Just do it!
Ugh. You should've just rolled it out silently. I bet nobody would've even noticed. How's that phrase go? "It's easier to ask forgiveness than ask permission."
Now you've got all the pros and paranoids riled up and it'll never happen and my 47 thumbs will still take forever to load. :-{
I've got a selfish reason why I'd like to see thumbs served fast and unprotected. I have a mini-slideshow that I liked to run for our school's website, but last year I was required to password protect my school photos - no more mini-slideshow. But with the thumb-size available, I could get the slideshow going again. I don't think that the password requirement, in my case, applies to images that small.
Create a second gallery and put the thumbnail sized pics in there. Extra work but it gets you a solution in the meantime.
Ugh. You should've just rolled it out silently. I bet nobody would've even noticed. How's that phrase go? "It's easier to ask forgiveness than ask permission."
Now you've got all the pros and paranoids riled up and it'll never happen and my 47 thumbs will still take forever to load. :-{
Precisely my point. And it´s not only so to the eyes of the law, It´s to the eyes of the "perpetrator" too. When there was the blog post about Smugmugs security issues in the beginning of the year (the one that ended up in implementing keys on urls) I bet many of you (as I did) tried out different urls, just to se what came up (maybe those skinny dipping shots that were mentioned in the post). I didn´t feel I was doing anything wrong, after all if the photos were accessible via a link then they were public. But if the post said "I hacked into so and so´s account, here is the url and passoword" I bet many people would not click (I wouldn´t) because it just feels wrong.
This is just to illustrate the point that the semantic issue of public/private caused by the existance or not of a password (easy or not) is extremely relevant to the point. I will only consider my photos private if they have a password. I bet most of society feels that way too. And I´m glad for the hard to guess urls because they increase security, but it´s the easy to guess password that makes things private.
It´s like with the cops. They need a warrant to look inside my house but they can look freely into my open garage or in my trash. After all it´s in "plain sight". Unpassworded galleries (even though hard to find) are technically in plain sight.
Robert
As I see it... All tiny/thumbs/photos are public. Some are protected by "password". Some are protected by "hard to find URLS". What is the difference? We know the password or create it. The only thing we need to do to make a "hard to find URL" into a password is... make it known to us. Then it becomes a password... and a very good password.
Then all legal matters become moot... because we now have Super-Passwords.
As I see it... All tiny/thumbs/photos are public. Some are protected by "password". Some are protected by "hard to find URLS". What is the difference? We know the password or create it. The only thing we need to do to make a "hard to find URL" into a password is... make it known to us. Then it becomes a password... and a very good password.
Then all legal matters become moot... because we now have Super-Passwords.
btw... I'm in favor of the change.
Ron
This whole argument is not just about the ability to guess a password vs. an URL. When thumbnails are allowed to be cached around the internet, that means they sit on hard drives where people in the companies who run those caches could go look at them. Further, those caches may have logging that records URLs so these unique, hard to guess URLs might be sitting in a bunch of logfiles somewhere.
In addition, we know that ISPs all over the world are talking about selling your browsing habits to advertisers so they can serve more targetted ads. The only way they can do that is by collecting where you go on the internet and storing it somewhere, yet another place where these "hard to guess" URLs are stored.
Passwords, on the other hand, are only transmitted via SSL and thus cannot be cached or logged by any infrastructure party or ISP on the internet other than Smugmug.
This whole argument is not just about the ability to guess a password vs. an URL. When thumbnails are allowed to be cached around the internet, that means they sit on hard drives where people in the companies who run those caches could go look at them...
I don't really understand the concern. When you talk about thumbnails being cached, are you talking about at ISPs or by search engines? The gallery with non-password-protected thumbnails will still be password protected. Search engines won't be able to get in to see the URLs to the thumbnails, so they remain protected.
If you're talking about caching at an ISP, that can happen right now, can't it? Once you enter your password, your ISP is serving those thumbnails to you. If they want to see em, they can. If they want to cache them, what stops them now?
I can barely find my public, keyworded, captioned pictures on search engines when I specifically try. I'm not too worried about thumbnails from password protected galleries "getting out."
I don't really understand the concern. When you talk about thumbnails being cached, are you talking about at ISPs or by search engines? The gallery with non-password-protected thumbnails will still be password protected. Search engines won't be able to get in to see the URLs to the thumbnails, so they remain protected.
If you're talking about caching at an ISP, that can happen right now, can't it? Once you enter your password, your ISP is serving those thumbnails to you. If they want to see em, they can. If they want to cache them, what stops them now?
I can barely find my public, keyworded, captioned pictures on search engines when I specifically try. I'm not too worried about thumbnails from password protected galleries "getting out."
Dave
Some good points that I hadn't thought of. I'll give you most of them.
The difference is that once someone knows the secret URL of the thumb, they can get to all the image sizes you have available for that image. You just change the suffix on the URL to get to any size.
For a password protected gallery, they still need the password (which they don't have) to get to anything other than the thumbs. The password system does provide more security than just the URLs because the password is required to access larger sizes, yet it is not disclosed in the clear to infrastructure providers during browsing. Of course, there are cookies going in the clear which grant access to galleries and I have no idea how secure they are or aren't from man in the middle interception. Cookies, though are usually not cached or logged like URLs often are.
The difference is that once someone knows the secret URL of the thumb, they can get to all the image sizes you have available for that image. You just change the suffix on the URL to get to any size.
No No No No Nooooooo!
The way the system works right now is that if you try to load an image (blahblahblah-Ti.jpg for example), smugmug checks to see if that image is in a password protected gallery before serving it out to you. That applies to ALL image sizes.
The only change they want to make is to stop checking whether or not thumbnails are password protected. They will still check for the larger sizes. Each time they do that check, it takes a little longer for the image to load.
This is important because we rarely load pages with lots of big images. We load pages with lots of thumbnails all the time though. If you could skip that one security check, each thumbnail would load faster. The cumulative effect would be that the page loads faster.
If you got the URL to a thumbnail somehow... not an easy task since that URL is only referenced in a password protected gallery... you could see THAT thumbnail and nothing else.
Keep in mind... for "unlisted" galleries with no password protection, this change has no effect.
The way the system works right now is that if you try to load an image (blahblahblah-Ti.jpg for example), smugmug checks to see if that image is in a password protected gallery before serving it out to you. That applies to ALL image sizes.
External linking also needs to be disabled. Just password protecting your gallery does not prevent direct access to your photos via url manipulation.
External linking also needs to be disabled. Just password protecting your gallery does not prevent direct access to your photos via url manipulation.
"access to your photos"
I think with external links on you only can see the PHOTO not gallery photos.
The photo link does not expose the gallery link, which you need the PW for.
The way the system works right now is that if you try to load an image (blahblahblah-Ti.jpg for example), smugmug checks to see if that image is in a password protected gallery before serving it out to you. That applies to ALL image sizes.
The only change they want to make is to stop checking whether or not thumbnails are password protected. They will still check for the larger sizes. Each time they do that check, it takes a little longer for the image to load.
This is important because we rarely load pages with lots of big images. We load pages with lots of thumbnails all the time though. If you could skip that one security check, each thumbnail would load faster. The cumulative effect would be that the page loads faster.
If you got the URL to a thumbnail somehow... not an easy task since that URL is only referenced in a password protected gallery... you could see THAT thumbnail and nothing else.
Keep in mind... for "unlisted" galleries with no password protection, this change has no effect.
Dave
I don't know exactly what you're responding to Dave. My very posting says what you said. Password protected images require the password for larger sizes (only if external linking is off), unlisted images do not.
External linking also needs to be disabled. Just password protecting your gallery does not prevent direct access to your photos via url manipulation.
And, NO CUSTOMER KNOWS THIS.
IMO, this is a clear miss in terms of meeting customer's expectations for security. When an option is required to deliver the security the customer expects and no customer knows that, then the feature is not delivering the security that customers expect. Customers would expect access to images to require the password. They would have no idea that this only requires the password if they turn external linking off.
I've had a similar conversation via email with Dustin and Andy, but I am unsure if people agree that something should change.
They sure know it in spades when their photos don't show up in blogs, forums, ebay auctions, etc.
Still, we'll see what might be able to be done.
No customer should have an expectation that a photo in a password protected gallery could be linked into a forum posting. That should have never worked in the first place and everybody would have understood if it never worked in the first place. If you want a non-public photo for external linking, use an unlisted gallery. It's perfect for that.
Now that you've left it this way for a long time, I'm sure some customers have ended up using it so you're stuck in a bad spot. But, believe me, many customers think they have more security than they do because they put a password on and figured that there would be no access allowed to the photos in the gallery without the password, when that is not really the case.
No customer should have an expectation that a photo in a password protected gallery could be linked into a forum posting. That should have never worked in the first place and everybody would have understood if it never worked in the first place.
Agree completely.
0
BaldyRegistered Users, Super ModeratorsPosts: 2,853moderator
No customer should have an expectation that a photo in a password protected gallery could be linked into a forum posting. That should have never worked in the first place and everybody would have understood if it never worked in the first place.
I have a great deal of respect for your point of view, but when we defaulted external links to off for passworded galleries, it was unmanageable. We lost too many customers to PBase and others because "SmugMug's external linking doesn't work. They claim you can post your photos in forums but I tried it and it didn't work."
I tried various help page tweaks, warnings, explanations, and forum postings but finally caved. It became clear that only a very advanced user could understand or care why we thought external links should default to off for password-protected galleries. Some people were very angry that we took it upon ourselves to change their external linking policy just because they changed their gallery to password-protected, embarrassing them publicly with broken images.
Imo, weak passwords and social engineering are the low-hanging fruit for people who want to break into galleries, not guessing a very obscure key.
I have a great deal of respect for your point of view, but when we defaulted external links to off for passworded galleries, it was unmanageable. We lost too many customers to PBase and others because "SmugMug's external linking doesn't work. They claim you can post your photos in forums but I tried it and it didn't work."
I tried various help page tweaks, warnings, explanations, and forum postings but finally caved. It became clear that only a very advanced user could understand or care why we thought external links should default to off for password-protected galleries.
Imo, weak passwords and social engineering are the low-hanging fruit for people who want to break into galleries.
You have to run your business the way you want to run it. But proper implementation of security is one area where I typically look for other ways to solve the problem rather than compromising the design to suit the needs of the lowest common denominator.
Do you realize that when a gallery is password protected, external links are on and they've chosen a thumbnail for the gallery with feature photo that I can see any available size of that photo without supplying the password. Is that not a problem?
There's probably a way to view it even when external links are disabled (because there's no perfect way to implement external linking controls), but I haven't done the homework to figure that one out yet.
You have to run your business the way you want to run it.
Actually, I'd love to turn off external links if we could, but we haven't figured out how to do it in a way we can scale from a help-desk perspective.
You probably remember this, but for a long time we didn't allow thumbnail images on password-protected galleries. There were lots of feature requests to get them. One idea was to require that the thumb be public like Zenfolio does, but we couldn't seem to get much interest in that. The common response was, "I don't know who would make a sensitive image the featured one."
I suppose one idea would be to provide a warning dialog each time you feature a thumb on a passworded gallery, same if you set a password on a gallery that has the featured thumb set.
In comparison to feature requests like coupons, I think it goes without saying this feature would get maybe a thousanth of the interest.
Actually, I'd love to turn off external links if we could, but we haven't figured out how to do it in a way we can scale from a help-desk perspective.
You probably remember this, but for a long time we didn't allow thumbnail images on password-protected galleries. There were lots of feature requests to get them. One idea was to require that the thumb be public like Zenfolio does, but we couldn't seem to get much interest in that. The common response was, "I don't know who would make a sensitive image the featured one."
I don't think I was around or using password protected galleries back then. I don't remember any of the discussion.
I suppose one idea would be to provide a warning dialog each time you feature a thumb on a passworded gallery, same if you set a password on a gallery that has the featured thumb set.
That's a work-around for an improperly set security expectation. That would be messy. If access to the larger sizes required the password, you wouldn't have to do any of that.
