Fugitive John McAfee’s location revealed by photo meta-data screw-up

Graham Cluley
Graham Cluley
@[email protected]

John McAfeeDo you understand the dangers of having geo-tagging enabled in photographs you take on your iPhone? The latest development in the ongoing media circus around John McAfee has highlighted the issue once more.

Like many others I’ve been following the bizarre story of John McAfee, who has been on the run from the Belize police since mid-November.

John McAfee, of course, founded the anti-virus company McAfee. And the authorities in Belize have named John McAfee as a “person of interest” after one of his neighbours was found shot dead.

Now, it’s important to underline that John McAfee, a pioneer in the anti-virus industry, has had nothing to do with the business since the 1990s.

Sign up to our free newsletter.
Security news, advice, and tips.

One thing John McAfee remains, however, is a character.

He appears to have recently taken delight in keeping the world informed by blogging about his escapades, conducting media interviews, and even describing how he has disguised himself as a Guatemalan trinket peddler to evade capture.

This has no doubt frustrated the crime authorities in Belize, but all along I have wondered if John McAfee’s taunting of those who are hoping to question him might be his undoing.

Twitter user @simplenomad noticed that a picture published today by Vice Magazine, contained some information that John McAfee might have preferred remained secret.


Sure enough, the image of John McAfee with Vice’s editor-in-chief Rocco Castoro contains EXIF data that reveals, amongst other things, the GPS latitude and longitude co-ordinates of where it was taken.

Photo of John McAfee

Presumably whoever took the photo on their iPhone 4S had forgotten to turn off location services.


Those co-ordinates suggest that John McAfee was photographed in Guatemala, having crossed the Belize border.

Google Maps of John McAfee's location

Of course, John McAfee is a “person of interest” in a police investigation, and has not been officially accused of any crime.

But it would be ironic indeed if John McAfee, a man who was a leading light in the anti-virus industry 20-25 years ago, was located by the authorities because of sloppy IT security. The lesson that all of us should learn is to be very careful about what information a photograph might be secretly carrying within it regarding the when and where a picture was taken.

This wasn’t an easy article to write, as it involves someone who – although I never met him – I feel was an important element in the early years of my career in computer security.

Just as I was about to post this article, I saw that in his latest blog post John McAfee claims he faked the EXIF data in the photograph to create a “fake emergency”.

That sounds questionable to me. But in the strange ongoing story of John McAfee, it’s becoming increasingly hard to know what to believe.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.