|
|
|
|
|
|
by kowdermeister
4563 days ago
|
|
|
Totally agree. Documenting and discovering an API is far from calling it an exploit. The document is also concerned about SnapChat's relationship with investors and the person of the founder, which is odd in a security paper. GibSec's other work is another SnapChat analysis, which I find odd. Maybe he/she wants to work there? :) |
|
|
We documented two exploits, which are exploits, because we are exploiting code that has been incorrectly implemented.
We also noted that Snapchat must have lied to Goldman Sachs (is this what you were referring to?), as we noticed during our research that there is no mention of gender in the protocol.
Does that answer any questions?