In comparison to feature requests like coupons, I think it goes without saying this feature would get maybe a thousanth of the interest.
Come on now. You know that security issues get judged on a different scale because when a few web articles about them get written, they can seriously mess with your reputation. This can happen even when the issue isn't very important or the vulnerability isn't very real world. So, you have to judge it both ways. How many customers would care about this issue if they really understood it? And, how bad would it be to our reputation if a bunch of articles were written about it. Judging it only by how many customers care about it when they mostly don't understand it is far too limiting.
Certainly, you remember articles like this. Before that was written, you could probably only find 10 customers who would rank imageKeys highly and very, very few would have prioritized them at all, but a few web articles pushed you to action. I'm not saying this issue is that level, just that (as you know) security issues can affect your reputation and impact you in ways that other missing features cannot so you use a different razor for deciding which ones to pay attention to.
My measure of whether I need to deal with a security issue includes the following:
If I have a weakness, then how would I feel if a big article was written about the weakness in a major publication? If I would be OK with explaining away the weakness and even being interviewed about it, then it can stand the way it is. If I would feel like I had to change something in order to protect the company reputation, then I figure this is a weakness that needs to get addressed as soon as practical.
My measure of whether I need to deal with a security issue includes the following:
If I have a weakness, then how would I feel if a big article was written about the weakness in a major publication? If I would be OK with explaining away the weakness and even being interviewed about it, then it can stand the way it is. If I would feel like I had to change something in order to protect the company reputation, then I figure this is a weakness that needs to get addressed as soon as practical.
If you allow long lifetime caching in browsers and on the edge, how does replace photo work? It seems like I could replace the photo on my site and things linking to it (blogs, forum postings, web pages, etc...) wouldn't see the new version of the photo for a very long time because the old version would get served out of cache for a long time. Isn't that a problem? Or is this caching only for thumbs?
The same way it works for anything else that is cached there is a built in mechanism as part of HTTP to support it. So if you were to cache the content be it a thumbnail or a full size image the results would generally be the same.
The origin servers are the source.
The CDN (in this discussion sounds like it would be seeded) as opposed to filled based on user demand.
Without CDN:
Initial View:
User -- Smugmug Thumbnail --> Origin (HTTP GET Thumb URL)
User <-- Smugmug Thumbnail -- Origin (HTTP response with Thumb)
Second View (localy cached, otherwise it is always an initial/full request):
User -- Smugmug Thumbnail --> Origin (HTTP HEAD Thumb URL)
User <-- Header only -- Origin (HTTP response with header)
If cached_header == new_header show cached image, otherwise make a new request for the whole image. (This is how views for browser cached images can be counted)
With CDN:
Everything above is the same except the pictures look like
User --> CDN --> Origin
Or probably based on the description
User --> Edge CDN[1..n] --> Core CDN[1..n] --> Origin
The Core CDN is seeded (or the cache is warmed) and the CND Edge servers are fed from a subset of the global CDN. The Core scans the Origin content and sends changes out to the edge. Otherwise you have an amplification problem where the whole of the CDN is polling the origin for content updates which results in a DOS.
A mixed model would have requests to the edge go to the core go to the origin to be fulfilled and cached at each step of the way back to the user so the next request for the same content is faster.
I know that there are also authentication mechanisms supported by at least some CDNs which could be integrated into a solution allowing authenticated access to cached content.
I have
a) Public galleries - watermarked
b) Public galleries - password protected for clients
c) Unlisted galleries for family pictures - also password protected
Current situation
a) open but watermarked (apart from thumbs - I want google to show my non watermarked picture to lure people in...
b) clearly visible but password protected (easily broken by a pasword trawler unless spotted and blocked by smugmug)
c) would have to trawl the url and guess the password
Proposed situation - as I understand it..
a) no change to security but much faster loading
b) IF the url of the thumb was trawled then they would be able to get one thumb but no bigger unless they also got the password
c) as per b
The chances of coming across a URl of one of b0 or c) within the whole internet is about as much as me winning the lottery in the US europe and the UK all in the same week...for several weeks in a row...
So I'm not fussed go for it...
