SmugMug Launches Site Overhaul . . . with a Major Security Flaw

by on July 30, 2013

in Photo Sharing

SmugMug Design Sample

SmugMug has launched a complete site overhaul and, finally, makes it easy to make your site look great.

The overhaul includes the following major features:

1) Gorgeous Sites. Photo-sharing services have traditionally given users a standard template, so that everyone looked the same. The new SmugMug offers dozens of beautiful designs, with each one completely customizable.

2) Completely Customizable. SmugMug’s innovative Customizer makes web design unbelievably easy. Visual and interactive, it empowers anyone to quickly personalize their site.

3) Beautiful Everywhere.  Every SmugMug site includes responsive design, so it adapts to any viewing screen – from smartphones to large monitors.

4) Easy Photo Management. The all new site Organizer makes it easy to manage thousands of files by dragging images into galleries, galleries into folders, and folders into folders, up to five levels deep.

Unfortunately, however, there is a major security flaw that enables access to locked photo galleries, which was first discovered by Jimmy Beltz over at Photo Tips. Hit the link for more details on how to lock it down until SmugMug implements a fix for the problem.




1 Jared July 30, 2013 at 11:46 pm

Not cool! I just started the upgrade process.

2 Eric Reagan July 30, 2013 at 11:54 pm

Apparently, the problem exists even if you don’t upgrade. Hopefully, they’ll have this patched by the morning though…

3 pete July 31, 2013 at 12:35 am

This post by Jimmy on this ‘security flaw’ is a joke. He is apparently talking about right-click protection, which has never been, and will never be a ‘security’ feature. Plain and simple, if you can see the image on your computer/phone/tablet, it is accessible and downloadable. Please check your facts before spreading this misinformation.

4 Sandy July 31, 2013 at 1:24 am

Pete you are full of crap. You don’t right click on an iPad. Get your facts straight.

5 pete July 31, 2013 at 1:45 am

Hi Sandy, tablets like the iPad recreate a normal mouse’s right-click by interpreting between a quick-tap (left-click) vs a long-hold (right-click). Similarly, on laptops without separate click buttons (like macs), the trackpads are typically configured to interpret a single finger tap as the left-click and a double finger tap as the right-click.

6 pete July 31, 2013 at 2:14 am

What I’m trying to explain is that right-click protection was invented in the early days of the web, not as a security feature, but as a mere deterrent. It is extremely simple to bypass and the best thing it actually does is create a false sense of security with the photographers.

Unfortunately, as more people were introduced to the web, some marketing types began advertising it as a security feature for web services, especially on photo related sites. This misrepresented notion that it is a ‘security feature’ and ‘protected’ people’s content spread. I doubt SmugMug was the first to add or advertise it, but users who were mislead by other’s advertising undoubtedly clamored for it and they had to keep pace with the competition.

To be honest, I wish SmugMug has the guts to lead a change in the photo hosting world, remove this ‘security feature’ and help stop this notion that right-click protection can protect people’s images.

By the way, I apologize for attacking Mr. Beltz’s post as a ‘joke’; especially if he is talking about a real security issue. We all want to protect our art. If SmugMug has a hole that allows someone to download actually protected originals then they absolutely have to fix it. Right-click protection is not security, it cannot protect content, and attacking anyone for failing to provide or support it is doing more harm by spreading the misinformation.

7 Charles Diaz August 2, 2013 at 9:16 am

Pete thank you for the info!

Comments are closed on this post, but you can carry on the conversation in the Photography Bay Forum.

Previous post:

Next post: