PSA: It’s Time To Tape Over Your Webcam Lens
News flash: people on the internet are watching you fap.
Or, well, maybe not. You would never masturbate at your computer, would you? No, of course not. But is there nothing you’ve ever done in “view” of the webcam that you’d prefer to be kept private?
Do you even know if your computer has a webcam? If you never Skype, you might not have noticed it. Back in the day it was a sphere the size of a tennis ball and you couldn’t miss it, but these days, it’s just a little glass circle or rectangle on the bezel that wraps around your screen, usually top center. An awful lot of computers (desktops and laptops alike) come with them as standard equipment.
People have long known that it’s theoretically possible for malware tools to hijack their webcams and allow remote viewing of whatever the cam can see. The paranoid, or “careful” if you prefer, are old hands at sticking a bit of tape (or a torn Post-It note, or whatever) over the camera’s tiny eye. Now comes word that at least one police agency is fairly routinely targeting suspects by attacking them with malware that can turn on the camera, while leaving the indicator LED off and as dark as your shifty little soul:
The FBI has been able to covertly activate a computer’s camera – without triggering the light that lets users know it is recording – for several years, and has used that technique mainly in terrorism cases or the most serious criminal investigations, said Marcus Thomas, former assistant director of the FBI’s Operational Technology Division in Quantico, now on the advisory board of Subsentio, a firm that helps telecommunications carriers comply with federal wiretap statutes.
Of course, anything the FBI can do (supposedly they’re pretty selective about picking targets for their cams malware, and their process is reported to be warrant-driven) another less scrupulous attacker can also do. It’s one thing to know that an attack is technically possible, it’s another to know that it’s been developed into software that’s in routine use. That suggests a level of practicality from which we may fairly speculate that other potential attackers have developed and are using similar software. It’s not just the FBI, you can count on that. Voyeuristic hackers, rogue security agencies with a data-hoarding fetish, would-be sextortionists, anybody who thinks you have business secrets worth stealing, technically-adept stalker exes… Let’s face it, the list of potential black-hats out there is as long as your imagination wants to make it.
Of course, you’re a responsible computer user who never clicks a suspicious link and has a good security software package on your computer. So you’re safe from malware, right?
Well…
We can hope. You can hope. But we’re all human, we all make mistakes, and your antivirus software may not be perfect either. It may be less robust than you’d hope, or it may be coded badly, or it might even be designed to protect you less well than you want because surveillance agencies might have influenced the people who coded it. It’s better than nothing, but it’s far from a guarantee.
There’s really only one way to be certain your own camera is not watching you as you read this. Just put a bit of tape over that lens when you’re not using it. Some will think you paranoid, but others will understand you’re just being sure.
Once upon a time, I would have said that people who taped their webcams were either tinfoil-hatters, or they were being extremely cautious because they were facing extreme threat parameters for whatever reason. But somewhere in the last few years, the world has changed on us, and my opinion has changed along with it. I now consider it a routine computer-security best practice for every citizen. You should do it, if you haven’t already. C’mon, it only takes about ten seconds.
Done? Good. Now you know nobody is watching you (with that camera). There, isn’t that better?
Similar Sex Blogging:
Shorter URL for sharing: http://www.erosblog.com/?p=11082
I believe that you blogged about the New Jersey (?) high school that issued school laptops with spyware preinstalled. The IT administrator used it to spy on the kids in their bedrooms.
I wouldn’t have a PC with a built-in webcam. My webcam is USB, and I only plug it in when I’m ready to use it. Which isn’t often….
Now what about the microphone? Many tablets have one of those too, and it should be just as possible to hack that.
Meanwhile the bad guys know all this. It just makes it harder to go covert and limits the value of technology to both the bad guys and to the good guys too since they can also be hacked.
Personally, I’m a fan of a small bandaid (adhesive bandage, sticking plaster, whatever they call it in your part of the world). The pad that is supposed to go over the wound isn’t sticky so you don’t have to clean glue off the lens should you want to skype somebody.
How’s ’bout them kinects?
Note to Peter (commenter #2):
I never know just how wise it is to tell what I know, but I’m going to assume that the REAL bad guys are too busy with their evildoing to read ErosBlog…
Yes, anyone with the money to afford (it’s not that expensive), the technology, can access your computer’s microphone at any time, on or off, plugged in or not, even batteries out. To make a long story short, the technology is basically a variant of what Tesla was about to use at Wardenclyffe ( http://en.wikip...ystem & http://en.wikip...Tower ), over a hundred years ago, before he lost his funding. You don’t need a huge tower by the way…
The only way to protect your computer when you’re not using it (and your lover is screaming your name in bed…), is to encase it in a Faraday cage. The simplest/cheapest/quickest way for most people is to buy an extra-large old-fashioned all metal trash can, and store your equipment inside of it. The lid must seal fairly tight, and should overlap the sides a bit like a shoebox top. You can also build a cage with wire window screen material if you overlap your corners. To test it, place a battery-operated radio with your favorite rock station tuned in and turned on with maximum volume settings. If you can hear anything with the lid on, then the signal is getting inside. If the signal can get in, so can the N.S.A….
