Over at the Security Monkey blog, Chief does a really nice job of breaking down how someone’s photos from their iPhone wound up on the internet, without the user having ever sent them to anyone.
Even if you’re not very technical-minded, I think you’ll be able to see what happened, and some simple steps you can take to keep your own data private. And, of course, his recommendations are always great:
- Use strong passphrases on all of your accounts – phrases that nobody else but you would ever guess.
- Create GOOD security questions where the answers can’t be easily located online or through some sort of social engineering.
- Do not reuse passphrases – ever. One passphrase per site/account.
- Always enable secondary authentication like SMS.
- Don’t use cloud-based backup solutions for highly sensitive things unless you accept the risks associated.
- Do you really have over 400 friends on Facebook that need to see all of your personal data? Probably not. Liberally remove people from your Facebook account that you don’t know personally. Reduce the amount of personal information shared on social media sites in general.
- Don’t take sensitive photos of yourself with your smart phone. 🙂
As for my own thoughts. Look, I happen to think social networks are a great way to keep in touch with family and friends, and a great way to interact with folks who share common interests. I’ve made a lot of good contacts in the years I’ve been blogging, and then using social networks. On the other hand, have no illusions about the level of privacy you have. All it takes is one little bug for private messages to become public, or one careless moment for your reputation to be stained forever. Always keep this in mind when using these tools too.