If the site has 200 million photos, you'll have a lot to sift through. So basically you can download all the photos from SmugMug. Sorry to be so harsh but use some common sense. Wake up!ĭo not post pics you would not want to world to see on the net, stupid! If a person is dumb enough to post personal pics of themselves or family members on the web they get what they deserve. Don and the SmugMug crew are clued-in guys, so hopefully, they'll realize the gravity of this situation and change it immediately. It was easy to then identify the username of the uploader by removing the "This is the kind of security hole that could ruin lives. From there, I found private photos of a naked man taking photos of himself in a bathroom, candid photos of a couple from what appeared to be a vacation or honeymoon, and a topless pregnant woman. Every passably skilled developer would understand about that.Īs Philipp mentioned, it took me about 15 seconds to generate a gallery of images using FlashGot's "Build Gallery" feature. I think there's a discrepancy of information between the CEO (a non-tech?), the support team and the developer team. Most other companies would have changed that ASAP as it's a massive lack of privacy – a problem that could result in judicial hassle. And the only way to solve this issue is by the users. I totally agree with you: This is a high grade problem. Security/privacy by obfuscation (GUIDs) is no security at all but a predictably incrementing ID number? I agree that retrofitting the system to use GUIDs is a bit hard but they should've considered it in the first place since it's a very small investment that would make browsing private pics extremely harder. Forum SmugMug's Private Pics Are Public ( View post)
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |