Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Security Encryption

Meet the Developers Who Want To Build the Next Snapchat 61

Nerval's Lobster writes "Our lives online come with perils, whether from the NSA checking up on our digital communications, or the possibility of the wrong e-message going viral. Twitter, Facebook, Google, Instagram, and other social networks have collected all sorts of personal data about us, where we've been, what we're saying, what we like, and our friends. No wonder the idea of ephemeral messages — such as those sent via Snapchat and other services — is beginning to resonate, attracting lots of startups who want to service that very need. These creators of self-destructing message apps claim they don't care about monetization, and that their products are secure — but as so many apps from other startups have demonstrated, security is often a very porous thing, and government agencies are more than happy to fire off a warrant to see unread messages stored on a server. Lots of developers want to become the Snapchat (if it means they can take a multi-billion-dollar buyout), but in the case of vaporizing messages, they're tiptoeing into tricky territory."
This discussion has been archived. No new comments can be posted.

Meet the Developers Who Want To Build the Next Snapchat

Comments Filter:
  • Stupid (Score:5, Insightful)

    by Anonymous Coward on Tuesday February 25, 2014 @03:19AM (#46332149)

    > No wonder the idea of ephemeral messages ... self-destructing message

    The entire concept is stupid. Screenshots. Or use your camera to photograph the screen if you must. Or run it in am emulator and do a screenshot of that.

    If you send something to someone, you should assume that they can keep a copy of it. Dont like that? Dont send it.

    • Indeed there is no such thing as secure self-destructing messages. What is more interesting is end-to-end encryption, where you can at least ensure that no-one except the recipient can open the message.

      • If you deliver direct to MX and have TLS setup on both ends then you get this encryption for free.

        There are active attacks (MITM) against most setups but passive snooping is prevented.

        • by madbrain ( 11432 )

          That is not end to end encryption. You would need S/MIME, PGP, or other technologies for that, where the message itself is encrypted.
          The fact that the transport may be encrypted is pretty much irrelevant since neither the sender nor recipient have full control over the network hops that may be between them. If you send a message to a TLS-enabled host, and it then gets remailed using plaintext, or the recipient downloads it using plaintext, the TLS is not very useful.

          • And if the recipient forwards it unencrypted then S/MIME or PGP are not very useful.

            I was envisioning each person running their own mailserver (as I do) so that the only place mail would be unencrypted would be on their local machine.

            Once you're in that position everything gets encrypted and it's invisible to the end user.

      • by Chrisq ( 894406 )

        Indeed there is no such thing as secure self-destructing messages.

        I think the "mission impossible"tape recorder that catches fire comes close ... Apple have been doing their best to implement this [google.co.uk].

        • Cut the headphone cord, splice to microphone input on a walkman and hit record?

          It was really not very secure at all, and an auto-destruct is a poor system compared to having an agent verify the message was securely destroyed.

      • by tomhath ( 637240 )

        where you can at least ensure that no-one except the recipient can open the message

        Yea, we could call it the Enigma machine. Oh wait...

    • by mwvdlee ( 775178 )

      If you want absolute 100% guarenteed secrecy, you're not going to be able to do it with any technology.

      If you just want to prevent companies and government organisations from accessing your private life, ephemeral messages are a notable part of a larger package of security measures you can use.

    • The entire concept is stupid. Screenshots.

      Exactly. The same could be said in regards to private Facebook profiles.
      Nothing stops someone that is part of the private group to make available anything that they see to others not in the group. eg., Save the page, the text, pictures, screenshot it, etc.

    • by mlts ( 1038732 )

      There are two parts to self-destructing messages:

      1: The part where it gets eradicated from servers.
      2: The part where it gets zapped from endpoints.

      Part 2 falls under DRM... someone, somewhere will find a way around it [1]. The best way to handle this is similar to PGP's -p flag -- have a private viewer to let the user know this shouldn't be copied, and stop right there. A determined user will find a way to keep track of something, no matter what anti-copy measures are in place.

      Now, part 1 is the part th

    • by tlhIngan ( 30335 )

      The entire concept is stupid. Screenshots. Or use your camera to photograph the screen if you must. Or run it in am emulator and do a screenshot of that.

      If you send something to someone, you should assume that they can keep a copy of it. Dont like that? Dont send it.

