mobile photography technology, culture and community
www.dpreview.com

Flickr made some private photos public: Yours too?

28
Are your private images really private? A software bug recently made some private Flickr photos public. Image by Lars Rehm. 

It seems that the popular photo sharing service Flickr inadvertently made an unknown number of its users' private images viewable to the public. 

According to a story on The Verge, a software bug caused the issue that made images marked private visible when browsing some users' photostreams between January 18 and February 7. Only images uploaded between April and December of 2012 were in danger of being exposed.

Flickr vice president Barry Wayn used a Flickr help forum thread to assuage concerns: 

"Only a small number of Flickr users were impacted, and we are in the process of directly contacting those individuals. This is not a widespread nor an ongoing issue — the software bug has been identified and fixed."

Flickr photographers are sharing their frustrations via the same thread, as concerns emerge not just over privacy, but also the broken links and embeds on other websites that may have been affected. 

Some users posted the message Flickr sent them regarding the matter, which warns those affected they may need to adjust their image settings further following the snafu: 

"Protecting your privacy is one of our highest priorities so, when we discovered the bug, we took the added precaution of setting any potentially impacted photos in your account to 'private.' When a photo is set to 'private,' links and embeds on other websites will no longer work. This means you may have photos you intended to share with others that you may need to adjust the settings on."

Flickr's privacy setting faux pas has us wondering: Are images shared via the web ever really private?

Numerous photo sharing sites and apps offer reassurance that images can be shared privately or will even "self-destruct" after a matter of seconds, á la Snapchat or Facebook's Poke app. The KeepSafe app also promises to hide some of the photos and text messages on your smartphone so you can still show off your vacation snaps at work while excluding racier images, and hide your more secret conversations from prying eyes. But what happens when the software code can't perform as promised, such as in Flickr's case? 

Such image privacy technology will always pose some risk, including user error: we recommend never trusting that anything you share on the web is 100 percent secure.

Comments

Total comments: 28
tkbslc
By tkbslc (Feb 12, 2013)

Nobody is every truly safe from a mugging, either, but that doesn't make it OK when it happens. I think the comments are little strange.

"You should have known not to take your wallet outside...."

1 upvote
Deleted pending purge
By Deleted pending purge (Feb 12, 2013)

It should be clear by now that nothing on internet is absolutely safe or private. Every program written for that purpose enables someone somewhere to gain access either trough some purposefully left back entrance, or via some unsafe safety feature. And of course, there are some more or less known instances whose job is to perform silent control, for various reasons. Compared to ther tools, cookies and social network glitches are plain ridiculous.
Browsers, operating systems, smartphones, cable TV... it's all the same, so best forget about anonymity. If you don't want something seen, do not put it on the net, do not even keep it in your net-connected devices. It's as simple as that.
The best way to live with all the controls hovering around is by having nothing to hide. It was always that way, and I suppose it will always be.

Comment edited 2 minutes after posting
2 upvotes
M Lammerse
By M Lammerse (Feb 12, 2013)

With the current 'sheep' generation and the excuse 'if you have nothing to hide you have not to be afraid' it's always good to try to keep them awake and post this kind of 'news'.

Nothing is free and nothing is safe on the internet.

3 upvotes
harry cannoli
By harry cannoli (Feb 12, 2013)

Tough crowd.

1 upvote
rrr_hhh
By rrr_hhh (Feb 12, 2013)

Why is that news posted to the connect website ? It is a photo news and belongs to the DPreview photo site. Flickr existed well before the phones were able to take pictures and has been used by photographers since eons; I was still shooting film and scanning my negs when I opened my account at Flickr !
Do you have so few visitors of the connect site that you need to attract us here ?

Comment edited 2 times, last edit 4 minutes after posting
0 upvotes
Barney Britton
By Barney Britton (Feb 12, 2013)

The #1 camera on flickr is an iPhone... but in answer to your question, both dpreview and connect are photography sites, and this news was posted on both. Why does it matter?

1 upvote
Photog74
By Photog74 (Feb 12, 2013)

Hm, I still shoot film sometimes, actually.

0 upvotes
ManuelVilardeMacedo
By ManuelVilardeMacedo (Feb 12, 2013)

Dear Mr. Britton: with all due respect, rrr_hhh's question is perfectly legitimate and I'd have written exactly the same if it weren't for her comment. I find the last sentence in your reply slightly blunt, and unnecessarily so. I'm beggining to notice some traits of impatience in most DPR staff's replies, which is in contradiction with the tolerance shown to the rather aggressive "equivalent aperture" trolling comments that come up whenever you post anything about Olympus and Panasonic.
You say "The #1 camera on flickr is an iPhone"; that's all very well, but by the same token you should shut down the main website and just keep Connect because the vast majority of photographs is taken with mobile devices nowadays.
You are gradually pulling photography enthusiasts away from this site, which is a shame. This is no longer the website I used to enjoy visiting when I took a serious interest in photography. Now it's a site for gadget freaks and gearheads. I've had enough with DPR.

Comment edited 1 minute after posting
2 upvotes
Barney Britton
By Barney Britton (Feb 12, 2013)

@ ManuelVilardeMacedo - if you look through our reviews/previews, articles and news content on dpreview you'll see that we take a more serious interest in more aspects of photography than ever before. And please don't consider this a defensive statement - it is true.

