Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Taping over prying eyes of web spies

Ben Grubb (via SMH) | April 3, 2013

"If I need my camera I'd rip it off [and] then just stick a new one over the top when I'm done, although I'll probably have to think of something else now I've quit smoking," Mr Gray said.

Mikko Hypponen, chief research officer at anti-virus firm F-Secure, uses a Band-Aid. In an email response explaining why, he said: "I'm paid to [be] paranoid. So what do you expect?"

Mr Hypponen also noted that the man behind spying software FinFisher and FinSpy, which is sold to governments, was recently snapped with tape over his MacBook's web camera. Another prominent security expert, also publicly outed for using tape over his MacBook camera, was public-key cryptography expert Whitfield Diffie, at the AusCERT security conference in 2010.

"I trust the tape more than I trust any program. I figure if there's a piece of tape over it, it isn't taking pictures of things," he told ZDNet Australia at the security conference on the Gold Coast.

Australian security researcher Troy Hunt doesn't cover his web camera. Instead he prefers to turn it away from him when it's not in use. "I am partially paranoid about it," he said.

"I would hope that the light would come on and save me, but at the end of the day that's [usually] a software decision and we all know what can happen with software," Mr Hunt added.

Mr Hunt was referring to how it is sometimes better, at least when it comes to something like an LED indicator on a web camera, to make the LED hard-wired so that no matter what is done on the software side of things the LED cannot be turned off even when the camera is active.

Carlo Minassian, CEO of IT security firm Earthwave, said all web cameras and microphones at his company were "disconnected" after use each and every time, as per company policy. If web cameras or microphones were inbuilt, they were disconnected by uninstalling their drivers.

"When testing our customer's networks this is a common threat vector we are able to exploit regularly," Mr Minassian said. "Furthermore, the building management system including the building security cameras are generally easy to tap into directly or via the admin's PC."

Asked if others should do the same as the security experts and conceal their camera when it is not in use, Mr Minassian said: "Doing something is better than doing nothing knowing well the potential ramifications."

David Campbell, director of operations at the federal government's national computer emergency response team, CERT Australia, declined to comment in his personal capacity as an IT security expert via the Attorney-General's Department.

Chris Gatford, of security firm HackLabs, was one of the few that declared they didn't cover their web camera, but said he understood why many people did. "I'm not quite that paranoid," he said.

 

Previous Page  1  2  3  Next Page 

Sign up for MIS Asia eNewsletters.