matt’s

Ooops, I didn’t write much lately since there wasn’t much to write about. I had great holidays and a fantastic New Years Eve, and I met some nice people in the past few days. I hope you all had a great time, too. A happy new year to everyone!

I digged through StudiVZ the other day and I jumped from profile to profile, having a look at my friends’ friends and their friends and so on. I often use the “xxx is linked on yyy pictures” function to see how people look like and what they do, and I came across some images that I could see as thumbnails but not in full since the gallery owner didn’t allow public viewing.

I was curious and had a short look at the thumbnails URLs and recognized that they all had a “-m” at the end of the filename. I cut it off and was able to see the full sized image. So, obviously, the link-function totally screws the gallery privacy options. The questions is, why do private images appear in the “is linked on” view at all? And further, why aren’t thumbnails and full size images more securely separated? (Btw., Xing has the same problem. If you want to see who visited your Xing profile but don’t want to pay five bucks a month, simply edit the thumbnail image URL and cut off the _s2 at the end.)

kaioo is a new, nonprofit social networking platform in Germany. I created a profile there, too. They’ll most likely have security flaws, too, but at least giving away personal information is totally out of the question. If it keeps growing and some vital privacy options are added (e.g. hiding group memberships) it may very well outstrip StudiVZ.

Popularity: 26%