But I do understand the concerns of those above - so might it be possible to have smugmug run as effectively two sites - if you don't want push thumbs and speed you go onto site 1 and if you do you go site 2 - with you preferences deciding which site your account sits on? It would be possible for the sites to look identical as far as the majority were concerned..
Comments
Ugh. You should've just rolled it out silently. I bet nobody would've even noticed. How's that phrase go? "It's easier to ask forgiveness than ask permission."
Now you've got all the pros and paranoids riled up and it'll never happen and my 47 thumbs will still take forever to load. :-{
Dangit.
Create a second gallery and put the thumbnail sized pics in there. Extra work but it gets you a solution in the meantime.
You've got my vote
...pics..
Other Gear: Olympus E-PL1, Pan 20 1.7, Fuji 3D Camera, Lensbaby 2.0, Tamron 28-75 2.8, Alien Bees lighting, CyberSyncs, Domke, HONL, FlipIt.
~ Gear Pictures
how much paranoia is not 'overly'?
*just kidding*
...pics..
James
Langford Photography
http://www.langfordphotography.com
james@langfordphotography.com
I second this motion. I am fully behind the initiative to speed up the loading of thumbs and am happy with the level of security this will provide.
Victor
As I see it... All tiny/thumbs/photos are public. Some are protected by "password". Some are protected by "hard to find URLS". What is the difference? We know the password or create it. The only thing we need to do to make a "hard to find URL" into a password is... make it known to us. Then it becomes a password... and a very good password.
Then all legal matters become moot... because we now have Super-Passwords.
btw... I'm in favor of the change.
Ron
rholliday.smugmug.com
This whole argument is not just about the ability to guess a password vs. an URL. When thumbnails are allowed to be cached around the internet, that means they sit on hard drives where people in the companies who run those caches could go look at them. Further, those caches may have logging that records URLs so these unique, hard to guess URLs might be sitting in a bunch of logfiles somewhere.
In addition, we know that ISPs all over the world are talking about selling your browsing habits to advertisers so they can serve more targetted ads. The only way they can do that is by collecting where you go on the internet and storing it somewhere, yet another place where these "hard to guess" URLs are stored.
Passwords, on the other hand, are only transmitted via SSL and thus cannot be cached or logged by any infrastructure party or ISP on the internet other than Smugmug.
Homepage • Popular
JFriend's javascript customizations • Secrets for getting fast answers on Dgrin
Always include a link to your site when posting a question
I don't really understand the concern. When you talk about thumbnails being cached, are you talking about at ISPs or by search engines? The gallery with non-password-protected thumbnails will still be password protected. Search engines won't be able to get in to see the URLs to the thumbnails, so they remain protected.
If you're talking about caching at an ISP, that can happen right now, can't it? Once you enter your password, your ISP is serving those thumbnails to you. If they want to see em, they can. If they want to cache them, what stops them now?
I can barely find my public, keyworded, captioned pictures on search engines when I specifically try. I'm not too worried about thumbnails from password protected galleries "getting out."
Dave
Some good points that I hadn't thought of. I'll give you most of them.
The difference is that once someone knows the secret URL of the thumb, they can get to all the image sizes you have available for that image. You just change the suffix on the URL to get to any size.
For a password protected gallery, they still need the password (which they don't have) to get to anything other than the thumbs. The password system does provide more security than just the URLs because the password is required to access larger sizes, yet it is not disclosed in the clear to infrastructure providers during browsing. Of course, there are cookies going in the clear which grant access to galleries and I have no idea how secure they are or aren't from man in the middle interception. Cookies, though are usually not cached or logged like URLs often are.
Homepage • Popular
JFriend's javascript customizations • Secrets for getting fast answers on Dgrin
Always include a link to your site when posting a question
No No No No Nooooooo!
The way the system works right now is that if you try to load an image (blahblahblah-Ti.jpg for example), smugmug checks to see if that image is in a password protected gallery before serving it out to you. That applies to ALL image sizes.
The only change they want to make is to stop checking whether or not thumbnails are password protected. They will still check for the larger sizes. Each time they do that check, it takes a little longer for the image to load.
