[BWStearns]

This is a bit of a tangent, but I think it get's at the more interesting part of this question.

I ended up following a link to another sec.se thread where the idea of secure program obfuscation was discussed.[0] I feel embarrassed for having missed this but it appears that there exists on a theoretical level a manner of solving snapchat's woes.

The wired article ([0][0]) seems to suggest that it would be impractical at the moment due to resource constraints, however I also haven't had a minute to read the paper ([0][1]) yet as it is quite near morning and I need to get to sleep.

On a related tangent, the thing that sprung to mind about this new technique in obfuscation was the potential for using keyed APIs easily from the browser without having to bother the primary site's servers at all. Clearly very far away from there however.

Also, wouldn't secure obfuscation enable a lot of malware to evade detection by most current av programs?

[0][0]http://www.wired.com/wiredscience/2014/02/cryptography-break... [0][1]http://eprint.iacr.org/2013/631.pdf

[deutronium]

While I agree that is amazing, it still wouldn't solve SnapChat's problem. Because once the image is decrypted and displayed to the user, you can easily copy it from memory and store it indefinitely.

[jevinskie]

Whitebox crypto, by itself, doesn't protect against this attack. What you end up doing is lifting the decryption code (wholesale, machine code level) from the SnapChat app and run that in your SnapChat decryption app. Your whitebox crypto code must now have anti-tamper defenses like hashing the rest of the SnapChat code to make sure it is there.

[Retric]

Not really, if the program looks sufficiently random it's probably malware. Don't forget false positives are ok as long as the user can decide to allow things to pass you can also flag programs as ok just as easily as you can flag them as malware.