I love the idea of the wallet section but I am curious about the security of doing so. The website does not use SSL/https by default (suggestion to do so), photo's are uploaded unencrypted unless https is specified. Once uploaded, are they stored encrypted in a database or file system? Does admins/developers have access (physical or remote) to see what is uploaded? Is access to these images audited and review? Do you use any 3rd party scanning/pen testing to find holes that could show users information? Thanks!
AdminDiveboard team (Admin, Diveboard) commented
If you wouldn't upload your pictures as private on Flickr, or any other online photo sharing site, don't upload them on Diveboard.
There is no such thing as picture encryption nowhere on the Internet (or your browser wouldn't be able to display it). What we can guarantee is that the location of the assets is obfuscated enough not to be guessable - same mechanics as on Flickr - and nobody else but you can retrieve this location.