      Exactly. Though, SnapChat does try to detect attempts to take screen shots which it then notifies the sender that you've done so. Of course, this can easily fail (it does under iOS7 because of changes deep in the OS).

      • I think it is stupid, and not stupid too. The idea of having a discussion that is not recorded for posterity is useful. I remember back in Usenet when I discovered that everything I wrote was being archived and was easily searchable, it was disconcerting to think that off-the-cuff remarks from several years back were still there. Granted I will never be running for political office but it has some creepiness to think about it. On the other hand, it has made me think twice about things (maybe not think e

      • I'll just take a screenshot with my camera then.

    • The entire concept is stupid

      I disagree. This concept is extremely important to me. Just because an idea is stupid to you and 5mods does not mean it doesn't work for the rest of us.

      To me, the ephemeral message is getting us back towards normal face2face interaction, by default, nothing is saved. There is nothing stopping your friends and co-workers from putting their phones on record or even following you around with a video camera. What's important is that by default, our failed jokes and Freudian slips are simply forgotten, instead o

  • Why? (Score:5, Insightful)

    by rebelwarlock ( 1319465 ) on Tuesday February 25, 2014 @03:20AM (#46332153)
    Let's reword the headline to say what was really meant:

    Attention whoring for an unoriginal idea.
    • by Rhaban ( 987410 )

      If your tech idea is "Be the next [whatever]", it is not a good idea.

    • Let's reword the headline to say what was really meant:
      Attention whoring for an unoriginal idea.

      Okay so they build the next snap chat. What do they do the next month? Is there anything in snap chat that could not be built in 1 month by a small team? Same thing with instagram or whatsapp. What is special about those apps is simple they were there before someone else thought to do them, and the implementations were good enough to entice people to use it. Making another one? sure not a problem. But without any market share how are you going to pay the lawyers.

    • Honestly, the idea is *so* unoriginal, I have to wonder if it's not a government troll.
      I mean, by this time security and privacy is so totally compromised at every level (from the device in your hand to the routers it passes through) that the very concept of someone insisting "oh, really, but OURS will be secure" sounds like an NSA project.

    • by sootman ( 158191 )

      It's attention whores all the way down!

      If you're worried about something you say leaking online, keep your fucking mouth shut.

  • I can't wait for the social media bubble to pop.
  • I misread the first sentence as "Our lives online come with penis", which given that they're talking about snapchat would have made more sense.
    • I misread the title. Thought it said "Slashdot", not "Snapchat". Not sure which misreading was worst :/
  • The problem with all of these kinds of things is that they're aiming to replace fundamental parts and protocols of the Internet and the Web, but those parts and protocols were not originally developed with a profit motive. No genuine replacement for things like telnet, SMTP, HTTP, IMAP, IRC, FTP, etc. will ever come out of an organization oriented purely towards a profit motive (which all “start-ups” are, just like mature business organizations). For all their huge success, even organizations l
  • by Karmashock ( 2415832 ) on Tuesday February 25, 2014 @03:55AM (#46332247)

    Inherent in security is what you are trying to keep something secure from... A child safety lock on a container of pills is an example of this... it keeps the pills out of the reach of small children that lack the strength or mental capacity to open the bottle. Once you get old enough to open the bottle it probably isn't as dangerous because you're probably not stupid enough to eat them like m&ms at that point.

    There is security on ATMs and banking systems to keep thieves out internal or external. But they do not secure the system from government oversight or even employees of the bank.

    Its about trust and control.

    Who do you want kept out? What do you want controlled? Itemize it all. Then design your system.

    If you wish to keep the NSA out... you need to decentralize. The NSA thrives on exploiting centralized information systems. Decentralize and they have to compromise a cloud of shifting unreliable systems each with information of no to very limited value. They won't do it. Its too much work for too little return.

    If you want to keep some person you sent pictures of your genitals from uploading the information to a public gallery... Well... best option is to not send that message. But if you really feel you must... something like snap chat or similar will work against not terribly bright people. Anyone with a clue shouldn't have any trouble finding a program on the net advertised as being specifically able to scrape messages out of those programs.

    So yeah... NSA... decentralize... stop that person from sharing your genital photos around... good luck. Just don't do it, dummy.

