Because you can never have too many reasons to feel inadequate about your teenage years, we'd like to introduce you to 16-year-old Graham Smith. By day, he's your typical Episcopal School of Dallas sophomore. By night, he's a white-hat hacker who's recently gained notoriety by exposing security flaws in Snapchat.
Calling Smith Snapchat's "nemesis," as The Daily Beast did on Wednesday, is probably something of an overstatement. That title should probably be reserved for whoever orchestrated the massive data breach of the picture-messaging app.
Smith's more like a lonely heckler, shouting unsolicited -- but useful -- advice from the sidelines.
Apparently worried that the privacy protections implemented in the wake of the data breach were inadequate, he cold-called and texted Snapchat co-founder chief technology officer Bobby Murphy, whose number he pieced together using the hacked data, to let him know the app still had major security flaws.
Although the company had promised to tighten security measures to prevent the leak of large quantities of personal data, by setting up dummy accounts and repeatedly using the "Find Friends" feature, Smith was able to pull down 36,000 phone numbers per day.
"When I figured it out, I was surprised at how simple it was," Smith told ESD's communications department. "Your average person could probably figure it out."
He posted his findings on his blog, which appears to be down for the moment.
We Believe Local Journalism is Critical to the Life of a City
Engaging with our readers is essential to the Observer's mission. Make a financial contribution or sign up for a newsletter, and help us keep telling Dallas's stories with no paywalls.
Support Our Journalism
He related all this to Murphy, who promised to look into it. Snapchat told the Washington Post last week that it's investigating and making improvements.
Smith, though, isn't satisfied, saying the company hasn't gone far enough. He plans to continue poking at Snapchat, searching for vulnerabilities.
"I don't want to be the bad guy," Smith tells The Daily Beast. "I just want to make sure users are getting the end of the bargain, that their user information is safe."
Send your story tips to the author, Eric Nicholson.