Google Photos and the unguessable URL

Broadcasted at June 24, 2015 at 09:18AM:

A few days after Google’s big Photos rollout, a user on Reddit noticed something fishy. “I was browsing through my photos and wanted to see the full size of an image so I right-clicked,” RossFletch wrote. That took him to an open URL, still accessible when he was in incognito mode. By the logic of Photos, the image should have been private — he hadn’t clicked the share button — but through this URL, it was available to anyone who typed in the right string of characters. He even pulled the image using Wget, a web-scraper utility, routed through a virtual server to hide his identity. However he came at the URL, his picture still came up. “How is this possible when this image isn’t shared with anyone?” Fletch asked.

Continue reading…

以上内容由IFTTT自动发布,原文地址:http://www.theverge.com/2015/6/23/8830977/google-photos-security-public-url-privacy-protected

via Blogger http://www.einverne.tk/2015/06/google-photos-and-unguessable-url.html

Advertisements

发表评论

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / 更改 )

Twitter picture

You are commenting using your Twitter account. Log Out / 更改 )

Facebook photo

You are commenting using your Facebook account. Log Out / 更改 )

Google+ photo

You are commenting using your Google+ account. Log Out / 更改 )

Connecting to %s