Back in November I noted the “teenagers’ naked self pic sending tool” Snapchat was not to be trusted.
Now it turnes out that the much-(self?)-loved “vanish after reading” feature that supposedly deletes the incriminating and/or pornographic evidence after some number of seconds have expired… actually just renames the “evidence” from .jpg to .jpg.nomedia and stops displaying it in the list of pictures.
So there’s not even any need to take screenshots. The app already does it, and anyone who knows a little about forensics can pull the supposedly no longer extant pictures from the devices in question.
Defense: To paraphrase Eliot Spitzer — “Never talk when you can nod and never nod when you can wink and never trust your smartphone, because it’s death. You’re giving anyone all the evidence they need.”
“The beauty of Snapchat, a popular photo-sharing app, is that photos disappear moments after picture messages are sent. They can never be resurfaced by the sender, and the recipient can’t view the image for more than a few seconds before it self-destructs.
But apparently Snapchat doesn’t actually delete the photos. It just buries them deep inside a device.* A digital forensics examiner named Richard Hickman has found a way to resurface the private pictures on Androids. The finding is similar to a flaw Buzzfeed uncovered in December.
Hickman, 24, took a mobile forensics course at Utah Valley University. During his research there, he discovered that Snapchat stores every photo in a folder called “RECEIVED_IMAGES_SNAPS.” An extension, “.NOMEDIA” is added to each photo file which makes them hard – but not impossible – to find.
“The actual app is even saving the picture,” Hickman tells KSL.com. “They claim that it’s deleted, and it’s not even deleted. It’s actually saved on the phone.”