Hacker News new | comments | show | ask | jobs | submit login
ImageShack uploader IP addresses visible (mikescoding.com)
45 points by eurodance on Nov 17, 2012 | hide | past | web | favorite | 19 comments

Does anyone still use imageshack for anything serious any more? I'm surprised to hear they're still around.

Here's what their compete chart looks like, for what little it's worth (login required, so screenshot instead): http://cl.ly/image/3z1v152G3r1l

I've stopped using them ever since they were first known to violate their own privacy policies:


I think that ImageShack still imposes bandwidth limits and other restraints. I can't see why anyone would use it over another service like imgur.

Depends on what you use them for. Services like ImageShack and Photobucket keep your images around, while (last time I checked, which is admittedly about a year ago) Imgur's FAQ says something about deleting old images that haven't seen any traffic for a certain timespan (at least 3 months, IIRC).

Imgur has some restrictions as well. It's their (Imageshack's) "view image" pages that are horrible.

Any host is going to have restrictions, but Imgur will not take your image down for bandwidth reasons.

Glancing at the source code http://mikescoding.com/imageshack/index.phps for 30 seconds, it seems the way this works is that the uploader IP address is retrieved from some XML file on the imageshack servers. It seems every image on imageshack has a corresponding metadata XML file stored at a secret location, but the algorithm to calculate this URL was exposed during the earlier pastebin leak?

The XML URL is calculated by taking the image's filename (minus the extension), calculating the MD5 hash of that + a static salt (which is visible in the source), then replacing the image extension with the first 10 chars of the hash + ".xml". Example [1]. What type of third party would they be giving this API to?

[1] http://img236.imageshack.us/img236/3432/as8132329zz9.d907da5...

That link is 404'ing for me. Did they close this already?

They 403'd this specific link it looks like. An image I uploaded about an hour ago seems to be working still. [1] is the data it returned for the 403'd image. Here's [2] some Ruby code if you want to try it out yourself

[1] http://pastie.org/5393401 [2] http://pastie.org/5393444

That's what I'm guessing, but I wish the linked blog post was a bit more descriptive.

The API for videos is described here: http://code.google.com/p/imageshackapi/wiki/YFROGxmlInfo

For images it should be hidden.

Oh boy. Everyone who has uploaded images of screenshots of illegal movies onto forums are gonna be majorly shafted now.

I could be wrong, but isn't the precedent that IPs aren't adequate evidence of a person's identity? I don't think that a dynamic IP address that was used 18 months ago is going to be of any use now.

It may not indict you directly, but it certainly helps finding the person behind it.

How does a screenshot of a movie you own look any different from one you don't?

Possibly by it being linked from a torrent description saying "Here is this movie that I pirated and am offering to you illegally for free - <username>" and then having that same username attached to the ImageShack screenshot that also provides your IP address?

Plus, if we're being pedantic, most pirated movies shared online are re-encodes of their original source material.

Given the sheer number of variables involved in the encoding process, the odds of independent encodes being absolutely identical are extremely low.

It is trivial to determine from a screenshot whether it is taken from the source or a re-encode (i.e. whether it is from a legitimate source or not, assuming the source is the only authorized copy), and if you have a copy of the particular re-encode, to verify the exact provenance.


Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact