Taking (and sending) nudes can be a spicy part of your relationship with a live-in partner, a valuable aspect of your connection with a long-distance partner, a fun new way to connect with a date, or, honestly, just a hot thing you want to do for yourself. If you're taking more nudes, though, you may be wondering what the best way is to keep them secure from prying eyes.
While the celebrity iCloud nude photo leak rattled the nude ecosystem almost a decade ago, the fear that something similar can arise hasn't dissipated completely. Thankfully, there are actionable steps you can take to store nudes safely and keep your sexy photos where they belong — with you.
Keeping nudes secure on iPhone and iOS
If you use Apple products, the good news is that they're already pretty secure. "Apple has done a great job…creating a very secure consumer device," said Patrick Wardle, creator and founder of Objective-See, a source for free open-sourced tools for Mac users, and a former NSA hacker. "[If] you're an average hacker, you're not gonna have the ability to hack iPhones."
That being said, it's not a complete impossibility. There are some easy steps one can take to make sure their photo library is as safe as possible. Wardle compared hacking to robbers choosing houses. They're not going after the house with the alarm system, they're going after the house with the back door open. The same is true for hackers: They're going after the least-secure devices.
One step is to install the latest iOS updates. "Those updates have a lot of fixes and patches for security vulnerabilities," said Wardle. It's possible for someone to reverse engineer updates to see what was patched and use those vulnerabilities to target those who haven't installed the update. In iOS 16, Apple added another way to protect photos with the ability to lock the hidden folder with Face ID.
The other step is one many people have already said, but you may not have yet implemented: Use a unique password for every account.
"A lot of times hackers will hack into other companies and gain access to a large number of accounts, and then based on those accounts those using the passwords they will try [to hack] other accounts," said Wardle. This has been seen many times over, and Wardle referenced the 2013 Adobe hack as an example.
In addition to using unique passwords (and password managers can help with that), Wardle also suggested turning on two-factor authentication whenever possible, such as with your iCloud Drive. "It's just an extra layer of security that will make your device, and your account, way more difficult to hack," said Wardle, "So opportunistic hackers are just going to basically move on."
Want more sex and dating stories in your inbox? Sign up for Mashable's new weekly After Dark newsletter.
It's also a good idea to have a passcode on your phone as well, just in case.
Speaking of the cloud: Wardle prefers the practice of keeping files — especially sensitive files like nudes — on your phone or iPad as opposed to dropping it in the cloud. That doesn't mean the cloud isn't secure, but having files in one place instead of two just "reduces the attack surface" according to Wardle.
Then there are photo storage apps. Apps that you download from the app store are usually secure since they're vetted by Apple, but Wardle advises you be careful and judicious. Look at who made it, what they're doing with information and data. Once you give an application access to your private photos, Wardle said they can do anything they want with them.
"There's nothing to stop an app that claims to provide some fancy filters to your images from copying all your images and sending them to some remote server where — who knows what's going on," said Wardle. This isn't the case for huge apps like Facebook, Google Photos, and Instagram (those have been vetted by security researchers), but smaller apps with more dubious origins.
"There's nothing to stop an app that claims to provide some fancy filters to your images from copying all your images"
Also, look into whether the app has end-to-end encryption. In a nutshell, end-to-end encryption means that only the sender and recipient can decrypt and read the content. Wardle used the example of iMessage: The message goes through Apple's servers but if the servers were hacked, hackers can't read the message. Even Apple wouldn't be able to read the message.
For those wondering, don't worry: Snapchat has had end-to-end encryption since 2018.
And if you store your nudes on a Mac, there's even more protection: You can encrypt files and folders that are protected with an additional password. "So even if your system got hacked or someone you know had access to your laptop… that specific folder perhaps more sensitive content and images can kind of be protected with an extra layer of security," said Wardle.
Third-party photo vault apps claim to have similar functions for the iPhone, but Wardle warns users to be cautious of those as with anything that accesses your photos. "I wouldn't recommend just running out to the App Store and downloading the first file vault app that pops up," he said. Do your research, and don't balk at a potential cost. "You often get what you pay for" in terms of apps like these, said Wardle.
