A Security Hole Found In Snapchat and Facebook's Poke App Allows Users To Save Videos

A Security Hole Found In Snapchat and Facebook's Poke App Allows Users To Save Videos

A security hole has been found in Snapchat, the mobile messaging app that allows users to self-destruct pictures and video messages. 

Normally with Snapchat, a time limit can be set (up to 10 seconds) to cause a message to disappear after being read. The app became popular for mobile users who like to send NSFW pictures and videos.

However, recipients can now work around the time limitations by simply not opening received messages. Files are stored locally, so they can be accessed by plugging your iPhone into the computer. The user can then use file browsing software like iFunBox to store "tmp" files located in the Snapchat folder permanently. 

The security hole was also discovered to work on Facebook's recently-released Poke app, which features the self-destruct messaging option as well. Using similar file browsing software, Poke files stored in library/caches/fbstore/mediacard can be transferred to the desktop for your viewing leisure. 

The flaws were first discovered by Buzzfeed, who reached out to both parties about the security loophole. Facebook said:

"Thanks for reaching out, and we are addressing this issue now. We should have a fix pushed shortly."

Snapchat founder Evan Spiegel, however, has a totally different outlook regarding the lopphole:

"The people who most enjoy using Snapchat are those who embrace the spirit and intent of the service. There will always be ways to reverse engineer technology products - but that spoils the fun!"

[via Tech Radar]

Stay Connected with
Complex Tech
Tags: snapchat, facebook, security
blog comments powered by Disqus