GET AHEAD

Celebs' private pics hacked: Here's how to protect yourself!

By Himanshu Juneja
September 05, 2014

Ten tips that will protect your private photos from falling prey to Internet hackers

Cast members Leslie Mann (L), Cameron Diaz (C) and Kate Upton pose at the premiere of the film The Other Woman in Los Angeles; Photograph: Mario Anzuoni/Reuters

 

Ever since nude photographs of A list movie celebrities liek Kate Upton, Jennifer Lawrence and Kim Kardashian from Hollywood were leaked online by hackers, the focus has shifted squarely on iCloud, Apple's trusted online storage service.

The company has denied that its iCloud had been hacked, but the fact that Apple rushed to plug a flaw in the iCloud's password retrieval system makes it apparent where the fault is. Armed with the target user's email, the hacker pounced on the opportunity and most likely used the brute force mechanism to get themselves in on the private content.

It has been a few days since the dust from the chaos has settled in, and nearly everybody, who is aware of the situation, has been asking for tips to secure their accounts just in case of similar attacks.

Let us take a look at some of the Don't's which users in the digital age must exercise and in turn boost their privacy measures:

1. Don't choose a simple password. They are meant to be complex.

Today, the cloud based services have been promoted to death and have been made almost unavoidable. They are useful, but one must take adequate steps to make their accounts secure. Simple or weak passwords make the task of hackers a mere cakewalk.

Solution:

2. Don't keep simple passwords for email accounts either

Remember, the way to retrieve a password for storage services like cloud is through your regular email. So having a weak password for the email will
entirely defeat the whole purpose of securing extended services.

Usage of random words, combination of upper case and lower case, numbers, special characters and punctuation marks will be a good step to ensure a
strong password.

3. Don't rely just on the username/password combination for access

To add another layer for security, get the two factor authentication enabled for your accounts.

With this two step verification process, a user is not only required to enter the password, but also a secure code which is sent to the user on their
enlisted/trusted device.

The double authentication might seem to be a bit of a hassle, but doesn't seem to be too much of a task when compared with the threats which hackers
present today.

Having said that, Apple's two factor authentication is still not robust. Google on the other hand has done the needful and is more secure.

4. Don't leave content unencrypted

Content like photographs are generally not meant to be shared with the world. Keeping them encrypted on the computer/phone/tablet etc is a good measure to cut down on the risks of them getting exposed.

Microsoft and Apple offer encryption services. The former provides Bitlocker and the latter has FileVault.

Even if going for third party solutions, users must give attention to the fact that AES (Advanced Encryption Stantard) has been employed.

Sensitive data and encryption services should go hand in hand. This much should be common knowledge by now.

5. Don't back-up your personal files on the cloud unless absolutely necessary

If you want to be totally safe, keep your files away from the cloud. This really is a simple and basic step. Keeping the personal data from being stored on less-secure locations will automatically cut down on the chances of a leak.

One can choose to remove the automatic back-up to cloud facility, which at times is enabled as default.

For example, in Apple devices, Go to Settings> iCloud> Photos> Turn the option off.

While this step only takes care of the photos, one can simply delete the account to turn off the iCloud fully.

For Google based devices, one needs to venture into Photo app> General Settings> Turn Auto Backup Off.

6. Do not access suspicious mail

One of the oldest trick, and something which still goes around is to get the target users to access malicious content via emails.

The mails generally contain programmes which are disguised as harmless content and peppered with offers which encourages the users to click/download the
malware. The malicious code then proceeds to transmit personal information like passwords to a pre-defined and preferred location of the hacker.

Solution: Avoid suspicious/non-verified emails. Any file with the extension '.EXE' must NOT be clicked or installed.

7. Do not access/download from suspicious websites

Working pretty much in the way mentioned above, the malware can be delivered on the machine in a very innocuous looking manner, but will proceed to steal the personal information and compromise the privacy before the user can know about it.

A good anti-virus software will be a good solution to invest in.

8. Don't log into untrusted Wi-Fi networks

While the temptation to use free Wi-Fi network will compel users to overlook threats that come with it, it must be taken into account that unreputable/dodgy Wi-Fi sources can lead to person data like files, photos etc to be stolen.

Solution: Best way is to keep away from unverified Wi-Fi hot spots. They might be lucrative, but you must think about the pitfalls than the gains.

9. Don't rely heavily on web-based services for sharing content

Services like Email, Instagram etc are the default and go to options. The threat lies the most with such options. Hackers are too well aware of the weakness of the users to fall on these options and hence such services are always on their radar.

Solution: Best way again is to take the threat out by circumnavigating these services.

Sharing the content directly, like via portable HDD or USB pen drive. These do not rely on transmitting the content anywhere else but the target machine.

10. Don't stick to one password

A password is supposed to be unique, not only between users, but also between services used by the same person as well.

One password must be different from another one, so as to keep away the danger of a complete lockdown. The ultimate target should be to make the tasks of the hackers as difficult as possible.

Similarly, a password is not time proof. People attempting to hack one's account will get to a state where they have tried a good number of passwords. Hence, it is advisable to keep changing the password after few weeks or month, thereby staying another step ahead of the hacking party.

Note: Picture used only for representational purpose

Himanshu Juneja

Recommended by Rediff.com

NEXT ARTICLE

NewsBusinessMoviesSportsCricketGet AheadDiscussionLabsMyPageVideosCompany Email