How secure are your online files?
In light of the hacking of the personal photos of Jennifer Lawrence and other celebrities, is now a good time to review your online security?
Several theories have circulated on the recent celebrity hacking scandal and how the hackers managed to get hold of the photos. One theory was that hackers had exploited a flaw in Apple’s iCloud and Find My iPhone app which allowed people to stage a ‘brute force’ attack on accounts by having no limit on the amount of times a password could be entered before the user would be locked out. This meant that hackers could guess passwords for as long as it took until the account was broken into (not difficult to do for a skilled hacker).
Apple have since fixed this and claimed that it was not a flaw in Apple’s security systems or an attack on their servers that led to the hack, instead it stated that hackers targeted celebrities’ usernames,
passwords and security questions in order to gain access.
The images were initially posted to image-sharing site 4chan and then spread through the site Reddit. Despite condemning the violation of the victims’ privacy, Reddit delayed removing the forum used to post theimages (titled ‘The Fappening’), with CEO Yishani Wong saying that “Weuphold the ideal of free speech on Reddit as much as possible not because we are legally bound to, but because we believe that you – the user - has the right to choose between right and wrong, good and evil, and that it is your responsibility to do so.” The links received 250m views before the message board was finally banned.
There is a perpetual curiosity as to the lives of people in the public eye – yes, even cricketers! This means there is a demand for information and images such as those leaked and both male and female sports stars have been targeted.
So, how should you protect your online information?
1. Do not have the same password for all of your accounts. It is
tempting to create one password for everything as this makes it quick and easy to remember. However once someone else discovers this password, they then have access to all of your personal accounts. Having several different passwords limits the damage created by a hacker who is able to discover one.
2. Choose strong passwords. Nowadays, people have a tendency to put a lot of personal information about themselves online. Public figures will probably also have a lot written about them and their personal lives.
This means that it is easy to find clues to passwords and security
questions. For example, the answer to “what is your mother’s maiden name” is likely to be discoverable from a quick Google search. If you pick something random - but still easy to remember - and add in some capital letters, numbers and/or symbols, then this is going to be much harder for anyone to guess.
3. Beware of the cloud. When you take a photograph on your iPhone the picture automatically backs up on the iCloud. If you delete an image from your iPhone a copy of it could still exist on the cloud. You should double delete!
The trouble is that many people don’t understand how the cloud storage system works. US actress Mary Elizabeth Winstead (who was a hackingvictim) tweeted that the images of her were deleted a long time ago. It seems likely the pictures had been backed-up to the iCloud.
4. Think about who you are sending images and information to.
Increasingly we are acting for sports stars and celebrities who have
sent photographs, messages or been recorded during Skype calls. Whilstthe press might not publish nude photographs in their pages they are happy to publish stories about a “scandal” and photographs and videos often find their way online.
5. Watch out for phishing emails. Never click on a link you don’t trust.
Phishing emails are scam emails (sometimes sent via a friend’s hacked account) which seek to trick the recipient into sharing password information.
For example, some emails may have been sent out claiming to be from Apple, asking for people’s IDs and passwords, under the guise of warning of unauthorised access. Whilst they may look authentic, emails such as these can be an attempt to hack into your account, so be careful about anything that asks you to provide your account details.
6. Use two-step verification. Even if someone is able to guess your
password, you can still foil them with two-step verification which is
available with all email and social media accounts. This means that
more than one password is necessary to gain access. Once the correct password is entered, a unique one will be generated and sent as a text to the user’s phone. This means that someone has to steal your mobile phone in order to hack your account.
Are you LinkedIn?
Social media presents an array of commercial opportunities both during and after your career. Engagement with fans on Twitter and Instagram can be very attractive to brands but LinkedIn offers an alternativeroute to commercial success.
More than 313 million businessmen and women worldwide use LinkedIn and it can be a great way to professionally interact, research and prepare opportunities both during and after cricket.
For those skeptical about the narcissistic nature of Twitter, Facebook and Instagram, LinkedIn can be the perfect antidote. It is a website where people share information which is designed to be made public – professional achievements, campaigns and information.
Here are our 5 tips to getting the best use out of the professionalnetwork.
