The Time-Machine personal website previously relied on external, unaudited third-party hosts to serve images and videos. These external URLs were embedded in multiple pages and components, exposing users to potential risks such as IP leakage, content swapping, or malicious media injection.
Because these media hosts are not under project control, users’ interactions (e.g., page views) could be tracked or exploited without consent, violating privacy and security best practices.
Impact:
• Passive user tracking via remote media requests
• Content injection via swapped/expired image links
• Poor content integrity assurance
• Potential GDPR/privacy violations
ekrishnachaitanya2004 Finder
The Time-Machine personal website previously relied on external, unaudited third-party hosts to serve images and videos. These external URLs were embedded in multiple pages and components, exposing users to potential risks such as IP leakage, content swapping, or malicious media injection.
Because these media hosts are not under project control, users’ interactions (e.g., page views) could be tracked or exploited without consent, violating privacy and security best practices.
Impact:
• Passive user tracking via remote media requests
• Content injection via swapped/expired image links
• Poor content integrity assurance
• Potential GDPR/privacy violations