Celeb hacking scandal shows digital vulnerability

LOS ANGELES  — To keep private pictures private, never upload them online.

That’s the advice experts offer after hackers broke into female celebrities’ personal accounts, stole nude photos and posted them on the web. Jennifer Lawrence and Mary Elizabeth Winstead have said they were victims of the hack attack.

Federal investigators are looking into the theft, and Apple confirmed Tuesday that while individual accounts were breached, its iCloud and Find My iPhone services remained secure.

This latest hacking scandal is another reminder that locking down digital data is a must for public figures.

“It shows that celebrities, like the rest of us, are not as attuned to Internet security as they should be,” said marketing expert Dorie Clark. “Like many regular couples, celebrities probably enjoy taking racy photographs, but they have to recognize there are people out there who are inherently interested in what they’re doing, and want to either make money or make a name for themselves by getting at those photos.”

It could be embarrassing for anyone to have their nude image shown online, but most people aren’t at risk of being targeted by hackers in this way, said Gary Zembow, who helps celebrities secure their data as founder of Hollywood Tech Consulting.

“If you accept that some celebrities need bodyguards,” he said, “then their personal, private data needs a version of that, as well.”

Individuals and companies increasingly use Internet-based “cloud” storage for images and other data. But such data can become more vulnerable once uploaded online, said professor Lance Larson, an instructor at San Diego State University’s Graduate Program in Homeland Security.

“The cloud is like a storage locker,” he said. “Are you the only person with the key? Or does the storage-unit owner also have a key?”

In short: “Don’t put a document or photo online or in the cloud if you don’t want it to get out at some point,” he said.

It is unclear when and in what context the targeted actresses created the nude images. Winstead tweeted Sunday that the intimate pictures she took with her husband “in the privacy of our home” had long been deleted. “I can only imagine the creepy effort that went into this,” she wrote.

Even though such hacking is illegal — the man who stole nude photos of Scarlett Johansson was convicted of federal wiretapping and unauthorized access to a computer — ensuring that all the illicit images are removed from all the sites that posted them is a never-ending challenge that one expert likened to a game of “whack-a-mole.”

So how can celebrities — and others — protect their privacy in the Internet era?

Remember that all digital media, even with privacy controls, can become public, said professor Karen North, director of the Annenberg Program on Online Communities at the University of Southern California.

“What you think is private is public, and what you think is temporary is permanent,” she said. “Once you share it with somebody, you no longer control the intellectual property.”

To really keep something private, don’t upload it and don’t share it.

Also, log off the Internet and turn off the computer when you’re done using it, Larson suggested.

“If you don’t take that device offline,” he said, “you’re providing 24 hours a day, seven days a week of a potentially unmonitored computer on the Internet.”

Be mindful of wireless networks as well — especially celebrities whose homes can often be located on “star maps” or shown during Hollywood tours. Zembow notes that anyone could pull up in front of the house and break into its Wi-Fi system.

“The simplest two words are strong passwords,” he said.

Finally, those insistent upon taking sexy photos ought to consider using an offline device not connected to the Internet, and keep it locked in a safe. Or go retro and use a Polaroid.

Read more...