This is important because we rarely load pages with lots of big images. We load pages with lots of thumbnails all the time though. If you could skip that one security check, each thumbnail would load faster. The cumulative effect would be that the page loads faster.
If you got the URL to a thumbnail somehow... not an easy task since that URL is only referenced in a password protected gallery... you could see THAT thumbnail and nothing else.
Keep in mind... for "unlisted" galleries with no password protection, this change has no effect.
Dave
I think with external links on you only can see the PHOTO not gallery photos.
The photo link does not expose the gallery link, which you need the PW for.
Am I missing something?
Photo in PW'ed gallery. "Never nap at a picnic"
http://www.photosbyat.com/photos/335350846_u74zJ-Th.jpg
You can change the -Th to other sizes but have still no idea what gallery it's in.
My Website index | My Blog
I don't know exactly what you're responding to Dave. My very posting says what you said. Password protected images require the password for larger sizes (only if external linking is off), unlisted images do not.
Homepage • Popular
JFriend's javascript customizations • Secrets for getting fast answers on Dgrin
Always include a link to your site when posting a question
And, NO CUSTOMER KNOWS THIS.
IMO, this is a clear miss in terms of meeting customer's expectations for security. When an option is required to deliver the security the customer expects and no customer knows that, then the feature is not delivering the security that customers expect. Customers would expect access to images to require the password. They would have no idea that this only requires the password if they turn external linking off.
I've had a similar conversation via email with Dustin and Andy, but I am unsure if people agree that something should change.
Homepage • Popular
JFriend's javascript customizations • Secrets for getting fast answers on Dgrin
Always include a link to your site when posting a question
They sure know it in spades when their photos don't show up in blogs, forums, ebay auctions, etc.
Still, we'll see what might be able to be done.
Portfolio • Workshops • Facebook • Twitter
No customer should have an expectation that a photo in a password protected gallery could be linked into a forum posting. That should have never worked in the first place and everybody would have understood if it never worked in the first place. If you want a non-public photo for external linking, use an unlisted gallery. It's perfect for that.
Now that you've left it this way for a long time, I'm sure some customers have ended up using it so you're stuck in a bad spot. But, believe me, many customers think they have more security than they do because they put a password on and figured that there would be no access allowed to the photos in the gallery without the password, when that is not really the case.
Homepage • Popular
JFriend's javascript customizations • Secrets for getting fast answers on Dgrin
Always include a link to your site when posting a question
Agree completely.
I tried various help page tweaks, warnings, explanations, and forum postings but finally caved. It became clear that only a very advanced user could understand or care why we thought external links should default to off for password-protected galleries. Some people were very angry that we took it upon ourselves to change their external linking policy just because they changed their gallery to password-protected, embarrassing them publicly with broken images.
Imo, weak passwords and social engineering are the low-hanging fruit for people who want to break into galleries, not guessing a very obscure key.
You have to run your business the way you want to run it. But proper implementation of security is one area where I typically look for other ways to solve the problem rather than compromising the design to suit the needs of the lowest common denominator.
Do you realize that when a gallery is password protected, external links are on and they've chosen a thumbnail for the gallery with feature photo that I can see any available size of that photo without supplying the password. Is that not a problem?
There's probably a way to view it even when external links are disabled (because there's no perfect way to implement external linking controls), but I haven't done the homework to figure that one out yet.
Homepage • Popular
JFriend's javascript customizations • Secrets for getting fast answers on Dgrin
Always include a link to your site when posting a question
You probably remember this, but for a long time we didn't allow thumbnail images on password-protected galleries. There were lots of feature requests to get them. One idea was to require that the thumb be public like Zenfolio does, but we couldn't seem to get much interest in that. The common response was, "I don't know who would make a sensitive image the featured one."
I suppose one idea would be to provide a warning dialog each time you feature a thumb on a passworded gallery, same if you set a password on a gallery that has the featured thumb set.
In comparison to feature requests like coupons, I think it goes without saying this feature would get maybe a thousanth of the interest.
That's a work-around for an improperly set security expectation. That would be messy. If access to the larger sizes required the password, you wouldn't have to do any of that.
