Webcameras and their possible misuse have been a hot topic lately, what with the alleged ‘laptop spycam‘ case currently ongoing against a high school in Philadelphia, US.
Now, by and large, webcams can be tremendously useful. They’re used in a huge variety of legitimate settings, from home security to cross-country family chats, from peak hour traffic monitoring to the porn industry (ahem). In fact, webcams are only a concern if someone takes unauthorized control of one for their own ends.
Before looking into this though, firstly – is that even likely to happen to the average user? Do most people need to worry about a peeping-tom webcam?
Well, strictly speaking, if your computer is secure and uninfected, can’t be accessed remotely, and has some kind of physical protection (strong password, locked case, tied up with string) to prevent people from accessing it when unattended, then no, no worries – you’re good.
If your computer is not as secure as you’d like; if you don’t control the software installed on it; if you don’t know how to configure the settings on the programs installed – it’s still pretty unlikely, though there’s still a chance. Logically, it’s like the odds of being struck by lightning – possible, but improbable.
The trouble is, when it comes to privacy, ‘rational’ can have a hard time fighting ’emotional’. Personally, there’s just something about the thought of someone spying on me through my own webcam that creeps the bejeesus out of me. It’s like finding an eyeball staring back at you through the keyhole of a cupboard door.
So, let’s say you’d like that small possibility to be even slighter. How exactly could some depraved perv..ahem, attacker get control of your webcam? Well, there are really only a few ways your webcam can be taken over:
The program used to control a webcam may include a remote admin feature allowing someone not physically present to control it (usually over the Internet). Remote admin functionality could also be added in a separate program.
If you aren’t permitted to modify the control program’s settings, or aren’t allowed to install/uninstall programs (more true of company-issued laptops than personal owners), or just don’t know how to do it, well…basically, someone else has control. Hopefully, they’re not the sort to snoop.
For those with full control of their system, trojans are probably more relevant. These are malicious programs (usually disguised as a PDF or document file) that secretly install other programs onto a computer. For spying to be a concern, the installed program has to be a backdoor – which is basically remote admin software, only nastier. Examples include Backdoor:W32/Hupigon, Backdoor:W32/PoisonIvy and Backdoor:W32/SDBot.MB.
Again, the chances of getting hit by a trojan carrying a backdoor payload boils down to juggling probabilities – if the computer has no AV protection, if it is connected to the Internet and/or if you transfer files to it without scanning them first, if an infected file is a trojan and if it has a backdoor as its payload…You get the idea. It’s happened before, as this reports shows, but how likely you are to get hit really depends on how secure you are.
Possibly the least likely, but definitely the creepiest is when someone literally sits down at your computer and switches on the webcam, or installs remote admin software, without you being aware of it. This is basically stalking behavior, with a few cases reported; there have even been movies (most recently, Alone With Her) made on this premise.
Is it a possibility? Yes. Is it likely? There’s absolutely no figures or surveys on this, so all I can say is that unless you have reason to believe you’re being stalked, most likely not.
So, how to ensure you’re as safe as can be from being spied on? And let’s assume I don’t just say ‘get a good antivirus program’ (because that’d be a shameless plug), or the usual stuff about protecting your computer. What can you do? A lot, actually.
You could choose a webcam with security features. Most webcams today come with an LED light that switches on whenever the cam is transmitting. Or get a webcam with a lens cover (oddly these seem to have fallen out of fashion, are people more trusting these days?).
Then there’s this cute humanoid figure-like ‘anti-peeping‘ webcam, with arms that move automatically or manually to cover its ‘eye-lens’ – I haven’t been able to get my hands on this yet, so if someone has this already, let me know how it works out!
If you already have a webcam, you can go through the settings for its control program – if there’s a remote admin feature included and you’re not using it, make sure it’s disabled. You may need to check the documentation for the program to do this.
If you’re using a wireless webcam setup, make sure your wireless network is secured, so that noone can nick the webcam feed off your own network. Maybe not with WEP though; the stronger WPA2 would be nice.
Some less techie things you can do are:
1. Unplug it when not in use (if it’s an external web-cam).
2. Turn it to face a wall when not in use (doesn’t mute the mic, though).
And for some really no-brainer fixes….
Or Post-It notes (some students in the spycam laptop case reportedly used this as well).
Or Blu-tack (I haven’t tried this myself, but a commenter in a forum mentioned it might help with blocking microphone transmissions as well).
Heck, even a tea cosy would do.
When IT savvy fails, a MacGuyver solution might do the trick.
