The Epic Tragedy of Snapchat

Greek tragedies were seeded in the legends passed on through generations long before written language. This folklore evolved with books and theatre. Themes typically revolve around heroism, lust, fate, and flawed judgment. These tragedies contained Ethos or “life lessons” beneath the surface.

The Epic of Snapchat began like many California IT start-ups. Brilliant idea, college drop-out, business in living room becomes mobile app with exponential popularity. Snapchat’s self-destructing image and message sharing was a hit with the youth, who were concerned that private messages do not always stay private. Twitter and Facebook copied the idea of short video sharing, but lacked the key ingredient of imploding messages.

In November 2013, Facebook offered $3 billion in cash to buy Snapchat…and they said NO. 23 year-old CEO Evan Spiegel wanted more. The free service had continued to increase subscribers with the addition of the popular “Find Friends” function. With one-click, Apple and Android app users allowed Snapchat to download their entire phone’s contact list so snapchat could match their profiles and message others to join as friends. What could go wrong? (See Prometheus Bound *Spoiler Alert* his defiance of the gods earns him eternal punishment).

Months earlier, IT security group Gibson Security, found the Achilles’ heel in Snapchat’s “Find Friends” back-end servers and privately notified the company. Time passed with no response to this gaping security flaw as word among hackers spread that Snapchat privacy was a myth. Not wanting someone else to take credit for his work, Gibson published information on vulnerabilities in late August describing how snapchat’s API gave anyone the ability to create an unlimited number of accounts, then upload an unlimited “contact list” to discover matched accounts (even those specifically marked as private). Three months later Gibson still had not had received a response, so he released step-by-step instructions to exploit Snapchat on Christmas Day 2013.

On December 27th, Snapchat responded on their blog with what can only be described as defeat.

Article Continues Below

“Theoretically, if someone were able to upload a huge set of phone numbers, like every number in an area code, or every possible number in the U.S., they could create a database of the results and match usernames to phone numbers that way.”

Unwilling to shut-down and patch the system, the inevitable happened four days later as 4.6 million Snapchat usernames & phone numbers leaked online on a now defunct website. Leaked data is in the public domain, so consider it available to all. Working scripts can still be found online. (See The Bacchae *Spoiler Alert* Pentheus’ mother rips off his head).

Some recruiters may not see the connection (See Logos) between IT security and the future of our industry. IT security affects all sourcers and recruiters who may find candidates unwilling to share information. Information is our currency. Recruiters trade information about ongoing/upcoming projects with prospects in exchange for details about their responsibilities, accomplishments, and teams. Future legal changes, privacy policies, and corporate governance will influence how we do business. The Epic Tragedy of Snapchat is ripe with Ethos.

  • Accept all advice
  • Plan for unforeseen outcomes
  • Keep your enemies close
  • When someone offers you $3 Billion in cash, Take the money and run

Aaron Lintz has architected and implemented ATS systems, recruiting processes and reporting/analytics systems. Aaron is known for innovative sourcing methods, having presented at SourceCon many times, including a keynote session at the Spring 2018 conference. Aaron also serves as an advisor for SourceCon and volunteers his time speaking at many other significant events around the world. Understanding his approach and tactics will be beneficial to all recruiting practitioners and managers.

Topics