  • Is it just me (Score:4, Insightful)

    by korbulon ( 2792438 ) on Tuesday February 25, 2014 @04:16AM (#46332281)

    Or does it seem that "serious" tech development has been largely superseded by much more frivolous stuff like social networks, casual gaming, and crap like snapchat? They have their place, sure, but the prices being thrown about for what are after all pretty basic applications are absurd. Seems to me that much of the "value" of these companies is 99% hat and 1% cattle. Exasperated by these tech bubbles - because that's what all this is - they exalt a few lucky morons and do so much damage when they pop.

    • The absurd prices aren't for the apps (FB could build their own version of SnapChat in an overnight coding orgy), but for the user base. It's the 90s tech bubble and "eyeballs" all over again, with the difference that the users aren't just targets for advertisement this time, but also sources of valuable data (and numbers to keep the owners of overinflated public stock placated).

      Oh, and meanwhile there's still plenty of serious tech development going on. Tech rarely makes the news though these days, un
    • Why can't we have a single standard for sending chat-messages, just like we have for e-mail?
      What is so difficult about that?

      • Money

        (and since /. abhors concise answers, did you know that Verizon still doesn't do IMAP?)

      • Why not just use email for it?

        There's a niche in there somewhere for making a chat-style app which IDLE's on a folder of your IMAP account (call it "Chats") and sends messages using regular SMTP (which these days is easily fast enough).

        That gives you - for no effort - P2P picture sharing, compatibility with *every* device and platform in some capacity, and message storage which follows the user.

        • Great idea, actually!

          And I don't think it covers a niche. Everybody already has an e-mail address. And everybody seems to prefer the UI-style of chat apps more than their e-mail client. If people start using this, they can easily invite others by just sending chat-messages to their e-mail address.

          The only problem is social presence information, and information like "user X is typing" (if you would want that), but that could be handled through another channel (using hopefully an open standard). Also making "

    • Watching a Y-Combinator graduation a huge snooze-fest. However you'd be fabulously rich if you discover the true original. Like Twitter rising to to top of hundreds of messaging startups.
  • by Spad ( 470073 )

    Why is everyone seemingly obsessed with trying to produce knock-offs of software that's already in a popularity decline?

    "Is X the next Snapchat?" No, because people are already bored of Snapchat and moving on to whatever the latest tool for sending people semi-anonymous pictures of their genitals is.

    • Simple: they are because of the chance to score big, if what they create scores big with the demographic that's in demand. If you grab even just 10% or so of the current user base of SnapChat, perhaps FB will offer you a cool beeeellion $s for your company. Makes you wonder how smart it was of SnapChat to turn down these multibillion $ offers; things can only go downhill from here.
      • by Rich0 ( 548339 )

        Simple: they are because of the chance to score big, if what they create scores big with the demographic that's in demand. If you grab even just 10% or so of the current user base of SnapChat, perhaps FB will offer you a cool beeeellion $s for your company. Makes you wonder how smart it was of SnapChat to turn down these multibillion $ offers; things can only go downhill from here.

        They're certainly not the first company to turn down offers and go downhill. Owners get greedy, and maybe they really think that their company could become the next Google. Most social media companies are much more likely to become the next myspace, and they should get out while the going is good before their fickle user base jumps to the next fad.

  • by trawg ( 308495 ) on Tuesday February 25, 2014 @09:17AM (#46333503) Homepage

    ... because I can't see anything anywhere else (wtf is this post?) I figured maybe this might be worth mentioning:

    Yesterday Moxie Marlinspike announced a new version of TextSecure: https://whispersystems.org/blo... [whispersystems.org]

    TextSecure is an encrypted messaging tool - currently for Android, but iOS is in the works. It is open source and has a high focus on privacy and security.

    I encourage people to check it out - if you want to Snapchat securely and privately, then using an open source tool that isn't maintained or built by some giant corporatrox that is simply trying to get bought out by Facebook might be a good idea.

  • Hell, we ALL want to be the guy that develops some dumb thing someone else buys for billions of dollars.
  • You might wind up with a bag full of helium over your head.
    https://en.wikipedia.org/wiki/... [wikipedia.org]

    Remember, if you're writing the app to get rich, make sure it's for mobile use only, that way you get a registered phone number and a confirmed human.
    Also make sure the app leaks info like a sieve and write the TOS (which no one reads) to include the fact you're going to use all their post, photos, and contacts.
    The better your app is at data rape, the more Facebook will pay for it.

When the weight of the paperwork equals the weight of the plane, the plane will fly. -- Donald Douglas

Working...