• We are now running on a new, and hopefully much-improved, server. In addition we are also on new forum software. Any move entails a lot of technical details and I suspect we will encounter a few issues as the new server goes live. Please be patient with us. It will be worth it! :) Please help by posting all issues here.
  • The forum will be down for about an hour this weekend for maintenance. I apologize for the inconvenience.
  • If you are having trouble seeing the forum then you may need to clear your browser's DNS cache. Click here for instructions on how to do that
  • Please review the Forum Rules frequently as we are constantly trying to improve the forum for our members and visitors.

Anonymous Hacker Higinio O. Ochoa Busted By FBI — Thanks To A Racy Photo

H

Herr Heckler Koch

Guest
http://houston.cbslocal.com/2012/04/13/anonymous-hacker-busted-by-fbi/
The evidence that the Federal Bureau of Investigations gathered against an alleged Galveston hacker didn’t come from a techno-chase through the expansive Internet. Instead, the FBI used the information embedded in a photograph of his girlfriend’s breasts.

https://cbshouston.files.wordpress.com/2012/04/anutvkvcaaeabzh.jpg?w=300

The FBI found the image in February and checked the exchangeable image file format, or EXIF data, for evidence. EXIF data is information that a digital camera imprints onto an image.

This particular image’s EXIF data revealed that it came from an iPhone near Melbourne, Australia, which then led the FBI to Ochoa’s Facebook page.
 

GuidoZ

Regular Member
Joined
Jun 1, 2011
Messages
192
Location
Skagit County, WA
This illuminates the difference between a hacker and a script kiddie...
+1

Stripping EXIF data is such a basic thing to do... it amazes me how many bad guys I find using basic "well I'll check this just in case they were too stupid to remove it" type things. :rolleyes:

--
Peace. ~G
 
H

Herr Heckler Koch

Guest
A Picture is Worth a Thousand Words, Including Your Location

https://www.eff.org/deeplinks/2012/04/picture-worth-thousand-words-including-your-location
But now that smartphones are quickly supplanting traditional digital cameras, and even traditional cameras now have wifi built in, many more pictures are finding their way onto the web, in places like Twitter, Flickr, Google+ and Tumblr. In a span of 10 days, popular photo social network Instagram added 10 million new users as a result of the release of its Android app and its acquisition by Facebook. And the location data hidden in these quick and candid pictures -- even when your location isn't as obvious as "standing in front of the Golden Gate Bridge" -- is becoming another easy way for anyone, including law enforcement, to figure out where you are.

Take the case of "w0rmer," a member of an Anonymous offshoot called "CabinCr3w," for example. According to the federal government (PDF), "w0rmer" broke into a number of different law enforcement databases and obtained a wealth of sensitive information. In a Twitter post, "w0rmer" provided a link to a website that contained the sensitive information as well as a picture of a woman (NSFW) posing with a sign taunting the authorities. Because the picture was taken with an iPhone 4, which contains a GPS device built in, the GPS coordinates of where the picture was taken was embedded into the picture's EXIF metadata. The FBI was able to use the EXIF data to determine that the picture was taken at a house in Wantirna South, Australia.
None of the 10 Million here, of course.
 
Last edited:
Top