SmugMug Launches Site Overhaul . . . with a Major Security Flaw

SmugMug Design Sample

SmugMug has launched a complete site overhaul and, finally, makes it easy to make your site look great.

The overhaul includes the following major features:

1) Gorgeous Sites. Photo-sharing services have traditionally given users a standard template, so that everyone looked the same. The new SmugMug offers dozens of beautiful designs, with each one completely customizable.

2) Completely Customizable. SmugMug’s innovative Customizer makes web design unbelievably easy. Visual and interactive, it empowers anyone to quickly personalize their site.

3) Beautiful Everywhere.  Every SmugMug site includes responsive design, so it adapts to any viewing screen – from smartphones to large monitors.

4) Easy Photo Management. The all new site Organizer makes it easy to manage thousands of files by dragging images into galleries, galleries into folders, and folders into folders, up to five levels deep.

Unfortunately, however, there is a major security flaw that enables access to locked photo galleries, which was first discovered by Jimmy Beltz over at Photo Tips. Hit the link for more details on how to lock it down until SmugMug implements a fix for the problem.



  1. pete says

    This post by Jimmy on this ‘security flaw’ is a joke. He is apparently talking about right-click protection, which has never been, and will never be a ‘security’ feature. Plain and simple, if you can see the image on your computer/phone/tablet, it is accessible and downloadable. Please check your facts before spreading this misinformation.

  2. Sandy says

    Pete you are full of crap. You don’t right click on an iPad. Get your facts straight.

  3. pete says

    Hi Sandy, tablets like the iPad recreate a normal mouse’s right-click by interpreting between a quick-tap (left-click) vs a long-hold (right-click). Similarly, on laptops without separate click buttons (like macs), the trackpads are typically configured to interpret a single finger tap as the left-click and a double finger tap as the right-click.

  4. pete says

    What I’m trying to explain is that right-click protection was invented in the early days of the web, not as a security feature, but as a mere deterrent. It is extremely simple to bypass and the best thing it actually does is create a false sense of security with the photographers.

    Unfortunately, as more people were introduced to the web, some marketing types began advertising it as a security feature for web services, especially on photo related sites. This misrepresented notion that it is a ‘security feature’ and ‘protected’ people’s content spread. I doubt SmugMug was the first to add or advertise it, but users who were mislead by other’s advertising undoubtedly clamored for it and they had to keep pace with the competition.

    To be honest, I wish SmugMug has the guts to lead a change in the photo hosting world, remove this ‘security feature’ and help stop this notion that right-click protection can protect people’s images.

    By the way, I apologize for attacking Mr. Beltz’s post as a ‘joke'; especially if he is talking about a real security issue. We all want to protect our art. If SmugMug has a hole that allows someone to download actually protected originals then they absolutely have to fix it. Right-click protection is not security, it cannot protect content, and attacking anyone for failing to provide or support it is doing more harm by spreading the misinformation.