Naked on Facebook? It could happen to you
Hacker George Bronk used public Facebook info to access (and share) nude photos of random women. Feeling overexposed yet?
Of the many InterWeb threats you might want to consider being paranoid about – the government, Mark Zuckerberg, WikiLeaks, Anonymous, Chuck Norris – none is quite so terrifying as the Random Angry Dweeb.
The Random Angry Dweeb is a guy who speaks in three-letter acronyms (like RAD), spends so much time in virtual worlds that he ‘air types’ when he talks, and can’t get a date on a bet. With his tech savvy he could probably get a good paying job if he wasn’t such a d***head to everyone he meets.
There’s no predicting a RAD attack, because they’re entirely Random. A RAD can screw you up 16 ways from Sunday if he feels like it. And because he’s Angry, he usually feels like it.
[ See also: Why MySpace deserves to die ]
Meet George Bronk, RAD to the max. This 23-year-old California male is now looking at six years in the pokey for hacking the Facebook accounts of women, resetting their passwords, gaining access to their email accounts, searching for nude photos they sent to their snuggle bunnies, and sharing said photos with the general public.
Per The Register:
Bronk acquired the pictures by trawling Facebook for women who included their email addresses and personal information, such as their favorite food, their high school or mother's maiden name. He then used those details to reset the passwords for their email accounts. Once in, he searched the victims' sent folders for nude or semi nude pictures.
In some cases, he sent the pictures to everyone in the victim's address book. In other cases, he threatened to make the pictures public unless the women sent even more explicit images. He told one woman he did it "because it was funny.
Yeah. A barrel of laughs, that George.
The California State AG’s office has more details on how Georgie porgie stuck his thumbs in these women’s email accounts and made them cry.
Bronk targeted his victims by scanning Facebook for women who also posted their e-mail addresses there. He then contacted the woman's e-mail service, pretending he was the legitimate customer, and claimed to have forgotten the password. Bronk was able to correctly answer security questions posed by the e-mail service by finding the answers on victims' Facebook pages.
Some of the security questions posed by e-mail providers included, "What is your high school mascot?" "What is your father's middle name?" "What is your favorite food?" and "What is your favorite color?"
OK, I have a few questions here, and the first one is this:
1. Where were these women when I was single? Best thing I ever got on email was a “xxx ooo” in the signature.
2. Do that many people really still send nudie pix via email? Isn’t that why God and AT&T invented Sexting?
Police found more than 170 images on Bronk’s hard drive, but so far have only identified 46 of the women pictured there. So if you’re a woman reading this and a) have a cache of nude shots in your Sent folder, and b) have noticed people pointing at you and giggling as you walk by, you may be one of them.
People who comment on this blog often ask what’s wrong with making your Facebook information accessible to 600 million people – you know, the whole “sharing is the new social norm” argument that Zucky likes to push.
Well, here’s a good reason not to. Some RAD is trolling your profile for secrets, simply because he can. (Unless, of course, you want your bare assets buttered all over the InterWebs. Some people do.) Bronk got caught; how many more RADs just like him are still out there?
This incident also points out the systemic problems of relying on simple passwords as the lone barrier to uninvited guests. We are well past the point where secure connections (https) and two- or even three-factor authentication (a password or phrase, plus a swipe card or your cell phone) should be required for all services where we share personal information.
A RAD like Bronk can steal or change your password in a heart beat. Being able to do it while also stealing your phone? Not so likely.
But in the meantime, if you don’t want the world seeing you in the altogether, it’s time to make your Facebook page a wee bit less accessible and more private. Don’t you think?
ITworld TY4NS blogger Dan Tynan has never posted or emailed nude pix of himself to anyone, for which the entire planet is grateful. Take a walk with him on the snider side at eSarcasm (Geek Humor Gone Wild) or follow him on Twitter:@tynan_on_tech.