Security Market Segment LS
×

Warning

JUser: :_load: Unable to load user with ID: 3450
JUser: :_load: Unable to load user with ID: 66
JUser: :_load: Unable to load user with ID: 3286
Friday, 22 May 2009 01:11

Old photos never die

By
A study from the University of Cambridge has found that photos shared on social sites are often still accessible even after the user has deleted them.

In a post on the University of Cambridge Computer Lab's Light Blue Touchpaper blog, PhD student Joseph Bonneau describes an experiment he and his colleagues conducted on 16 photo-sharing sites.

The post, entitled "Attack of the Zombie Photos," points out that more than 40 billion photos are on Facebook alone and that the site gets more than 25 million new photos each day.

Bonneau explains that dealing with such volume means that most photo-sharing sites don't host all their photos on the main site server.

Rather, the photos are stored on a separate dedicated photo server, which delivers the requested photo on receipt of the proper URL.

The problem comes with the fact that if a user deletes a photo through their profile, it isn't actually removed from the photo server. Rather, similar to the way deletions via the Recycle Bin or Trash Can on a personal computer are handled, the photo can sit there until it is overwritten.

During that time, if someone knows the direct URL for the photo, they can still retrieve it.

For what the experiment discovered, see Page 2.

Bonneau and his colleagues uploaded a test image to 16 photo sharing sites, including Facebook, Flickr, LiveJournal, MySpace, Orkut, Picasa, Bebo, and Windows Live Spaces.

They then noted the URLs for the photo and confirmed that all but one site would deliver the photo when requested with the proper URL.

The one exception was Windows Live Spaces, whose photo servers required session cookies, prompting Bonneau to write, "a refreshing congratulations to Microsoft for beating the competition in security."

The researchers then deleted the photo but kept trying to retrieve it for 30 days to see how long it persisted on each site's photo server.

They discovered that Orkut, Photobucket, and Flickr "revoked" the photo immediately, but that it was still available 30 days after deletion on a full seven sites, including Bebo, MySpace, Facebook, and LiveJournal.

Bonneau labeled the sites' approach as "not only fundamentally wrong from a privacy standpoint, but likely illegal under the EU Data Protection Directive of 1995 and its UK implementation, the Data Protection Act of 1998, which both clearly ban keeping personally-identifiable data for longer than necessary given the data’s purpose."

Read 5012 times

Please join our community here and become a VIP.

Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here
BACK TO LATEST NEWS here




Maximising Cloud Efficiency - LUMEN WEBINAR 23 April 2025

According to KPMG, companies typically spend 35% more on cloud than is required to deliver business objectives

The rush to the cloud has led to insufficient oversight, with many organisations struggling to balance the value of cloud agility and innovation against the need for guardrails to control costs.

Join us for an exclusive webinar on Cloud Optimisation.

In this event, the team from Lumen will explain how you can maximise cloud efficiency while reducing cost.

The session will reveal how to implement key steps for effective cloud optimisation.

Register for the event now!

REGISTER!

PROMOTE YOUR WEBINAR ON ITWIRE

It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site itwire.com and prominent Newsletter promotion https://itwire.com/itwire-update.html and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV https://www.youtube.com/c/iTWireTV/videos which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinars and campaigns and assistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.

MORE INFO HERE!

BACK TO HOME PAGE
Published in Security
Tagged under

Latest from

Related items

More in this category: « APAC businesses increasing spend on security software Sun Java System Communications Express security advisory »
Share News tips for the iTWire Journalists? Your tip will be anonymous
back to top

Subscribe to Newsletter

*  Enter the security code shown: img0

WEBINARS & EVENTS

CYBERSECURITY

PEOPLE MOVES

GUEST ARTICLES

Guest Opinion

ITWIRETV & INTERVIEWS

RESEARCH & CASE STUDIES

Channel News

Comments