Come on now. You know that security issues get judged on a different scale because when a few web articles about them get written, they can seriously mess with your reputation. This can happen even when the issue isn't very important or the vulnerability isn't very real world. So, you have to judge it both ways. How many customers would care about this issue if they really understood it? And, how bad would it be to our reputation if a bunch of articles were written about it. Judging it only by how many customers care about it when they mostly don't understand it is far too limiting.
Certainly, you remember articles like this. Before that was written, you could probably only find 10 customers who would rank imageKeys highly and very, very few would have prioritized them at all, but a few web articles pushed you to action. I'm not saying this issue is that level, just that (as you know) security issues can affect your reputation and impact you in ways that other missing features cannot so you use a different razor for deciding which ones to pay attention to.
My measure of whether I need to deal with a security issue includes the following:
If I have a weakness, then how would I feel if a big article was written about the weakness in a major publication? If I would be OK with explaining away the weakness and even being interviewed about it, then it can stand the way it is. If I would feel like I had to change something in order to protect the company reputation, then I figure this is a weakness that needs to get addressed as soon as practical.
Homepage • Popular
JFriend's javascript customizations • Secrets for getting fast answers on Dgrin
Always include a link to your site when posting a question
The same way it works for anything else that is cached there is a built in mechanism as part of HTTP to support it. So if you were to cache the content be it a thumbnail or a full size image the results would generally be the same.
The origin servers are the source.
The CDN (in this discussion sounds like it would be seeded) as opposed to filled based on user demand.
Without CDN:
Initial View:
User -- Smugmug Thumbnail --> Origin (HTTP GET Thumb URL)
User <-- Smugmug Thumbnail -- Origin (HTTP response with Thumb)
Second View (localy cached, otherwise it is always an initial/full request):
User -- Smugmug Thumbnail --> Origin (HTTP HEAD Thumb URL)
User <-- Header only -- Origin (HTTP response with header)
If cached_header == new_header show cached image, otherwise make a new request for the whole image. (This is how views for browser cached images can be counted)
With CDN:
Everything above is the same except the pictures look like
User --> CDN --> Origin
Or probably based on the description
User --> Edge CDN[1..n] --> Core CDN[1..n] --> Origin
The Core CDN is seeded (or the cache is warmed) and the CND Edge servers are fed from a subset of the global CDN. The Core scans the Origin content and sends changes out to the edge. Otherwise you have an amplification problem where the whole of the CDN is polling the origin for content updates which results in a DOS.
A mixed model would have requests to the edge go to the core go to the origin to be fulfilled and cached at each step of the way back to the user so the next request for the same content is faster.
I know that there are also authentication mechanisms supported by at least some CDNs which could be integrated into a solution allowing authenticated access to cached content.
An example HTTP GET request for http://lalartu.smugmug.com/photos/184957039_PGpiC-Th.jpg
HTTP HEAD request for
My situation:
Pro user
I have
a) Public galleries - watermarked
b) Public galleries - password protected for clients
c) Unlisted galleries for family pictures - also password protected
Current situation
a) open but watermarked (apart from thumbs - I want google to show my non watermarked picture to lure people in...
b) clearly visible but password protected (easily broken by a pasword trawler unless spotted and blocked by smugmug)
c) would have to trawl the url and guess the password
Proposed situation - as I understand it..
a) no change to security but much faster loading
b) IF the url of the thumb was trawled then they would be able to get one thumb but no bigger unless they also got the password
c) as per b
The chances of coming across a URl of one of b0 or c) within the whole internet is about as much as me winning the lottery in the US europe and the UK all in the same week...for several weeks in a row...
So I'm not fussed go for it...
But I do understand the concerns of those above - so might it be possible to have smugmug run as effectively two sites - if you don't want push thumbs and speed you go onto site 1 and if you do you go site 2 - with you preferences deciding which site your account sits on? It would be possible for the sites to look identical as far as the majority were concerned..
Just a thought.
www.arthousephotography.co.uk
www.andreas-artsandcrafts.co.uk
www.klimon.com