The Storage service allows the possibility of unauthenticated access against the Blob service. The reason is that blobs provide an ideal location to store large static content for a website. For example, the images in a photo-sharing site could be stored as blobs and downloaded directly from the Blob service without being transferred through a web role.

Public access control for the Blob service is managed at the container level. The Blob service supports three types of access control: the first type is no public read access, in which all access must be authenticated; the second is public read access, which allows blobs in a container to be readable without authentication; and the third type is ...