some folks not on apple (I don't know any, I hear it happens :D ), but with most providers giving unlimited text as a basic feature these days (at least in the US), I see no real reason to use anything other than the apple provided imessage. What do these tools do that I cannot already do?
     
  9. macrumors 68000

    AngerDanger

    Joined:
    Dec 9, 2008
    Location:
    Male
    #9
    I'm shocked to hear that the sketchy app which allows users to send "temporary" nudes and features a ghost in its icon could be used in such a harmful way! :p
     
  10. macrumors member

    Joined:
    Sep 1, 2013
    #10
    I bid $100 they are still on the market
     
  11. macrumors 6502a

    Slix

    Joined:
    Mar 24, 2010
    #11
    Another reason I do not use Snapchat.
     
  12. macrumors 68000

    Hastings101

    Joined:
    Jun 22, 2010
    Location:
    K
    #12
    okay, let's do this
     
  13. macrumors 65816

    Joined:
    Oct 5, 2011
    Location:
    San Francisco, California
    #13
    After the earlier story that quoted Tim Cook saying spending 10 figures on a company is no problem, and now this snapchat story...

    I wish it was April 1st, and the next post on MacRumors is that Apple has agreed to buy SnapChat for $1bil, just to see everyone lose their stuff in the comments.
    I mean, Facebook bought Instagram for $1bil, so i could at least be a believable story for a few minutes. Just for the laughs. :p:)
     
  14. macrumors 68000

    AngerDanger

    Joined:
    Dec 9, 2008
    Location:
    Male
    #14
    Ooh, romance is in the air! [​IMG]
     
  15. macrumors 65816

    bacaramac

    Joined:
    Dec 29, 2007
    #15
    I have other apps that can crash as well. Don't really see the issue. I've been in a Game or Facebook and it's caused my phone to restart (display Apple Logo). Heck even Safari has done this.

    Maybe I'm missing something, but doesn't really seem like a valid issue, just crappy programing.
     
  16. macrumors 68040

    KdParker

    Joined:
    Oct 1, 2010
    #16
    cyber security research community?

    What is this commuity exactly?
     
  17. macrumors 65816

    Joined:
    Jun 2, 2010
    #17
    I use What'sApp for one reason: I have friends outside the U.S. who do not have iPhones that I would like to have SMS-type communication with in a way that won't incur per-message charges.

    Sure, being on Verizon, I have unlimited SMS to friends in the U.S. who are not on iPhones; but I'm not going to pay Verizon an extra $5.00 a month, I think it is, to have worldwide SMS when the people I would be sending SMS messages to abroad would likely have to pay per-message for incoming SMS messages from the U.S. anyway.

    As for Snapchat, don't use it and can't envision a scenario when I ever would.
     
  18. macrumors newbie

    Joined:
    Feb 7, 2014
    #18
    FB already offer $3B for it and was spurned.
     
  19. macrumors newbie

    Joined:
    Mar 6, 2013
    #19
    Good Wizards
     
  20. macrumors 6502a

    Nunyabinez

    Joined:
    Apr 27, 2010
    Location:
    Provo, UT
    #20
    I heard the actual problem was that if the picture you sent was really hot the phone would overheat and go down on you.

    (Rimshot)
     
  21. macrumors 68000

    Parasprite

    Joined:
    Mar 5, 2013
    #21
    I fail to understand the interest people have in Snapchat.
     
  22. macrumors 68000

    Parasprite

    Joined:
    Mar 5, 2013
    #22
    Basically someone figured out how to selectively target and crash people's phones, solely because they happen to use Snapchat.
     
  23. macrumors 6502a

    Joined:
    Mar 3, 2008
    #23
    All I really know or care about Snapchat is that seeing my 14 year old niece mugging for the camera every 2 minutes as she spent Christmas Day on Snapchat made me want her stupid phone to explode in her stupid face. And for her stupid parents to start parenting her.
     
  24. macrumors newbie

    Joined:
    Oct 7, 2013
    Location:
    Iran
    #24
    Never used Snapchat, and never will...
     
  25. macrumors 65816

    japanime

    Joined:
    Feb 27, 2006
    Location:
    Japan
    #25
    In other words, it's just like iOS 7. :D
     

Share This Page