Download!Download Point responsive WP Theme for FREE!

Want to take a nudie shot for your S.O.? DON’T. Seriously.

Let me explain “fusking” to you, young one. This primarily has to do with Photobucket in particular, but it makes you wonder about what else might be vulnerable, if not now then in the future.

“Fusking” is the practice of finding private (usually compromising or sexually explicit) photographs of a person. Photobucket seems to be particularly vulnerable, due to the way they handle picture security.  From buzzfeed.com:

Photobucket handles privacy levels differently than other photo sharing services like Flickr or Facebook. Instead of setting a privacy level at the individual photo, you set the privacy level ("Everyone," "Private," or "Password-protected") at the album level. If you select Private or Password-protected for an album, the photos won’t show up in search, and someone browsing your profile wouldn’t be able to find them. However, each photo is still accessible via a direct link to its url.

This means that if I put photos in a private or password-protected album, I can still send a direct link to an individual photo to my friend, and she won’t need a password to view that photo. If she wants, she can pass along that link to any of her other friends and they can also view over the Photobucket site, no problem, regardless of how I set the privacy level on the album. This is meant to be a feature — in theory, only an album’s owner would be able to share the link in the first place, since the only obvious way to find its url in the first place is to have access to its album.

Problem is, the URLs Photobucket uses for these pictures use the photos’ actual file names, and file names aren’t that hard to guess. For example, if the photo I want to send to Sally is DSC_003.jpg, she can guess that there’s also an DSC_004.jpg in that album. And maybe I don’t want her seeing DSC_004.jpg.

How big a deal is this?  Reddit has a sub called “r/photobucketplunder.” (NSFW, so I’m not linking).  Yes ladies, you are PLUNDER to these folks.  You are not a person, you are an object. Do they want to protect their “plunder”ed photos?  Oh you betcha!  From gawker.com:

The rules — posted on the page’s sidebar — warn users against alerting the photographs’ subjects that they’ve become unwitting pinup models for a few thousand Redditors: "Do not follow the usernames of the girls submitted to this subreddit. When you follow them it sends an e-mail to them notifying them they’re being followed. This usually either makes them cancel their photobucket or make the album private which in turn makes it so we no longer get any pictures from them."

But it gets worse.  As you see above, Reddit doesn’t link to identifying information.  Unfortunately, there is at least one site (which I will NOT name) that does.  One young lady found out that they linked to her Facebook profile and when she asked them to remove it, they gleefully said, Hell No!

So 1) Don’t use Photobucket.  It’s so 1990s anyway.  2) Don’t upload potentially compromising photos online.  Anywhere.  Ever.  Just Don’t.  3) Really, don’t even TAKE those photos.  Assume ANY photo you take digitally will live forever.  4) Nothing is private.  NOTHING.  5) Don’t auto-upload digital photos anywhere. Even if newer file services are protected, encrypted, whatever, SOMEONE will crack it.  The product is there, the demand is there, it WILL happen.

Is it wrong for people to do this?  Morally, yes; legally, no.  Unfortunately, people don’t give a damn about others.  So while saying “You shouldn’t do that” might be correct, you need to take the responsibility yourself: don’t give them the opportunity.

3 Comments