Browsers, E-mail, & Web Apps forum


Security issue - Deleting images stored on Livefilestore

by mjingo / June 17, 2013 4:03 AM PDT

My aged parent has used windows live mail to send me photos of documents containing confidential information - rather than simply emailing me the images the "system" seems to have uploaded them to a public server and emailed me thumbnail links instead.

As I am able to access these images with a simple URL with no password protection or other security could you please advise, as a matter of urgency, how I delete these images to prevent them falling into the wrong hands?

I am sure that microsoft would not create a service that allows users with no technical knowledge to unwittingly publish confidential information to the public domain but cannot find any obvious way to remove them.


Answer This Ask For Clarification
Discussion is locked
You are posting a reply to: Security issue - Deleting images stored on Livefilestore
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: Security issue - Deleting images stored on Livefilestore
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.

All Answers

Collapse -
Seems well discussed.
by R. Proffitt Forum moderator / June 17, 2013 4:12 AM PDT
Collapse -
PS. If this is skydrive, read this one.
by R. Proffitt Forum moderator / June 17, 2013 4:13 AM PDT
In reply to: Seems well discussed.
Collapse -
Not on Skydrive
by mjingo / June 17, 2013 4:33 AM PDT

Thanks but these images are not uploaded by the user or stored on Skydrive - they are automatically uploaded by live mail and stored on a "" url to which I seem to have no access ...

Collapse -
You should not have access.
by R. Proffitt Forum moderator / June 17, 2013 4:38 AM PDT
In reply to: Not on Skydrive
Collapse -
by mjingo / June 18, 2013 12:06 AM PDT

Bob - your responses have nothing at all to do with my question but thanks anyway.

Collapse -
Good luck.
by R. Proffitt Forum moderator / June 18, 2013 12:13 AM PDT
In reply to: thanks

Sadly it appears to have EVERYTHING to do with it. The SENDER put them there and the images are on a specific service and you won't be able to delete them until you take over their account.

As I am able to access these images with a simple URL with no password protection or other security could you please advise, as a matter of urgency, how I delete these images to prevent them falling into the wrong hands?

The SENDER of the images made a mistake which they'll have to correct if you can't convince someone at MSFT to take them down.

I'm more than willing to discuss this but it appears you think this is something you or I can fix.


Collapse -
I have access to sender account
by mjingo / June 18, 2013 12:28 AM PDT
In reply to: Good luck.

Hi Bob - the reason I think you have the wrong end of the stick is that I have access to the sender account - she is begging me to ensure that she has not opened herself up to identity theft.

The sender did not make a mistake per se - this seems to be the default behaviour of windows live "photo email" feature which needs to be deliberately disabled. Unfortunately my parent, and many others, will have no idea about this.

I have accessed her account and deleted the sent email from it (which showed a messaging stating the images uploaded will be automatically deleted in 28 days btw). I have checked her Skydrive and there are no images there. Nor does there appear to be any way for the SENDER to remove the images that have been uploaded to

So it seems this confidential information is going to be accessible in the public domain for 28 days and there is nothing anybody can do about it.

As I state below the response to this exact enquiry on seems to have been to delete my post and block me as the post is gone and I can no longer access MS support when logged it which seems remarkably extreme for a simple question from a customer!

Collapse -
That's a different question as I read this.
by R. Proffitt Forum moderator / June 18, 2013 12:42 AM PDT

Frankly the issues with "Live" apps and email has me not using them except to check out things that folk ask about.

Please read all about email and plain text and I'd like to know what you think.

That is, should all plain text protocols be removed?

Back on topic. Until this post I had to assume you were the receiver and they were the sender. Now that you added that you have control over the sender's email account and thus SkyDrive then the question is something else.

-> Here's my non-authoritative answer. Microsoft thinks that security by obscurity works. That is, since you can't list the folder's contents of that skydrive location then no one can guess the filename and see what's there.

YOU MAY DISAGREE but it appears you think I don't care. I really do. But unless MSFT gives you some delete button or option to not send such via a link like that, then the next choice is clear. And since I don't want you guessing, here it is. Don't use MSFT's product for this. Also, considering email is in the clear anyway, don't send such over email.

Collapse -
by mjingo / June 18, 2013 11:04 PM PDT

wholeheartedly - hard to believe MS are pumping tons of naive users' images to publicly accessible servers and claiming (as they do in their faq) that these images are only accessible by the sender and the recipient when this is clearly not the case if the only "protection" is an obscure URL string.

The biggest issue as ever is that the consumer simply doesn't seem to care - whether through ignorance, blind faith in the brand or complicity. All I know is that my mother freaked when I explained this to her and is switching to another service / desktop client and pgp as soon as I can get over and install it for her Wink

Collapse -
No response from MS - they deleted my post instead!
by mjingo / June 18, 2013 12:18 AM PDT
In reply to: Seems well discussed.

So, I posted the exact same question on and their response - deleted my post and appear to be preventing me from accessing forums?!

As I am no longer able to access or post to Microsoft's support forum I'm hoping someone in the know here can help.

My point to re-iterate - is that the default behaviour of the "photo email" feature of Live Mail is to upload full sized images to their Livefilestore server (this is NOT Skydrive) and that this image seems to be protected only by an obscure URL.

This suggests to me that Livefilestore could relatively easily be trawled for sensitive images and as Microsoft do not provide a way for users to delete images it is hosting there they are being exposed to a significant security threat.

Any one care to comment?

Collapse -
Email is sent in the clear anyway.
by R. Proffitt Forum moderator / June 18, 2013 12:22 AM PDT
Popular Forums
Computer Help 49,613 discussions
Computer Newbies 10,349 discussions
Laptops 19,436 discussions
Security 30,426 discussions
TVs & Home Theaters 20,308 discussions
Windows 10 360 discussions
Phones 15,802 discussions
Windows 7 7,351 discussions
Networking & Wireless 14,641 discussions


$16,000 used SUVs

Whether you like your SUVs cute or capable, or some blend of the two, we've got a wide variety of choices in Roadshow's first collection of Editors' Used Picks.