Just when you thought the drama was over. Apple is taking the iCloud hack that revealed naked selfies of celebrities seriously, adding new security tools to keep its cloud safe. But there’s still fallout from the early-September iCloud hack.
Indeed, headlines report a new wave of naked photographs of celebrities leaked online. This wave includes movie star Gabrielle Union, pop star Rihanna, Disney Channel star Vanessa Hudgens, reality TV show personality Kim Kardashian, U.S. Olympic soccer team goalie Hope Solo and U.S. Olympic gymnast McKayla Maroney.
Union and her new husband, NBA star Dwayne Wade, issued a joint statement that said, in part: “It has come to our attention that our private moments, that were shared and deleted solely between my husband and myself, have been leaked by some vultures.”
Behind the Photos
Other celebrities have also spoken out, but Andrew Conway, a research analyst at Cloudmark, a carrier-grade messaging security and infrastructure solutions firm, told us it’s not just celebrities who have cause for concern. As he sees it, everyone who shares photos on the Internet should be concerned about metadata that may be included, deliberately or inadvertently, within those photos.
“JPEG photos contain a header known as EXIF information. This may include the data and time the photo was taken, the make and model of camera, the exposure, aperture, and focal length of the lens, and for cameras and smartphones with a GPS, the exact location of the camera when the picture was taken,” Conway said. “We’ve just seen an example of how this data can potentially be used maliciously.”
Conway explained that at least one of the pictures of Maroney contained latitude and longitude in the EXIF information. This was used along with Google Maps to determine Maroney’s home address, he said. It gets even scarier, though. According to Conway, the hacker went to real estate listing site Zillow and found a virtual tour of the home.
Avoiding the Danger
“The good news is that some Web sites will remove this data. Facebook strips this information before publishing your photos — though they may be preserving it for internal use,” Conway said. “Flickr, however, gives you the option of making this information generally available. It also allows searching from photos taken near a particular [latitude/longitude].”
Conway said it might be possible for a cybercriminal to write a bot that tracks the Flickr users in particular neighborhoods to see when they go on vacation — and even flags their homes as candidates for robbery.
“As we’ve seen, even pictures intended to be private can be compromised,” Conway concluded. “To maintain your personal privacy and safety as much as possible in this event you may wish to use a metadata removal tool on all your photos. Examples are Batch Purifier Lite for the PC or ImageOptim for the Mac.”
NewsFactor Network