'Raid' can be embarrassing — or worse

A prominent, married Utah couple recently photographed each other in the nude. They thought that storing the private shots at one of the new free, online photo storage-and-sharing sites would clear up space on their home computer, and that it would be secure.

They were wrong, which they learned when copies of their photos were sent to the news media.

"This has been an absolutely horrendous, mortifying experience," the husband says. "We never wanted anybody to see them."

While the media chose not to publish the photos or identify the couple, judging that would unfairly intrude on their privacy, the pair became unwitting examples of just how dangerous it can be to store anything sensitive online, or on any computer that connects to the Internet, without serious firewalls.

The couple insists they never told anyone the photos existed or ever shared them. Computer experts say that is possible, and that enemies or thieves can remotely raid computers of the unwary to find and exploit files and passwords. But they add that most people are careless enough that the most high-tech types of raids are not really needed.

"Point out to your readers that any of them can be victimized by putting sensitive information on their Windows PCs at home or work without extensive security safeguards," says Gene Spafford, a Purdue University professor who is an expert on cybersecurity.

"How many other people have . . . er . . . interesting photographs, love letters, financial information and more online? Windows machines are subject to all sorts of break-ins," he said.

Kent Seamons, a Brigham Young University computer science professor, says that whenever he teaches a computer security class, he asks the 50 or so students how many have personally suffered some identity theft. "About five or so raise their hands," or 10 percent of even some of the most computer-savvy youth, he said.

"When I ask how many have had a friend or family member suffer that kind of theft, about 10 to 20 raise their hands," or up to 40 percent of them, he said.

Also showing how it can affect even experts if they let down their guard, Sen. Bob Bennett, R-Utah, said during a hearing on identity theft that a staffer researching the topic even had his identity stolen and $3,000 charged to his credit card. Even closer to home, Bennett said one of his own daughters suffered a similar theft.

High-tech threats have names that sound like a zoo of alien creatures and weapons — phishing, spyware, cookies, viruses, worms and Trojan horses. For the unwary, they could let intruders into home computers and let them see everything stored there, every keystroke typed and every message sent. They may also crash systems.