Monthly Archives: January 2008

Plugging SmugMug’s “Hole”

Posted by on January 28, 2008 5 comments

Today a blogger named Philip Lenssen wrote a post on Google Blogoscoped that showed how private but otherwise unprotected SmugMug galleries can be downloaded without the owner’s consent. In the wake of the recent and similar MySpace private pictures hole, this seems like a serious PR problem waiting to happen. How long will it be before someone’s “private” SmugMug pictures get some major unwelcome publicity, and SmugMug along with them? I’m sure someone’s crawling all of SmugMug right now and packaging it up as a Torrent file (and no, not me).

Here’s a quick description of the “hole” as I understand it. All of SmugMug’s galleries use an ID number in the URL. If you want to see someone else’s photos, you just manually change the ID number to something else; it’s as easy as changing a URL from smugmug.com/galleries/1000 to smugmug.com/galleries/1001. As long as the photos are not password protected (which is a separate preference setting), you can view the photos regardless of whether or not the user has marked the gallery itself “private”. Mr. Lenssen goes on to describe that one solution is to change from numeric ID numbers to GUIDs which are non-sequential and almost impossible to guess. DonMacAskill, CEO of SmugMug, has not yet posted about this in his blog (why add to the fire?) posted his thoughts about this already, but an e-mail from him is quoted in the original post, admitting that GUIDs would be preferable:

I’m in completely agreement, that GUIDs would help greatly here, but I’m afraid our system wasn’t built for GUIDs, and retrofitting our code and database to support GUIDs would be an extremely expensive proposition. [...] We’re also very open to change – nearly every feature, bug fix, and enhancement is driven by customer feedback, like yours. If our customers (or potential customers) asked us to adopt GUIDs because this was a bigger issue than we were aware – we would.

I have an alternative and cheap solution for Mr. MacAskill that would solve the guessable URL problem without using GUIDs which would be a minor patch to SmugMug’s web code that doesn’t necessarily require any database change, although it would benefit. It would satisfy one of SmugMug’s design goals for private pictures/galleries, namely that you could send a link to a private item. The suggestion is this: leave the URLs alone, but add a checksum key as a separate parameter based on private hash salt. Read more »

OpenID Is Good For The Mobile Web

Posted by on January 17, 2008 Comments Off

Yahoo! FactToday Yahoo announced that they’re enabling OpenID on 248 million accounts, which unarguably pushes this single sign-on technology into the mainstream. In my opinion, this is also a huge win for mobile web users too, and here’s why:  signing into a mobile website on your mobile is very tedious and painful, and few (if any?) mobile browsers have integrated password management yet. Furthermore, even if you have the patience to tap out your e-mail address and password, some sites won’t take it or throw SSL errors or require JavaScript. For this reason, I have not been able to sign on to mobile Facebook through my Blackjack in, let’s see, ever.

Imagine a web where most sites are now compelled to offer OpenID as an alternate sign-in method (and who will be able to afford ignoring 248 million users?). Suppose that Yahoo makes their OpenID sign-in page incredibly mobile-friendly, a likely scenario. Signing in to web sites through your mobile will become a lot easier, which will in turn make the mobile web that much easier to use and relied upon.

I believe there are three web content related technologies that will help mobile browsing adoption increase dramatically if they become ubiquitous: OpenID (or a standard like it), microformats, and mobile alt links. Let’s see what happens.