SmugMug Security Hole?
darryl
Registered Users Posts: 997 Major grins
Well, kind of, but not really, if you've been a SmugMug user for a while:
http://blogoscoped.com/archive/2008-01-28-n59.html
http://blogs.smugmug.com/don/2008/01/28/your-private-photos-are-still-private/
http://blogs.smugmug.com/don/2008/01/28/first-two-security-winners/
As I commented on Don's last post, I really would love a little transparency into the "hacks" used to win the prize. Especially if the holes have now been fixed.
I've known about the CNAME redirect for awhile, but never really considered it a bug, since I actually am looking for a way to *find this information*.
Anyways, interesting stuff though. I'm bummed I missed my chance to make some money!
http://blogoscoped.com/archive/2008-01-28-n59.html
http://blogs.smugmug.com/don/2008/01/28/your-private-photos-are-still-private/
http://blogs.smugmug.com/don/2008/01/28/first-two-security-winners/
As I commented on Don's last post, I really would love a little transparency into the "hacks" used to win the prize. Especially if the holes have now been fixed.
I've known about the CNAME redirect for awhile, but never really considered it a bug, since I actually am looking for a way to *find this information*.
Anyways, interesting stuff though. I'm bummed I missed my chance to make some money!
0
Comments
I'd suggest that over here: http://www.dgrin.com/showthread.php?t=82969
would be a neat place to carry on some discussion.... thanks so much!
Portfolio • Workshops • Facebook • Twitter