JUMP TO SOLUTION Solved

Original topic:

Samsung Gallery's Lock Album Feature should be more secure

(Topic created: 07-19-2023 01:23 PM)
3487 Views
Options
Samsung Apps and Services

It has come to my attention that despite locking an album using the prescribed method (i.e., holding onto the album, clicking "more," and selecting "lock album"), unauthorized users can still gain access to the images contained within the locked albums. This breach of privacy raises concerns about the effectiveness of the lock feature and its ability to safeguard sensitive content.
To reproduce this vulnerability, one can simply perform the following steps:

1. Lock an album by holding onto it and then clicking "more." Subsequently, choose the option "lock album."

2. Once the album is locked, holding onto it again and selecting "more" provides access to the "change cover image" option. By clicking on this option, the images within the supposedly locked album become visible, undermining the purpose of the lock feature.

3. Additionally, just showing the cover image of the locked album is possible by holding onto the album, clicking "more," and choosing the "move" option. This, too, grants access to the cover photo despite the album being locked.

Moreover, another alarming method of circumventing the lock protection is by permitting a third-party app, such as "Google Photos," access to the Samsung file system. By doing so, the images within the locked album can be displayed through the unauthorized app, potentially exposing private content to unintended viewers.

 
(Used ChatGPT to help get this under 5000 words and to help people understand my gebrish a bit more)
4 Replies
270
Red Giant
Options
Samsung Apps and Services
Maybe you should consider secure folder?
userZNnTdcqwZP
Supernova
Options
Samsung Apps and Services
It warns you before using it that "It shall not provide secure service", but I see your point. In my opinion, if it doesn't provide enough security even within their Gallery app, they should have it as a feature.Screenshot_20230716_080304_Gallery.jpg
Options
Samsung Apps and Services
I've never seen that. I think the reviewed my last forum and update it. They didn't tell me that they fixxed it, but thanks for letting me know! But I do understand this is a lab, so it could be hard for them to get every bug somone reported. On the other hand why make this a feature if there not going to insure people's privaces? I would only allow 3rd party apps to be able to access the data if the user agrees to this via a password and/or a finger print scanner, and once an album gets locked it is "deleted" and won't show on Google photos because your phone either needs to be idle for 2 hours, charging, and connected to wifi Or select images/videos to sync Or once you open the app, aswell as one drive that only syncs once you "tell" it to sync.
Solution
Samsung_Moderator
Community Manager
Community Manager
Options
Samsung Apps and Services

Thank you for your interest in sharing your idea with Samsung. We appreciate your feedback and will tag it on the forum so that it will appear with other feedback, ideas, and requests. This will allow your post to be more easily found in the event that Samsung product groups are seeking outside feedback/requests/ideas regarding our products.

0 Likes
Reply