1
I gave up waiting for anyone to care about this thread so perhaps I'll demonstrate a security hole instead. Once an image is linked, it can be modified.. not hard to change my server to parse .jpg as if it were .php and record cookies or something devious.
this has nothing to do with the thread, just that it was one image and now it's something else... not meant at anyone specific.