Register Members List Social Groups Search Today's Posts Mark Forums Read  
Computer Forums

Member Login

Remember Me? Sign Up! | Forgot Password
 
Slogan
 
Computer Forums > PC Technology Zone > Windows Operating Systems and Software > Tips, Tricks & Tutorials » Private Galleries can be accessed at Smugmug
Closed Thread
LinkBack Thread Tools Display Modes
 
Old 01-28-2008, 11:01 AM   #1 (permalink)
Osiris's Avatar
 

Join Date: Jan 2005

Location: Kentucky

Posts: 31,689

Osiris is a jewel in the roughOsiris is a jewel in the roughOsiris is a jewel in the rough

Send a message via ICQ to Osiris Send a message via AIM to Osiris Send a message via MSN to Osiris Send a message via Yahoo to Osiris Send a message via Skype™ to Osiris
Default Private Galleries can be accessed at Smugmug
If you would use an image host, put up some of your images and set them to private, would you expect them to be still accessible by anyone ? This is apparently the case over at Smugmug where a private setting simply means that the pictures and image galleries are not directly linked from the homepage anymore but can still be accessed by simply entering the url directly in the browser address bar or download manager.
The real problem arises because files are named sequentially at Smugmug which means that anyone with just a little bit of technical knowledge will be able to download all images from all galleries set to public and private. The only galleries that are not accessible are the password protected ones obviously.
The urls for the galleries can be accessed by opening a url starting with http://www.smugmug.com/gallery/*, for example DoloMike : photos : Agents of Man @ Connections in Clifton 1/31/03- powered by SmugMug, SmugMug Photo Sharing. Your photos look better here. in your browser. Pictures can be accessed directly by loading http://www.smugmug.com/photos/*-M.jpg in your browser where * is a number between 1 and x. So, everyone can access pictures like http://www.smugmug.com/photos/1000-M.jpg, http://www.smugmug.com/photos/10001-M.jpg and so on.
Google Blogoscope who discovered this loophole contacted Smugmug and received a reply that was not that satisfactory. According to CEO Don MacAskill this is the intended way it should work:
First of all, we view security and privacy as two separate, but related, issues. Security is like locking your front door (no-one can get in with out a key) and privacy is like closing your window drapes (no-one can look in from the outside, but you can tell people where you live and they can visit without a key).
At SmugMug, the feature you’re talking about, private galleries, falls under the privacy umbrella, not security. It’s intentionally designed so that you can “tell other people” about your photos (share a URL in an email, embed or hyperlink on your blog or message forum, etc) without having to share something like a password. Only people you’ve shared this URL

Private Galleries can be accessed at Smugmug : Welcome To Tech-Dump

__________________
Osiris is offline  
 
Closed Thread

« Extend the Windows Clipboard | Batch Download Pictures from sites like Smugmug »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

Similar Threads
Thread Thread Starter Forum Replies Last Post
Myspace Private Profile Picture Leak Osiris Browser & General Internet Questions 8 01-26-2008 05:01 PM
WoW private server question... atomic tofu PC Gaming 14 11-02-2007 02:47 AM

Contact Us - Computer Technology Forums - Archive - Top

 

All times are GMT -5. The time now is 04:34 PM.
Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2009, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.3.2 Copyright ©2002-2009, Tech-Forums.net
vBulletin skin created by Baez & Baez Computers Inc.   |   Contact Management Software and AAOutlook 		Log Out Unregistered