gallery URL and discovery of private galleries..

jmpsmashjmpsmash Big grinsRegistered Users Posts: 33 Big grins
edited September 28, 2006 in SmugMug Support
i have a question concerning the design of the private gallery URL.

if i understand it correctly, the URL contains a global gallery sequence number. anytime any customer create a new gallery, the sequence increments.

the problem i have is that that allows very simple discovery of other people's galleries, regardless of whether those galleries are private or not.

i suggest using a more secure way to name these folders. a secure hash or something like that will prevent easy discovery of users' private galleries.

Comments

  • jfriendjfriend Scripting dude-volunteer Registered Users Posts: 8,097 Major grins
    edited September 27, 2006
    jmpsmash wrote:
    i have a question concerning the design of the private gallery URL.

    if i understand it correctly, the URL contains a global gallery sequence number. anytime any customer create a new gallery, the sequence increments.

    the problem i have is that that allows very simple discovery of other people's galleries, regardless of whether those galleries are private or not.

    i suggest using a more secure way to name these folders. a secure hash or something like that will prevent easy discovery of users' private galleries.

    Gallery numbers do appear to be guessable sequence numbers. I just created two galleries and they were assign sequential numbers. Similarly, you can cycle through numbers and see all sorts of galleries.

    Private galleries are really just "unlisted" galleries (in the same sense as an unlisted phone number). They are not secure and are discoverable by chance. If you want security, then you need to use some other protection mechanism (probably a password).

    Smugmug could randomize and lengthen the numerical space for private galleries and thus make it a lot more difficult to guess or discover. If it becomes a sufficiently large and random numeric space, then it does start to make a difference. It would also help if it was required to match the right domain with the private gallery ID before you could see it. Then, you'd have to have both the gallery number and the user name before you could discover something.
    --John
    HomepagePopular
    JFriend's javascript customizationsSecrets for getting fast answers on Dgrin
    Always include a link to your site when posting a question
  • cabbeycabbey SmugMug Sorcerer Wilsonville, ORRegistered Users Posts: 1,053 Major grins
    edited September 28, 2006
    It would be very nice if private galleries were only accessible when the domain name part of the url was "correct"... so if for example if http://cabbey.smugmug.com/gallery/727491 was private, then http://www.smugmug.com/gallery/727491 or http://jimbob.smugmug.com/gallery/727491 would fail to load.

    (and what do you think the odds are that after incrementing gallery numbers from one of mine, just a couple valid gallery numbers away was another gallery shot right here in town? gotta be astronomically small.)
    SmugMug Sorcerer - Engineering Team Champion for Commerce, Finance, Security, and Data Support
    http://wall-art.smugmug.com/
  • AndyAndy Bicameral New YorkRegistered Users Posts: 50,154 Major grins
    edited September 28, 2006
    cabbey wrote:
    It would be very nice if private galleries were only accessible when the domain name part of the url was "correct"... so if for example if
    But then we couldn't have hide owner galleries, and also nickname changes would break links, and CNAME would go out the door... so there are many reasons why it must be this way.

    As John Friend suggested, passwording will lock them down. Private makes them unsearchable, and keeps them off your homepage. Are they "guessable?" Sure, I guess....
  • EphemeralEphemeral Big grins Registered Users Posts: 34 Big grins
    edited September 28, 2006
    Andy wrote:
    But then we couldn't have hide owner galleries, and also nickname changes would break links, and CNAME would go out the door... so there are many reasons why it must be this way.

    As John Friend suggested, passwording will lock them down. Private makes them unsearchable, and keeps them off your homepage. Are they "guessable?" Sure, I guess....

    Surely you could implement some kind of hashed or GUID gallery number?
  • dogwooddogwood pixel hack Registered Users Posts: 2,572 Major grins
    edited September 28, 2006
    if your photos are that secret...
    Ephemeral wrote:
    Surely you could implement some kind of hashed or GUID gallery number?
    ... probably posting them on the internet is not such a good idea. I know that sounds kind of like I'm being a jerk, but honestly, I'm a huge privacy advocate. I use passwords and the private gallery function here with a grain of salt-- I would never, ever post a photo I didn't want anyone to see. Email, the internet, phone calls-- all that-- they're simply not private.

    Anyway, do you have a specific example of people finding your photos using the sequential gallery number method? And were they able to do that with a password protected gallery? I guess what I'm asking (and being sincere here as a privacy advocate) is what is problem with how it's done now? I'm really curious.

    Portland, Oregon Photographer Pete Springer
    website blog instagram facebook g+

  • 3rdPlanetPhotography3rdPlanetPhotography Banned User Banned Posts: 920 Major grins
    edited September 28, 2006
    One of the reasons I've asked for another option on the galleries!

    We need to have an option to make gallery Unavailable!

    When the URL is then accessed the customer would get a screen saying this gallery is Unavailable or does not exist. Now it appears the gallery has been deleted. It's a REAL PAIN to create a new gallery, make it private, and move all the photos.

    eek7.gif
Sign In or Register to comment.