Er… not to make you go reaching for your tinfoil hat or anything, but they can also listen to you screaming your safeword over your shut-off television set and your hung-up bedside telephone, your mp3 player, your cell phone, your tablet, your clock radio, etc…
As a very thin silver lining, I suppose the exhibitionists among us can now imagine that they’re being watched, even when the light is off.
I just now folded over a piece of notepad paper and covered my laptop’s camera with that. To me it looks nicer than tape.
It is going to get even worse. Here is a paragraph from the International Business Times.
“In November, Verizon Communications Inc. (NYSE:VZ) filed a patent application for a set-top box that delivers advertisements based on users’ behaviors. For instance, two people cuddling on sofa watching TV might see a commercial for a romantic Disney cruise, while an arguing couple might see a pitch for couples’ therapy. The device would use a combination of motion and audio sensors to collect information about what viewers are doing as they watch TV.”
I think I’m going to become Amish.
You are 100% correct in advising people to cover their web cam camera. Last December,2012, after being scammed a second time by the FBI scam, and having to pay my technician to remove it both times, the second time had a photo of me sitting at my computer. This was just one more thing on the hacker’s web page to intimidate and scare me.
George, how horrifying! I have been really lucky about malware myself, but I’ve had enough minor infestations and close calls to have a sense of how bad it must feel to realize somebody has pwned your computer and is now trying to pwn your life.
A small square of black plastic electrical tape is best. Totally opaque and relatively unobtrusive. Fold over a bit of one edge, sticky side to sticky side, this leaves a little tab for easy removal when you desire to use the cam.
Frankly, I rather like Justin’s solution, if you tend to use your built-in web camera often. In fact, I would make two parallel folds, at a 90 degree angle (across the short way), in a “creasable” piece of thin plastic such as one of those useless creditcard-like wallet loyalty savings cards, that many retailers are pushing on their customers.
In the absence of such a convenient card, one could cut a square of plastic from a gallon size milk jug, and fold that. You should be ending up with a “U”-shaped, or “J”-shaped, 3-D structure. Just make your creases about the same distance apart as the thickness of your laptop lid, and the polyethylene will slide easy back and forth along the top of your laptop screen like it’s Teflon. The camera can’t “see” through the milky matte-textured surface.
Speaking of credit cards, you can buy pocket-sized aluminum wallets from dollar stores that will keep random passive readers from accessing any RFID ( http://en.wikip...ation ), information on your driver’s license or credit cards, which may be used to track your activities. These readers use a similar technology (to the kind used to access your home electronics), being as the cards can be energized and activated by waves from an outside source. The case, if properly constructed, acts as a mini-Faraday cage (See my previous comment, above). These are the same sort of chips that libraries have been using for decades to check out your books and stop theft.
Donning my tinfoil hat again for an update:
Apparently, according to recent NSA admissions in the news, yes, they’re spying on your sex life. They’re claiming that “rogue” agents are mostly spying on their own personal lovers, and/or potential lovers, and the acquaintances of their obsessions and infatuations…
Still not concerned you say? Don’t have any gov’t employee friends? Well, for instance I found out, not too long ago, that an acquaintance of mine had a crush on me, and was at the time, in a relationship with an IRS agent, who was in a position to access and gather personal info on myself, and I wasn’t even aware of the crush.
Anyway, it seems that the Gov’t has a HUGE storage facility for our phone and internet records: http://www.wire...nter/ , http://www.npr....-utah
It also has come to light that the N.S.A. spys are particularly interested in monitoring online fantasy gamers who play World of Warcraft and the like. It seems the NSA is worried that such games serve as a good cover for evildoers who could use in-game messaging systems to swap information or use video games to recruit other users or carry out virtual weapons training.
I may have to “adjust” myself when I’m sitting at my laptop, wearing my battle kilt.
I’m not saying whether I’ll be making myself more or less modestly positioned, or whether or not I’ll have my backside to the built-in camera during any “adjusting” activities…
Among the quasi-secret National Reconnaissance Office satellite launches we find the following associated military mission patches:
http://en.wikip...h.jpg , http://upload.w...l.jpg {featuring the Illuminati’s Owl of Athena symbol ( http://www.the-...l.png , http://www.the-...1.jpg , http://upload.w...a.png ), as well as their “illumining” rays of the sun symbol, rising over the horizon of the Earth.}
http://upload.w...h.jpg and http://upload.w...h.jpg and http://upload.w...h.png (Also featuring a popular Illuminati symbol, the “All Seeing Eye” or “Eye of Providence”, which is properly depicted with rays of emanating light behind it, another Illuminati symbol…)
http://cryptogo...9.jpg {featuring the illumining rays of the sun and a satanic-looking (Lucifer also being known as the light-bearer), fellow holding a pitchfork, or perhaps a Neptune-like trident}
http://upload.w...h.png {featuring a Baal/Molach/Satan-like ( http://peterjfa...h.jpg , http://24.media...0.jpg ) red dude with horns, and holding a Route66 sign that looks suspiciously short of a third 6…} Molach, still today often symbolized as an owl… is also popular with the Illuminati: http://www.crem...h.htm , http://en.wikip...Grove , http://www.the-...n-D.C..jpg
Perhaps the MOST telling is their motto on their most recent “spy” satellite mission: http://upload.w...9.jpg
These are just a percentage of the examples.
I gotta take off my hat now, aluminum foil doesn’t breathe very well, and my scalp is itching…