Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Snapchat Vulnerability Can Lead to iPhone Denial-of-Service Attacks
- Thread starter MacRumors
- Start date
- Sort by reaction score
1. As if your going to have that many friends on there for them to be able to send 1,000 images all at once.
2. As if the average friend will have the know how to perform this and if their your friend why would they want too?
So in reality is doesn't really pose a threat, but if a tech expert wanted too they could exploit it though they would have little t gain from it.
Also aren't cyber community group just the same groups of people who create viruses and other malware who are then taken on by anti virus companies?
2. As if the average friend will have the know how to perform this and if their your friend why would they want too?
So in reality is doesn't really pose a threat, but if a tech expert wanted too they could exploit it though they would have little t gain from it.
Also aren't cyber community group just the same groups of people who create viruses and other malware who are then taken on by anti virus companies?
The fact that iOS enable an application to use all the memory/whatever in the phone is wrong in the first place (would it be Safari or Snapchat).
As for snapchat, it's useful to share quick pictures to everyone, make a "story" (a collection of many pictures, funny in parties!), send random stupid faces, doesn't require cell to be used (only wifi) thus is usable on ipods or with plans with low data, doesn't require to give your phone number, received/read notification, and is quicker to send than sms/mms across all devices.
Finally, while some cyber community groups are making viruses and all, some of them simply work on security to improve softwares.
As for snapchat, it's useful to share quick pictures to everyone, make a "story" (a collection of many pictures, funny in parties!), send random stupid faces, doesn't require cell to be used (only wifi) thus is usable on ipods or with plans with low data, doesn't require to give your phone number, received/read notification, and is quicker to send than sms/mms across all devices.
It's quite easy to get someone's snapchat nickname (for instance using FB/twitter) and you can then crash their device whenever you want to piss them off. Any teen with some knowledge in dev can simply google the API (leaked on reddit some time ago) and have fun, and I suppose there'll be tools very soon to do it with no knwloedge at all.
Finally, while some cyber community groups are making viruses and all, some of them simply work on security to improve softwares.
Last edited:
It's good when you have friends
When you put it like that, you make me seem like such a loner.
"The security researcher declined to contact Snapchat with his findings as he believes the startup "has no respect for the cyber security research community" after ignoring previous app vulnerability reports."
You call this a security flaw? Ooh, big deal, they can make you have to restart your iPhone ONCE. Not like any data is stolen or the iPhone bricked. DDOSing is meant for attacking servers, not random people who will be slightly inconvenienced.
Regardless, I kinda want to try this on my friend once. Not sure when would be the best time to do it.
----------
The LA Times guy got banned from Snapchat for this. Also, I found a tutorial on doing it, but I lack the experience in Python and Android to do this, so I'm not going to waste my time: http://gibsonsec.org/snapchat/fulldisclosure/#registering-an-account-bqregister-phregisteru
You call this a security flaw? Ooh, big deal, they can make you have to restart your iPhone ONCE. Not like any data is stolen or the iPhone bricked. DDOSing is meant for attacking servers, not random people who will be slightly inconvenienced.
Regardless, I kinda want to try this on my friend once. Not sure when would be the best time to do it.
----------
The LA Times guy got banned from Snapchat for this. Also, I found a tutorial on doing it, but I lack the experience in Python and Android to do this, so I'm not going to waste my time: http://gibsonsec.org/snapchat/fulldisclosure/#registering-an-account-bqregister-phregisteru