Snapchat’s new security system thwarted in 30 minutes

In the wake of various security concerns, Snapchat created their own type of CAPTCHA. Rather than ask for a phrase to be used, theirs asks that we find their ghost mascot. It’s fun, and sounds like a pretty decent security feature. One Developer has cracked Snapchat’s new security puzzle, and did so in the time it takes to watch a SitCom.

The security feature sounded good enough, but has quickly been dispensed with. Steve Hickson tapped his knowledge of image recognition and put it to use. “I spent around 30 minutes writing up some code. With very little effort, my code was able to ‘find the ghost’ in the above example with 100 percent accuracy.” It wasn;t that hard, either.

By ‘thresholding’, a process by which his program identifies subtle color variations in the ghost, he created feature points on said ghost. From there, he simply asked his new program to identify the ghost based on those criteria. “If the uniqueness is high enough and enough features are found, we call it a ghost”.

Snapchat has yet to issue a response to this new revelation. It’s another potential step backwards for the company, who have been the focus of much scrutiny about the security of their service lately. With spamming becoming an issue on the messaging platform, Snapchat will likely be looking for a fix to their fix. Let’s hope they do their diligence this time around.


Story Timeline

Snapchat code exploit published after being ignored
Snapchat exploit yields 4.6 million user names and numbers
Snapchat issues a response to recent security concerns
Snapchat almost apologizes, allows users to unlink their phone numbers
Snapchat responds to users’ complains about ‘Snap Spam’

Sent by gReader Pro

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s