TORONTO – Photo and video sharing application Snapchat promises users that shared images are immediately deleted, but new research into the wildly popular app suggests that there are loopholes in the Android version to uncover those deleted images.
Digital forensics firm Decipher Forensics discovered that images taken through the application can be found in a special file-format that prevents the image from being viewed on an Android device, but it’s retrievable when the device is connected to a computer.
Researchers reported that the .NOMEDIA file extension can show when the pictures were sent and can be tied back to the original sender.
Decipher Forensics used two Android devices, a Samsung Galaxy Note 2 and a Galaxy S3, to investigate if there was metadata associated with Snaps and if said Snaps can be recovered when looking through back-end files.
Using AccessData’s Forensic Toolkit, researchers were able to look into the back-end files associated with the application and uncover folders that kept information from the app. Stored in one of those folders, called received_image_snaps, were the images that had been viewed and were expired.
“Each of the images within the received_image_snaps folder had a .NOMEDIA extension appended to the end of the file name,” read the report.
“This was likely done to prevent the images stored within this directory from being placed in the gallery or from being scanned by the media store.”
- Singh mulls TikTok return as U.S. nears potential ban over security fears
- EV sales in Canada rose in recent years despite higher interest rates. Why?
- Possible TikTok ban in U.S. looms after Biden signs bill, setting up legal fight
- 2021 heat dome fuelled by climate change, intensified wildfire risk: study
Snapchat allows users to send pictures and videos that “self-destruct” up to ten seconds after being viewed by the recipient.
The app, which is one of the most popular mobile apps among teens and young adults, sees users share over 150 million photos a day.
Their slogan promises users that photos can be “shared, enjoyed, but not saved.”
But the application has come under fire for its promises as users are still able to take screenshots of photos they’ve received.
Some cases in which explicit photos have been saved via screenshots have ended in police investigations and the risk of criminal charges; for example, students at a New Jersey high school were investigated by police for possible child pornography charges police after explicit images were taken from Snapchat and later posted to Instagram.
The app now warns users that it does not prevent screenshots from being taken.
But researchers at Decipher Forensics believe that their findings may provide new insight on how to investigate these cases.
“This type of information can be very valuable in any investigation, especially one involving exploitation of a minor,” said Richard Hickman, a lead examiner involved in the research, in a press release.
“This research will help law enforcement officials retrieve what has been believed to be unrecoverable.”
Comments