As almost anyone who reads the news will know, many celebrities such as Kate Upton, Kirsten Dunst and most heavily published Jennifer Lawrence have recently had their iCloud accounts hacked leading to intimate, naked and private photos being acquired and released on the internet. In light of this recent celebrity scandal I have put together some thoughts.
The Two Sides
It seems to me that there is outrage from two camps. The first (including the celebrities themselves) are outraged at the hackers for stealing their photos and entering their private lives, digitally. This is completely understandable as they feel vulnerable and –for lack of a better word– naked. These people are also outraged at the technology (Apple’s iCloud and more importantly, Photo Stream) for syncing their photos between devices over a network and for a lack of information about such activity. This is somewhat a blurry anger; more of a knee jerk reaction than a calculated criticism.
The other camp, is made up of people who are defending the technology and pointing out unempathetically that the celebrities should have had better security and be more savvy with their digital data. They’re probably also the ones questioning why they have even taken naked selfies in the first place! And I mean, really naked. Someone on my Twitter feed retweeted some images of J-Law which of course appeared in my timeline and seriously, those photos were more than just private underwear shots.
The Difficulties in Taking Sides
Unfortunately, neither of the two sides are 100% correct as we need to find a stance in the middle of this crossroad between digital security, convenience, common sense and nudity. I really do feel for people when they have their digital lives upturned and ruined, because there is no tangible context for whatever they have lost and to make matters worse, there is often no monetary value to whatever they have lost.
I do feel as though the technology really isn’t to blame in this instance. iCloud is a very smart service that serves many millions of people with the background tasks of keeping our many devices synchronised together. A task that many people would be unsure where to begin if they were to manually do it themselves, but absolutely love the fact that it just works. This convenience and simplicity comes at a cost though and we all need to be aware of how much control we can retain over our accounts. It’s also worth noting that this scandal hasn’t been brought about from a technical failure in iCloud’s system, but more of a targeted attack i.e. celebrities had their login/access credentials exposed in some way or another.
There’s a thin line that technology companies have to balance over confusing and annoying users with increased security measures and laying down the best security they can offer. All too often, people will risk their security for convenience or laziness and then point the finger of blame when something fails in an attempt to try and find support. Even in the physical world, it still shocks me how many people have front doors that don’t automatically lock when closed, leaving anyone easy access to literally just ‘open’ the door to their lives.
I’m sure we have all been pestered by a system or administrator about the strength of our passwords and to not repeat them etc., but you really do have to listen to this advice. I’m no security expert, but here’s a quick tip for you: the easiest way to have a secure password is quite simply to make it longer.
As a suggestion, some people I know use short sentences for their passwords reaching around 30 characters each. Mix in some upper case letters and some numbers and you instantly strengthen your password. Of course, there are much better, completely randomised ways of having a secure password so if you want to learn more about online security and passwords, then this is a very informative read on Medium: How to Outguess Passwords
This May Surprise You
Did you know that a lot of websites that claim to “find your ultimate pet superhero name” (or something along those lines) are actually just websites harvesting a whole host of personal information about you. Requiring you to sign up with an email address and password, then asking for things such as your parent’s names, first school you went to, street you grew up on, favourite sports team etc. Sound like familiar questions? That’s because they’re also common security questions you may be asked when creating an online account… just let that sink in as you realise whether you’ve filled out those sites before and potentially handed over information that you thought only you knew about.
Have a Scary Wake Up Call before it’s too Late
Earlier this year, I had a complete overhaul of my online security after reading just two articles. The first, How I Lost my $50,000 Twitter Username and then, How Apple and Amazon Security Flaws Led to My Epic Hacking. Both articles really scared me and gave me a wake up call to realise just how at risk we can be. The single most important security measure I have implemented is 2-step verification on all my email accounts and any online accounts that support this. For the record, both Google and Apple support this and it is easy enough to turn on in the security sections of your account settings.
So what is 2-step Verification?
Essentially, the principle is this: You still log into your account with a username/email and password but when you log into your account on a device for the first time since activating 2-step verification, you will have to enter a short code that is either sent via text message to your phone or displayed as a push notification on your authorised device. The reason this is super secure is because it uses a physical device that you have to have on your person. Something that a hacker over the internet will not have. Now, you won’t have to do this every time you log in, just every 30 days or when you set up a new device. It’s really not that much of a hassle.
Other Tips to be Aware of:
Use separate passwords for your main internet accounts. If you have multiple email addresses with different providers such as Gmail and iCloud, DO NOT USE THE SAME PASSWORD. Especially if both emails are the backup addresses for each other. If a hacker compromises one account with a password, don’t give them the easy access to your second account. As soon as you’ve lost access to your email, you’ve pretty much given up all online accounts through the power of the “I forgot my password” link.
And finally, don’t take naked pictures of yourself. Especially if you’re a public figure. There are people out there who will spend their entire lives trying to find such images. By creating them in the first place, you’ve already allowed someone in the future to discover them.
Stay safe and secure.