Snapchat is user disempowerment patterns taken to their logical conclusion: The developer has full access to all their data, while the users have none.
The other big players have been moving in that direction, making it less and less accessible and exportable, but Snap takes the cake.
> The other big players have been moving in that direction
Not so, TikTok actively lets you download videos in a convenient format. I think that helped it grow too, since they embed a watermark and add a splash screen at the end. Certainly that's how I first found out about the platform. That said, this seems to be disabled in some regions (not sure if you can opt in).
>We don't need any forensics tools. We can simply use adb pull to fetch the files because they are never deleted. But once you logout from the app and after Snapchat deletes the Snaps, you will need the right forensics tools to recover the files.
This feels like a bug, no? I don't see any logical reason for Snapchat to keep the files around that long.
App developers on Android rarely bother to clean their app caches. Open Apps in settings, sort by size, check top entries and you'll be surprised. Explain to me why the hell does Instagram need 500 MB of cache.
Kind of a bummer I don't know of any method to mass clear cache data of all apps on my non-rooted Galaxy S8. It'd save a lot of space and was possible on ancient HTC phones with Android 2.3.5.
Edit: I experimented with wiping cache partition in recovery mode, but this ain't it - as the name suggests it's a separate partition.
If an app can accumulate 500MB of cache without pain to the app developer, I suspect cache management programming will remain a practice&skill mostly only for only systems programmers and the more bespoke backend programmers.
I assume Insta invests in engineering for whatever cache expiration they do. And if there's 500MB cache, probably it's a conscious engineering decision.
But maybe the majority app developers, if they could fill up cache, probably aren't thinking that far ahead -- not thinking about that non-visual, non-customer-story aspects. So most wouldn't have occasion to learn how to do cache management sufficiently well that they don't cause stability or performance problems.
The Reddit android app seems to quickly balloon up to 500MB of storage and some more cache on top of that. I genuinely don't know how they do it.
I think there could be a real watershed moment in a few years as companies realize that rising to the technological challenge isn't actually that expensive or even difficult if you hire people with the right combination of arrogance and brains. Rage against the latrine.
At the end of the day, the data has to live somewhere. If not on disk, then in memory or straight from the network. If the device is rooted, then the user would technically have access to any of these, so it doesn't really matter.
I don't think an app has the kind of low level access required to actually wipe something from memory. Unless android has an API with a function to do so. I assume you are just telling the OS to delete the file and the OS does that however it normally does that. Truly wiping a file from storage requires overwriting it with random data.
That doesn't seem to be the case here, because the files are actually deleted once the user logs out of Snapchat. So it's obviously the Snapchat app itself that is triggering the file deletion, not the OS.
With wear leveling and modern filesystems, it's harder than that actually overwrite the file on disk (for modern definitions of the word disk). The operating system will ask the storage device to delete the data, but there aren't actually guarantees that the storage device actually listened to the operating system's request to delete the data.
Does anyone else remember when it was possible to extract snapchat messages that haven't been viewed yet because they had some ridiculously easy to find encryption key, hardcoded in the app? It was found running 'strings' and trying each one for the key and boom, one little script and you could just do this really easy for a long time even after knowledge of how to do it had been made public. This was so long ago, not sure what they did to change this at all -- No surprise at all they don't random-out the files here.
> Does anyone else remember when it was possible to extract snapchat messages that haven't been viewed yet because they had some ridiculously easy to find encryption key, hardcoded in the app?
In ~2016 on Android, incoming messages that haven't been read yet weren't encrypted at all. You could just look at the app's SQLite database and find the message contents somewhere in the message table. The sending party would never known you had read it.
This is neat but I suspect its practical value isn't that high. The type of people who want permanent access to incoming snaps just run screen recorder software.
Readit News
The other big players have been moving in that direction, making it less and less accessible and exportable, but Snap takes the cake.
Not so, TikTok actively lets you download videos in a convenient format. I think that helped it grow too, since they embed a watermark and add a splash screen at the end. Certainly that's how I first found out about the platform. That said, this seems to be disabled in some regions (not sure if you can opt in).
This feels like a bug, no? I don't see any logical reason for Snapchat to keep the files around that long.
Kind of a bummer I don't know of any method to mass clear cache data of all apps on my non-rooted Galaxy S8. It'd save a lot of space and was possible on ancient HTC phones with Android 2.3.5.
Edit: I experimented with wiping cache partition in recovery mode, but this ain't it - as the name suggests it's a separate partition.
I assume Insta invests in engineering for whatever cache expiration they do. And if there's 500MB cache, probably it's a conscious engineering decision.
But maybe the majority app developers, if they could fill up cache, probably aren't thinking that far ahead -- not thinking about that non-visual, non-customer-story aspects. So most wouldn't have occasion to learn how to do cache management sufficiently well that they don't cause stability or performance problems.
I think there could be a real watershed moment in a few years as companies realize that rising to the technological challenge isn't actually that expensive or even difficult if you hire people with the right combination of arrogance and brains. Rage against the latrine.
Deleted Comment
In ~2016 on Android, incoming messages that haven't been read yet weren't encrypted at all. You could just look at the app's SQLite database and find the message contents somewhere in the message table. The sending party would never known you had read it.
Deleted Comment
Deleted Comment