fbpx
Contact Us

Existing Advice On Adult Sexting Is Ignorant to Reality...

Go Back

Our mobile phones play a large part in the protection of privacy in our lives, not least because they tend to be the most used device we own but also because they are a haven for our personal information. A Bitdefender survey found that over half us Brits store a significant amount of personal data on our smart phones, yet almost all didn’t have any kind of anti-malware solution on their mobiles whatsoever . The threat associated with mobile devices is drastically underestimated by us for some reason. People tend to think virus’s and the like only affect PCs and laptops…this is not the case at all. Actually, to the contrary – cyber criminals are reacting to the global explosion in mobile devices by targeting their attacks towards mobile devices.

This becomes a particular problem when we’re storing super sensitive information on our mobiles. They don’t come more sensitive than naked selfies of ourselves that are reserved for our partners. Most of us would be devasted if those images were released into the public domain. Due to the fact that almost all smartphones have integrated cameras in them now, our phones tend to be havens for this kind of super sensitive data.

Existing advice for adults is "Stop sexting. It's too risky". Unfortunately, this ultimatum type of advice is not only impractical, but professionally lazy.

Note: The solution for kids (under 18s) sexting is simple, it is illegal and they should not do it as they risk being put on the sex offenders register and a criminal record, as sending nude images of themselves (even without their face in it) is still classified under law off distributing child pornography.

The solution however for adults isn’t to stop taking these kinds of photos or videos. That is completely ignorant to the reality that people are going to continue sexting regardless (for the simple reason that they enjoy it!), so we need a solution that allows us to continue doing so but ensures our security and privacy at the same time. Before we get to the solution, what exactly are the threats?

What do we actually need to worry about?

There are a few different threats that pose a risk to us storing this kind of information on our mobiles. They include;

1. Kids

If you don’t have a screen lock passcode, you should! Having one will prevent the risk of an unattended phone being picked up by a child and them perusing through your photo library. However, you have a passcode and be showing your kids or friends some photos and accidentally swipe right one too far accidentally revealing a raunchy snap of you or your partner…fairly embarrassing.

2. Malware

By it’s very design, a function of malware is to extract our personal information from the infected device and send it back to the cyber criminal. If we have super sensitive data on our mobile devices and it gets infected with malware, all this sensitive information could well be secretly extracted and sent anywhere in the world. Once in cyber criminals hands it could be used to extort you.

3. Third Party Data Sharing

Our phones can be automatically sharing our personal data in the background, often completely without our awareness of it occurring! A great example of where apps we use every day actually put us at more risk than we may initially think, is an event now known as ‘The Fappening’. It occurred a few years back and was where Apple’s iCloud was hacked by a small group of US-based hackers. Four hackers stole hundreds of peoples’ private photos and videos and then posted them online.

Case Study: ‘The Fappening’

The hackers used a combination of phishing campaigns and basic ‘over-the-counter’ password cracking software. These tools guessed the top 500 passwords approved by Apple’s password policy. They ended up stealing log-on credentials of tens of thousands of iCloud users, impacting over three hundred celebrities including Jennifer Lawrence, Rhianna, Kate Upton and Kaley Cuoco. Once they compromised one email account, they used it as a stepping stone to compromise family, friends and work colleagues associated with it (i.e. in the contacts list of the hacked account).

Released images and videos included everything from the mundane selfies and scenic snaps to X-rated nude photos and videos. As you can imagine, once leaked, shady parts of the internet jumped on the opportunity to make money and posted sex tapes all-over the internet. One of the most disconcerting aspects of the hack is that when you use these two tools together, you can get access to anything the victim has ever done on their mobile device. This would provide hackers with more than just naughty pics, that could be used for extortion. I expect this almost undoubtedly took place for some of the unlucky celebrities but it just didn’t make the headlines because it was settled in private.

The whole reason why this hack happened is because people weren’t aware that their smartphones were sharing their photos and videos with an online iCloud account. Most people thought that whenever you take a photo on your iPhone it stays on your phone. Unfortunately, not. So that you can access your photos from anywhere in the world and from multiple devices, each photo and video on an Apple device by default syncs into Apple’s cloud called iCloud.

The cloud is just like any other web-based account, requiring a username and password to access the material. There was no vulnerability with Apple’s iCloud itself, it was the users’ passwords which were weak and were cracked. This is a great example of why we need to have both strong passwords but also an understanding how apps / websites use our data.

