SmugMug has a privacy leak, CEO says "I’m afraid our system wasn’t built for GUIDs"
Memo to CEOs: When you have a privacy or security leak, admit it, fix it, and move on.
There’s a hilarious story over on Google Blogoscoped about a massive privacy leak on SmugMug and the company’s attempts to deny that it’s a bug or could be easily fixed. Such denials were popular in years past but most companies have learned better.
The hole is that the "private" galleries over on SmugMug have easily guessable URLs like http://www.smugmug.com/gallery/4210001, http://www.smugmug.com/gallery/4210002, etc, so it’s easy to enumerate and crawl all of the private galleries.
This is easy to fix– just include a long, unguessable identifier in the URL (a GUID like b87ef4f0-d03e-11dc-95ff-0800200c9a66, for example.)
When informed of the problem, SmugMug called it expected behavior and claimed that the guessable URLs were essential to sharing.
Thanks for writing. This is expected behaviour. A private gallery just means that that gallery will not show up on your Smugmug homepage but it is accessible by knowing the direct URL to it.
The CEO added that their system "wasn’t built for guids" and that it would be an "extremely expensive proposition" to add them. Classic!
1 Comment so far
Leave a comment
Extremely expensive proposition?! That is their reasoning? Sheesh… This sounds like a definite problem that they need to do something about. Even if they don’t see it as an issue, wouldn’t they want to do something to save face and not damage their reputation? This is why I try to stick to sites that really spell out their stance on privacy (yay pixamo, nay Facebook- although Facebook does spell it out, just sort of hidden!)
By Jeff on 02.01.08 2:35 pm
Leave a comment