Snapchat, your house was not ransacked…

NRK (Norway) recently reported on the Snapchat hack and they started of with the following line (google translated):

If someone breaks into a young girl’s house, stealing nude photos of her and hang them up in the neighborhood, it’s her own fault?

Taking the statement on face value…it’s not like that.

Using the analogy:

  • The house is the phone
  • the package where the photos are kept is the application
  • The delivery method (postal service) is the application sending the file to the cloud service
  • The warehouse is a ‘cloud’/online service (SnapSaved)
  • so… the photos are sent from home to a warehouse and redistributed to other houses and not someone breaking into the house.

So, the intruder is not breaking into the house, they are breaking into the warehouse.

You have very little control over the package once it leaves your house.

In theory, the house is safe as long as the photos are not sent to the warehouse.

As previously mentioned, the warehouse (application cloud/online service) and the delivery method (application) needs to be secured, who’s responsibility is that?

Note:

  • No one broke into anyone’s the phone!
  • It’s not the victims fault but just as any delivery service has a ‘items may be lost in transit policy’ or an ‘insurance’ service for valuable items, the application owners must communicate the equivalent risks to the victims (Snapchat was irresponsible for stating that their service is ‘safe’/’secure’! How can you guarantee a service when other services can ‘access their service’)
  • Yes, another application issue

It is important to get the analogies right to properly understand and appeciate the issue at hand, lawmakers, speak to the professionals!

http://www.nrk.no/ytring/snapchat-i-steinalderen-1.11985369

http://www.theinquirer.net/inquirer/news/2375126/hackers-post-at-least-100-000-intercepted-snapchat-photos-on-4chan

Burn Phones are the new black

It appears that the burn phone idea ‘is catching on’ in the celeb world.

The iPhone scandal, eavesdropping, etc are all catalysts for increased privacy.

Note the use of the burn phone: details are sent directly to the phone and the ‘lack of trust’ with the guest’s phones.

http://www.theregister.co.uk/2014/09/30/clooney_wedding_burner_phones/