Your average cyber security expert would say, because of events like this, this is exactly what a privacy policy is for. You may have seen these? They’re the utterly pointless documents presented to us where companies try and help us understand how they use our data. Those recommending reading these for this purpose have clearly never read one of these yawn inducing documents for themselves! Research conducted by Lorrie Faith Cranor and Aleecia McDonald found that these privacy policies are on average 2,500 words long and take around 10minutes to read (each)! If we actually read, once a year, every privacy policy we technically should for all the apps we use it would cost us approximately 28 working days per year! If all Americans were to read online privacy policies, it would cost the US economy $781 billion every year!

Irrespective of the time it takes to actually read these things, having written a number of privacy policies for firms myself, I can tell you big corporations are often so complex that they themselves are often not aware of how they use our data and who they share it with. Also, companies who has the intent of lawful but borderline ethical practices, do you really think they’ll include it in a public-facing legal document for us all to see? Another big fat no. So, irrespective of how long it would take to read these things, it’s highly questionable whether we, as consumers, get the full picture of how they use our data anyway. In short, don’t bother trying to read them all – it would be a complete waste of your time.

So, in summary, apps and devices are by default sharing our personal data with other apps and online accounts in ways most of us aren’t even aware of, including sensitive data such as nude selfies of ourselves.

4. Lost Device

Most devices are lost via opportunistic thieves or organised crime (e.g. pick-pocket gangs). Even the most unsuspecting parties can be tempted into invading our privacy. For example, there have been numerous cases where policemen have been caught stealing sensitive personal data (i.e. nude photos) from suspects’ mobile phones . Most people (whether it is the authorities or pick-pockets) aren’t overly interested in our saucy snaps. Thieves are only interested in the financial value of the asset itself. But should your device be lost or stolen, it’s an added level of worry thinking whether or not they have got access to your private media or not. You won’t have peace of mind.

What can we do to protect sensitive media?

What we can do is make sure that information isn’t shared in ways we aren’t comfortable with. Follow the 4 steps below!

1. Have a Secure Cloud Password

As you can see from the Fappening example, the usual way hackers get hold of our sensitive media is not by hacking the technology itself (e.g. Apple’s iCloud, or Microsoft’s OneDrive). It’s through us using poor passwords for these accounts. Hackers crack our password and then get seemingly legitimate access to the account! Want to know how to create a secure password (aka a ‘passphrase’)? Read this.

2. Update your mobile privacy settings

Most smart phones now have a dedicated ‘Privacy Settings’ menu option in their settings. Review the settings and ensure they align to your privacy preferences. Go to the How-To Media library of www.simplecyberlife.com to get step-by-step instructions on how to do this! Click here.

3. Use a ‘Secure Media Vault’ App

I’d bet my mortgage that if people had known that their nude media was being sync’d with an online iCloud account, most people would have chosen to exclude those photos from sync’ing and use a secure media vault app to store them in instead. Secure media vaults use encryption to protect everything you put inside it.

One great app to consider is called ‘KYMS’ (Android/iOS). It stands for ‘keep your media safe’ and provides an encrypted vault for you to keep your private media away from prying eyes. So, if you do take saucy snaps of yourself or your partner, you now have a secure place to store them. This stops other apps on your mobile from secretly accessing sensitive data and people who may get hold of your device (e.g. thief, police or nosey sibling). Even forensics technology such as that used by the UK Police Force wouldn’t be able to access media within KYMS because it uses encryption ($1.99).

I hope this helps provide you with some peace of mind. If you haven’t reviewed your mobile permissions and got yourself a secure media vault app then follow the guidance above to get them in place!

 

Jonny

Founder of www.SimpleCyberLife.com. Cyber security expert, public speaker and entrepreneur.

www.jonnypelter.com

jonny@simplecyberlife.com

Leave a Reply

Your email address will not be published. Required fields are marked *

Hacked Social Media Recovery Handbook!

Pop your email into the form below and we'll send you the link to your free handbook!

We hate spam and won't send you mindless marketing emails. We share some internet safety tips. You of course can unsubscribe at any time.

Free Protection Checklist!

Pop your email into the form below and we'll send you the link to your internet safety protection checklists!

We hate spam and won't send you mindless marketing emails. We share internet safety tips. You of course can unsubscribe at any time.

Free Cyber Bullying Handbook!

Pop your email into the form below and we'll send you the link to your free handbook!

We hate spam and won't send you mindless marketing emails. We share some internet safety tips occasionally. You of course can unsubscribe at any time.

Free I've Been Hacked Handbook!

Pop your email into the form below and we'll send you the link to your free handbook!

We hate spam and won't send you mindless marketing emails. We share internet safety tips. You of course can unsubscribe at any time.

Top