Hacking the hacker's identity
Sometimes a photo is worth only a few words--a few very revealing words. That was apparently the case recently when The Washington Post accidentally left clues to the identity of a confidential source in an article about hackers.
The story was about a 21-year-old hacker identified as "0x80" who claimed to have broken into 2,000 PCs around the world and to have used the hacked PCs to send out spam. The article revealed that "0x80" smokes, has a southern accent and lives in a small town in Middle America. "The nearest businesses are a used-car lot, a gas station/convenience store and a strip club," the article said.
Fairly innocuous details unlikely to offer much in leading to the source's identity. But the article ran with a modified photo of 0x80, at which some of the people at Slashdot took a closer look. The metadata inside the photo apparently revealed when and where the photo was taken, who the photographer was and even what kind of camera was used.
According to Slashdot, the photo was taken in December in Roland, Okla., a city of 2.6 square miles and a population of 2,842.
Using the other clues provided in the article makes if awfully easy to narrow down the list of suspects, as Slashdot users pointed out.
"Any flatfoot could find him in an hour," noted one poster.
The photo has since disappeared from the newspaper's Web site.