CC image credit: Itiro
Two of the top five sites on the internet are search engines, which makes a lot sense. We depend on them to find everything from the news to toothpaste to a place to eat dinner. According to internetlivestats.com, Google processes over 3.5 billion searches worldwide every day. Its rival Bing is rising to become the second largest search engine, accounting for 33% of all search queries performed. Now here’s the interesting part. Given these billions and billions of queries, can you be sure that all these search results 'harmless'? When you are clicking on a link Google, Bing or Yahoo! gives you, how do you know you are about to visit a site that is safe? You can't That's why you take simple precautions to make sure you don’t unintentionally visit malicious sites. The most convenient way to stay safe while using search engines is by using a free website safety rating service, such as F-Secure Search. F-Secure Search pre-screens the search results returned by a search engine and gives each result a safety rating. Harmful sites that try to violate your privacy or harm your device are clearly marked, so you know which sites are safe and which to avoid, even before you click on a link! Adult content is automatically blocked from search results, so you have peace of mind when your children are using F-Secure Search. Also, all communication between you and F-Secure is encrypted, so there’s no room for snooping. To help you keep both your personal details and your PC protected from malicious sites, simply go to search.f-secure.com and start using it today. You can also use F-Secure Search as the default search engine in your browser. And while we're you're thinking about surfing safely, take a minute to make sure your browsers are up-to-date. With a safe browser and safe results, you'll be surfing safer than ever.
Every time you go online, your personal privacy is at risk – it’s as simple as that. Whether you’re creating an account on a website, shopping, or just browsing, information like your email, IP address and browsing history are potential targets for interested parties. All too often, that information is sold on or sometimes even stolen without you even knowing it. And the threats to our online privacy and security are evolving. Fast. As F-Secure’s Online Protection Service Lead, Christine Bejerasco’s job is to make life online safer and more secure. “We’re basically online defenders. And when your job is to create solutions that help protect people, the criminals and attackers you’re protecting them against always step up their game. So it’s like an arms race. They come up with new ways of attacking users and our job is to outsmart them and defend our users,” Christine says. Sounds pretty dramatic, right? Well that’s because it is. While it used to be that the biggest threat to your online privacy was spam and viruses, the risks of today and tomorrow are potentially way more serious. “Right now we’re in the middle of different waves of ransomware. That’s basically malware that turns people’s files into formats they can’t use. We’ve already seen cases of companies and individual people having their systems and files hijacked for ransom. It’s serious stuff and in many cases very sad. If your online assets aren’t protected right now you should kind of feel like you’re going to bed at night with your front door not only unlocked but wide open.” Christine and her team of 11 online security superheroes (eight full-time members and three super-talented interns) are on the case in Helsinki. Here’s more on Christine and her work in her own words: Where are you from? The Philippines Where do you live and work? I live in Espoo and work at F-Secure in Ruoholahti, Helsinki. Describe your job in 160 characters or less? Online guardian who strives to give F-Secure users a worry-free online experience. One word that best describes your work? Engaging How long is a typical work day for you? There is no typical workday. It ranges from 6 – 13 hours, depending on what’s happening. What sparked your interest in online security? At the start it was just a job. As a computer science graduate, I was just looking for a job where I could do something related to my field. And then when I joined a software security company in the Philippines, I was introduced to this world of online threats and it’s really hard to leave all the excitement behind. So I’ve stayed in the industry ever since. Craziest story you’ve ever heard about online protection breach? Ashley Madison. Some people thought it was just a funny story, but it had pretty serious consequences for some of the people on that list. Does it frustrate you that so many people don’t care about protecting their online privacy? Yeah, it definitely does. But you grow to understand that people don’t value things until they lose it. It’s like insurance. You don’t think about it until something bad happens and then you care. What’s your greatest work achievement? Shaping the online protection service in the Labs from its starting stages to where we are today. What’s your idea of happiness? Road trips and a bottle of really good beer. Which (non-work-related) talent would you most like to have? Hmmm… tough. Maybe, stock-market prediction skills? What are your favorite apps? Things Stumbleupon What blogs do you like? Security blogs (F-Secure Security blog of course and others – too many to list.) Self-Help Blogs (Zen Habits, Marc and Angel, etc.) Who do you admire most? I admire quite a few people for different reasons. Warren Buffett for his intensity, simplicity and generosity. Mikko Hyppönen for his idealism and undying dedication to the online security fight. And Mother Theresa for embodying the true meaning of how being alive is like being in school for your soul. Do you ever, ever go online without protection? Not with systems associated to me personally, or with someone else. But of course, when we are analyzing online threats, then yes. See how to take control of your online privacy – watch the film and hear more from Christine. See how Freedome VPN will keep you protected and get it now.