Yesterday, several hundred photos of celebrities that took naked or partially naked “selfies” were posted online. Included were several compromising pictures of one of the biggest names in Hollywood right now, Jennifer Lawrence.
The leak appears to involve the theft of these photos from Apple’s iCloud service, which automatically backs up phones to remote cloud servers. These servers can be accessed like any other website login – with a username and password.
Jennifer Lawrence’s iCloud photo leak should be a warning to you. If you want to know how to avoid a privacy breach like this, here are two takeaways: Don’t put compromising photos and data online in the first place, and create stronger passwords. This post explains exactly how to do these things.
Don’t put compromising data online in the first place.
Consider anything you put online public – forever. This includes web sites, social media, or even backup files on cloud servers.
Previously I’ve written about Facebook privacy, and how anything you post online is there forever. I’ve also written about how compromising selfies or sex videos taken on mobile phones can persist in multiple private databases.
Think about the fact that you are taking nude photos on a mobile phone. A mobile phone can be lost – easily. Data on the phone can be retrieved when your phone is lost. Some applications on your phone have access to your photo album.
If you think about it for 5 seconds, a mobile phone itself is essentially a wireless communication and broadcasting system. So maybe putting naked photos on it is not the best idea in the first place.
In the case of Apple’s iCloud, there’s nothing wrong with backing up your phone remotely, IF there is no compromising data on it and if you have a VERY strong username and password.
If you’ve read this far, and still for some reason absolutely must take nude selfies on your iPhone, at a bare minimum, turn off the iCloud backup of your Camera Roll.
Use more secure usernames and passwords.
2014 was one of the worst years for online security. In April, we had the Heartbleed bug, and more recently, the theft of 1.2 billion Internet passwords by Russian hackers.
And unbelievably, people are still using short, easy-to-remember and type passwords.
It’s not enough to just change your passwords, it’s paramount to create more secure passwords that cannot be guessed as easily by computer programs.
In my post on the Russian theft, I laid out some simple tips on how to create safer passwords.
- Never use the same password twice. Keep a separate password for every online account you have.
- Create complex, long, and difficult to guess passwords.
- Use a combination of numbers, UPPER and lowercase letters, and special characters.
- Do not use actual words found in the dictionary. For example, instead of using a password like guardians, use something difficult to guess, such as G_u@R-di@nz.
- Use an encrypted password safe program. A list of these can be found here.
The world is full of technology that we use every day, yet rarely fully understand. For most of us, we will never understand it fully, but using it responsibly can help save you from a world of trouble later.