It may seem like the Internet is a Wild Wild West of hackers, spammers and document leakers, but it's actually harder to get away with things in the computer age than you might think. Hidden in each and every computer file you create is another layer of data that even a mildly knowledgeable computer user can dig up. Documents and photos reveal more about you than you think, and data you think you deleted, don't stay gone.
You are leaving digital fingerprints all over everything you do on a computer and, unfortunately for the bad guys, it doesn't exactly take a CSI team to find them ...
#5. Word Document Reveals That the Iraq Invasion Was Based on Plagiarized College Essays
Every Microsoft Word document you create contains a hidden log of everything you did to it, ever. Specifically, it contains a revision history showing who touched the document, and when. You'd think this would be the sort of thing military intelligence would care about when creating sensitive, world-changing documents, but you'd be wrong.
"Now replace 'No Evidence of WMDs' with 'Bulging titloads of WMDs, you guys.'"
So flash back to the early 2000s, when America was largely focused on two things -- the invasion of Iraq and justifying the invasion of Iraq, more or less in that order. The British government wanted to help out, so in January of 2003 they published a dossier entitled "Iraq: Its Infrastructure of Concealment, Deception and Intimidation." The dossier was supposedly a top-level report compiled by military intelligence outlining all the reasons America should get its tanks into Iraq as soon as possible (the report was even quoted by Colin Powell when he addressed the U.N. to support the invasion).
The problems with the report, which would later become known as "the dodgy dossier" despite its complete inability to dodge anything other than basic computer literacy, began when the government made the mistake of posting it online in its original Word document format. That meant its revision history was visible to anyone who knew where to look:
Via Information Risk and Security
"Mnuts licked file ..."
That meant the public could easily see that the supposed military intelligence document was primarily written and edited by the staff at Downing Street (the British version of the White House) and the Prime Minister's Press Secretary.
Furthermore, the vast majority of the report was literally cut and pasted from various post-graduate essays published in academic journals as far back as 1997. To recap: The in-depth report on Iraq supposedly compiled by top-level military intelligence officials and drawn from the most current analysis of the region was actually created by a bunch of British interns hitting Ctrl-C on public information published back when Batman & Robin came out. And then they left the document's revision history visible, so that all of the world could see what they did.
"And once again, I'd like to stress that hackers put that information there to make us look bad."
The Word version was quickly removed from the website (and replaced with a PDF, which doesn't carry the same revision log), and U.K. Press Secretary Alastair Campbell had to appear in front of a parliamentary committee to explain a few things, like why in the hell his staff seemingly fabricated a report that was considered a key document in the decision to invade Iraq. The moral of this story is that Campbell resigned a few months later having worked at Downing Street for six years, and Iraq totally got invaded anyway.
#4. A World-Class Hacker Is Caught by His Girlfriend's Boob Photo
Every photo you take with your phone gives away your location (as we mentioned here), due to embedded strings of information called Exif data, which we're betting most of you had no idea was even there. You'd think that, say, a world-class hacker would know about it, but you'd be wrong.
In February 2012, a member of CabinCr3w (an offshoot group of the Anonymous hackers) successfully hacked into private police databases and then published personal information (including home addresses and cell phone numbers) of over 100 Los Angeles police officers on the Internet. The digital bandit posted a calling card of sorts along with the stolen information:
Amazingly, this photo is directly relevant to this entry.
The photo was a taunt from the CabinCr3w, and that incredible boobie-boast almost came true -- the FBI had exactly zero leads on the cyber-attack and indeed were teetering on the verge of Pwnage. The hack job itself was untraceable, and the website where all the personal information of the police officers had been posted was just a link shared anonymously via Twitter. It seemed the only mistake CabinCr3w had made was the regrettable spelling of the word "bitches."
However, while the tweet and the hack were both untraceable, the image of gloating cleavage had not had its Exif data removed before it was posted. Even though this information can be removed pretty easily (especially for someone who can hack secure police databases without a trace), the photo above was posted with all its Exif data still embedded in it, almost as if the poster had been distracted by something else at the time. This is like shooting someone, wiping your fingerprints off of the bullet, and leaving the gun at the scene.
And then personally handing that gun directly to the bumbling detective assigned to the case.
The FBI, after many hours of closely scrutinizing the photo with a flashlight under the covers, after lights out, tracked the Exif information imbedded in the image file to a Higinio O. Ochoa III of Galveston, Texas. At the time, Ochoa was living in Australia with his girlfriend, and the boobs in question wound up being hers. The FBI arrested the shit out of him and brought him back to Texas, where he promptly pled guilty. He received a $14,000 fine for "accessing a protected computer without authorization" and over two years in federal prison, where he is presumably learning the powerful lesson that "anarchy" is only fun until someone takes your computer away. His girlfriend's breasts received a suspended sentence.
PwNd by fBi <3 u, prizn bitch lolz!
#3. Word Doc Reveals a Drug's Dangerous Side Effect
In addition to keeping track of who touched a document (as in the Iraq case above), Word documents also keep track of the editing changes made. What, you thought that deleting a sentence from a document before emailing it to everyone caused it to vanish from the universe? Better hope you've never changed your mind about what you wanted to say halfway through a work memo ...
Which brings us to Merck & Co., the pharmaceutical company most famous for the arthritis medication Vioxx, which was pulled from the market after it was revealed that long term use of the drug caused heart attacks (even if it still worked really well on the whole). Merck was swiftly flooded with almost 7,000 lawsuits after the recall, but in their defense, it's not like anyone knew Vioxx would kill people.
"Now if you have a heart attack and die, whose fault is it? That's right, yours."
Actually, Merck had specifically known that exact thing for years. And the bizarre thing is, they almost told everyone about it, but changed their minds at the last minute and then poorly covered up their tracks. Thanks, again, to their Word document's revision history.
Five years before Vioxx got recalled, Merck had run a clinical study of the drug in The New England Journal of Medicine. After Vioxx was pulled, the editors of The New England Journal went back to the original file of the study Merck had sent to them and checked the editing history. Sure enough, they discovered a table that had been deleted from the study two days before Merck submitted the final draft -- a table called "Cardiovascular Events."
"His last words were that his heart attack had nothing to do with Vioxx. It was a personal choice."
As you might guess from the title, the chart detailed the cardiovascular effects of Vioxx, including at least three heart attacks that had occurred during the trial but which were never officially reported. Ever. Presumably because Merck had another table somewhere that told them heart attacks cause amnesia.
It would have been impossible to prove Merck knew anything about the drug's lethality if anyone in the upper echelon of a billion-dollar industry knew how to clear the document's revision history (again, see the "dodgy dossier", above). Consequently, the original version of the article was used as an exhibit by most Plaintiffs in the Vioxx lawsuits, which went pretty well for all non-Merck personnel involved (the ones that didn't have heart attacks, anyway) -- to date, the company has paid out almost $11.5 billion in fines and settlements.
Don't look at it as a loss of money. Look at it as getting away with mass murder.