The most likely scenario of a nude photo leak isn't a hacker, however: It's someone who has the photos breaking the sender's trust — essentially, non-consensual porn. Should that happen to you, here's what you can do.
Android and PC
Neil Kittleson, CEO of NKrypt and former senior executive in the NSA's cybersecurity directorate, shared tips for Android and PC devices.
First off, encrypt your device. "A four-digit passcode isn’t enough to keep really curious people out of your device," Kittleson said. "Use a strong passcode or biometrics to secure your device."
When you're not using your phone or tablet, don't keep it unlocked. Instead, set your sleep mode and screen lock and set the power button to autolock. "This is your only protection if someone tries to take your unlocked phone from your hand," said Kittleson.
Next, install Find My Device. Not only will the app help you recover your device, but it'll allow you to remotely wipe it as long as it's connected to the internet according to Kittleson.
In addition to encrypting your actual device, Kittleson advises you to encrypt your photos. He explained that the Department of Defense uses specific cryptographic algorithms, and the one they use to protect confidentiality of data is called AES256. "When you want to encrypt photos on your device, look for applications that use AES256 encryption," he advised. "Additionally, make sure you trust the developer that implemented the cryptography."
Two main ways cryptographic products are reviewed are by government bodies making sure these products meet their requirements, and by open source. Kittleson explained the difference: "Typically government bodies use specifications that have been published that adhere to international criteria and use independent labs to validate the cryptography," he said. "If the product is open source, that means that anyone can look at the code to make sure that no mistakes were made (intentionally or unintentionally) in the implementation of the code."
Here are encrypting options from Kittleson:
a. PC: There are a few good options for encrypting files on Windows10. If you are using the Pro, Enterprise, or Education versions, you have both full disk encryption and file encryption right on your desktop. Just right click on the file, select properties, on the general tab select the advanced attributes screen and check the box to encrypt contents. This works for files or entire folders. If you are using Win10 Home edition, you can upgrade to Pro for $99. That might be well worth it to protect your most sensitive files.
b. There are free options too. 7zip is a free and open source folder and file encryption software that has been widely deployed around the world. It uses AES 256 by default and if you encrypt the entire folder that stores your files, not even the file names are visible without the password.
c. Android: On your Android devices, in addition to using the default encryption, there are photo vault apps that allow you to hide your sensitive files and add an additional layer of encryption to them. When selecting one, look for a trusted developer that is using AES256 to encrypt the files. As always, use a strong password that you haven’t used anywhere else.
Like Wardle, Kittleson wants you to be wary of storing sensitive photographs in the cloud. Once it's there, said Kittleson, you have no control over it.
Finally, Kittleson advises you to remove EXIF data from your photos (EXIF stands for exchangeable image file format). "Every photo you take has tags that describe where you were, what kind of camera use used, what time the photo was taken...It’s how social media apps know how to tag our location,'' explained Kittleson. "If your sensitive photos tag your house as the location it was taken, not even cropping out your face will protect your privacy if it is leaked."
Thankfully, it's easy to remove EXIF data on Windows according to Kittleson: Right click the file, select details, and on the bottom of the tab there is an option to "Remove Properties and personal Information."
On Android devices, you'll have to install a third party app to do this or you can turn off "Store location data" for all photos. "Keep in mind that it only works for photos you take after you change the setting," said Kittleson. Be wary of apps that you allow access to your camera roll however. This is where a photo vault app can be helpful.
Like storing your files into the cloud, once you share a photo you no longer have control over it. Even if you delete a picture it'll go to a recoverable cache. "It’s almost impossible to keep other people from keeping your photos if you share them," said Kittleson. "People can screenshot photos or even use other cameras to take photos of digital photos."
That being said, image-based sexual abuse is the fault of the perpetrator and not the victim.
When it comes to keeping a naked photo from ending up in the wrong hands, the fewer places you keep it the better. There's always a non-zero risk of a leak, but these tips can give peace of mind, everyday-nudes and beyond.
This article was first published in 2020 and republished in 2023.
Topics Android Apple Cybersecurity