1. Your profile is your CV – make it look professional. On Twitteror Instagram you may get away with the odd “lol” or “omg” or emoticons but LinkedIn requires a more professional tone. Set out your background, experience and skills in a sensible way, use a professional looking photograph (not a picture of you in a pub!) and always double check your spelling and grammar!
2. Let people know what you can do. During your career it is relatively simple for cricket fans to see what you can do on the pitch. LinkedIn enables potential clients, contacts and business partners to know what you can do off the pitch. From after dinner speaking to a completely new career path and qualifications -some LinkedIn users may be initially attracted by the glamour of linking up with a current or former cricketer but may end up with an impression that you are someone who can greatly benefit their business.
3. Meet the right people. LinkedIn offers the opportunity to join relevant Groups and to research people who are connected by common business interests. Join Groups, introduce yourself to interesting people and have constructive conversations. By joining relevant business Groups you can also receive updates about industries and topics that will help you commercially.
4. Post updates. Much like Twitter you can post information on your LinkedIn account. Whether it be information about a Benefit Year, a new venture or simply cricket-related info; if you have something interesting to say then say it.
5. Link it with Twitter. If your social media is all about networking and creating commercial opportunities then why not link your LinkedIn updates with Twitter so that you maximize your contacts.
PCA MEMBERS NOW HAVE ACCESS TO EXPERT LEGAL ADVICE ON MEDIA AND SOCIAL MEDIA
The PCA have agreed a deal with specialist media law firm, Himsworths Legal, which provides members with increased support and advice regarding media, legal and social media issues.
Jason Ratcliffe, Assistant CEO of the PCA, and Luke Reynolds, Social Media Executive – TEPP, will be working closely with Himsworths to help protect, educate and expand opportunities for players on social media and in the media in general.
Himsworths has considerable experience in sport, working regularly with the likes of Liverpool and Manchester City and their players to help with damaging news stories, online harassment and social media problems.
A GUIDE TO USING SOCIAL MEDIA FROM MATT HIMSWORTH
A year and a half ago I was negotiating with the photo sharing website, Yfrog, to have a photograph of a man’s private parts removed from a young sportsmen’s Twitter page – his friends had played a prank on him, costing him a club fine and a ban. That was the moment that I realised that, as a lawyer, social media was going to dominate my professional life, particularly in sport.
There are some great opportunities on social media, such as the chance to connect with sponsors, support good causes and the ability to interact with fans – but how do you avoid damaging your reputation online?
Here are five tips on social media best practice:
1. Beat the fakes
It’s easy enough to say the wrong thing online yourself – but the power can be out of your hands if someone is impersonating you. By getting your account verified, you can help stop confusion and, if reported correctly, Twitter and Facebook will often remove troublesome fakes.
2. Know the rules
The ECB’s rules state that “No [player] may conduct himself in a manner … which may be prejudicial to the interests of cricket”. It gives them a wide jurisdiction so the message is simple – be careful what you say. This means you could be punished for simply swearing. The ECB and your club will be particularly concerned about language which could be deemed homophobic, racist or in any other way prejudiced – even if it’s meant in jest.
3. Lock your door
Hacking is rife on social media as the hacking of the accounts of footballers, Samir Nasri and Sergio Aguero, showed. Hacking software can enter every word in the English language in just one minute in an attempt to work out your password. Don’t just use a word and a number as your password, use symbols such as ‘!@£$%^&*’ or replace letters with numbers or symbols to make your password safer from hackers. If you are hacked, respond immediately using Twitter or Facebook’s helpful guides.
4. Don’t feed the trolls
Cricketers are used to the drunks shouting abuse when they’re in the outfield. Social media provides a platform for any anonymous person to pick a fight with you online. You should ignore it. ECB rules, your club and sponsor obligations and your reputation in general dictates that you have far more to lose than an average person by getting into a Twitter spat. Ignore and block anyone who tries to engage in an online argument.
5. Manage your public profile
Facebook enables you to customise your privacy setting and close off information to a group of friends. Upgrade all security and privacy settings on Facebook and, if in doubt, don’t post information or a photograph online. Twitter is almost always public. Make your messaging positive and understand that your Twitter comments represent the public presentation of who you are. Treat Twitter like a television interview – it’s that serious.
For more tips on social media best practise, please click below pdf.
Matt Himsworth is Principal and Founder of Himsworths Sports Legal Consultancy.