If you lost 4.6 million user names to hackers, didn’t really have an answer for why or how you prevent the same thing happening again, and have absolutely no path to revenues, profitability, or whatever constitutes a real business, would you be kind of a dick about your business lacking some basic security?The story so far:
Gibson Security identified a flaw in Snapchat’s APIs that would allow someone malicious, or otherwise, to correlate user names to actual phone numbers, real personal information, and other social media accounts.
This is a vulnerability in Snapchat APIs, which is probably where you should be putting most of your efforts when it comes to security.
The initial reaction from Snapchat was petulant:
Occasionally computer security professionals and other helpful people reach out to us about potential bugs and vulnerabilities in Snapchat. We are grateful for the assistance of professionals who practice responsible disclosure and we’ve generally worked well with those who have contacted us.
This week, on Christmas Eve, a security group posted documentation for our private API. This documentation included an allegation regarding a possible attack by which one could compile a database of Snapchat usernames and phone numbers.
Then, the follow up to that is a big middle finger to everyone because, it essentially says, Sh*t happens, get over it, people, we are the great Snapchat.
The CEO and co-founder of Snapchat, Evan Spiegel, is, by all accounts, a bit of dick. I don’t know him, but if all you have to do is read this profile of the guy on CNet. And I quote:
“I am a young, white, educated male. I got really, really lucky,” Spiegel said in April. “And life isn’t fair. So if life isn’t fair — it’s not about working harder, it’s about working the system.”
Dude has some serious issues and needs a good spanking from daddy or mommy.
It also appears that he may be one of the 4.6 million victims of the recent hack so, karma’s a bitch, but it’s our bitch. Spiegel is denying it, but his has irked the hacker community who are freely exposing Snapchat’s weaknesses in their altruistic desire to see the company get more serious about security.
The way the world is these days, he will probably get more than $3 billion for the company. Won’t change the person. Won’t change the karma. Won’t change everyone around him waiting to cash out.