1 upvote
tkbslc
By tkbslc (Feb 12, 2013)

It was posted on both sites, so I don't get the complaint. Sure the link clicks through to Connect, but both sites got the headline and everyone at dpreview automatically has a connect account for comment.

0 upvotes
sean000
By sean000 (Feb 11, 2013)

Sharing photos, or any information online, is always a balance between convenience and security. At least with the pay services like Smugmug and Zenfolio the provider bears more responsibility. That's still no guarantee that a glitch won't expose your photos, but if you want to share photos that's a risk you must be comfortable with. Personally I feel like the increased responsibility and enhanced security features of a site like Smugmug is worth paying for. I also share some photos on Facebook and Google+. The latter has much better security features, but I'm not going to post anything on those sites that I wouldn't be comfortable with my mother seeing. If you are worried about someone just waiting to download all your photos so they can sell them, then use a more secure host and/or don't post high resolution images. If you are worried that your private album of fetish photos will suddenly be open to your mother's browsing eyes, create a separate alias to represent your kinkier side.

1 upvote
ManuelVilardeMacedo
By ManuelVilardeMacedo (Feb 12, 2013)

It's all very well, but Flickr has the option of a "Pro" account that provides unlimited storage for an annual payment. Users of the Pro account have every right to be upset.

1 upvote
FRANCISCO ARAGAO
By FRANCISCO ARAGAO (Feb 11, 2013)

Now, thats good

1 upvote
M Lammerse
By M Lammerse (Feb 11, 2013)

Nopers, nothing public of my images...I mean those of others :-)

Comment edited 32 seconds after posting
1 upvote
FreedomLover
By FreedomLover (Feb 11, 2013)

Exactly, thank you Lars.
The cloud services are never safe.

1 upvote
Lars Rehm
By Lars Rehm (Feb 11, 2013)

Agree but this article was actually written by my colleague Erin :-)

1 upvote
FreedomLover
By FreedomLover (Feb 11, 2013)

Well you are right, thank you Erin too :-)

0 upvotes
JaFO
By JaFO (Feb 11, 2013)

There is no privacy on the internet.(period)
It's only ever 'private' if you keep it off-line.
Next time it's a hacker that gets your precious info.

Or maybe it's going to be like Instagrams' "whoops", except the damage may be done already.

http://imgs.xkcd.com/comics/instagram.png

6 upvotes
tkbslc
By tkbslc (Feb 12, 2013)

All it takes is a little tiny peice of malware to serve up data from your home computer, so don't be too sure about your "off-line" safety, unless you mean unplugging your network cable and turning off wi-fi.

0 upvotes
Kabe Luna
By Kabe Luna (Feb 11, 2013)

Ha! This is why I keep my images on my own private web site, and share images with those I want to specifically via FTP. Anytime you put your photos–and other sensitive information, now that "the Cloud" is all the rage–you take a risk.

1 upvote
JaFO
By JaFO (Feb 11, 2013)

you do realise that even your own 'private web site' isn't totally free from unwanted spectators ?

It certainly is better than trusting a 'free' cloud service to 'protect' your data.

5 upvotes
noirdesir
By noirdesir (Feb 11, 2013)

Everything connected to the internet is potentially at risk. While hacking into a web server might be easier than hacking into your computer at home, if you declare one to be at risk, the other has to be considered at risk as well.

1 upvote
tkbslc
By tkbslc (Feb 12, 2013)

It's actually easier to hack home and business desktop computers because most people load email and web browsers on them and people often aren't being paid to keep them secure. Servers generally don't have a lot of malware entry points and are firewalled.

In fact, often Servers are compromised by gaining access to a desktop computer on the company network. Companies usually don't have strict internal firewalling, so once you have a desktop on the network you can get to work on doing some real damage.

In this case it sounds like a programming error, anyway, which can also happen to any desktop or security software we use.

Comment edited 1 minute after posting
0 upvotes
guyfawkes
By guyfawkes (Feb 11, 2013)

It doesn't surprise me. What does is the laissez-faire attitude that prevails today and in which individuals will post all sorts of personal information on internet sites. And then they get in all of a bother when something like this happens.

The internet is a wonderful place to be, but use it intelligently.

2 upvotes
JaFO
By JaFO (Feb 11, 2013)

All attempts at finding any proof of intelligence on the internet have thus far failed completely ... ;)

3 upvotes
RMillward
By RMillward (Feb 11, 2013)

"Flickr's privacy setting faux pas has us wondering: Are images shared via the web ever really private?"

If you are really wondering that, I'm on the wrong site. This is supposed to be DPReview, albeit a mobile-focused subset; it's not some Facebook/Instagram page. Anyone who thinks about it for more than about three minutes knows that your online photos are not and can not ever be entirely secure. You should never - EVER - post something to the Internet that would get you fired or cause your mother to be embarrassed when her bridge club finds it. The fact that some people don't know this is all well and good, but an author for DPReview? That's embarrassing.

2 upvotes
Barney Britton
By Barney Britton (Feb 11, 2013)

It's a rhetorical question (resolved in the final paragraph). A rhetorical question is an editorial device employed by professional writers. Or is it? Click here to find out:

http://en.wikipedia.org/wiki/Rhetorical_question

12 upvotes
Paul B Jones
By Paul B Jones (Feb 11, 2013)

Snap!

0 upvotes
Total comments: 28
About us
Sitemap
Connect