请选择 进入手机版 | 继续访问电脑版

网络科技

    今日:40| 主题:277433
收藏本版
互联网、科技极客的综合动态。

[科技] Even In The Tech Industry, Sticky Tape Remains A Preferred Security Measure

[复制链接]
零食戒了 发表于 2016-10-3 21:03:46
145 2
Although they presumably have access to cutting-edge security tools and first-rate professional advice, Facebook CEO Mark Zuckerberg and Federal Bureau of Investigation Director James Comey still use a surprisingly low-tech piece of security equipment.
  Bothreportedly place a piece of sticky tape over their computers’ webcams to make sure that even if hackers get access to the machines, they still can’t spy through their cameras.  
  "There's some sensible things you should be doing, and that's one of them," Comey    said at a September conference.  
  Years of reports have said that hackers,    including some employed by the FBI, can sometimes activate webcams without turning on the indicator light, and    research released last yearby a team at the University of California, Berkeley, suggested that distracted users may not even notice the lights when they do turn on unexpectedly.  
  All of this has made physical security precautions to block out webcams and other recording devices—Zuckerberg reportedly also covers his computer’s microphone—more mainstream than ever. A recent survey from virtual private network provider Hide My Ass! reported that 82% of computer users polled were concerned about webcam spying, and that 35% had already taken steps to cover their cameras.
  Hide My Ass!    even released a promotional webcam cover, designed to allow would-be intruders to see nothing but a static image of a cat. "Instead of just blacking out a computer’s webcam with a piece of tape or a shutter, we wanted to give the public a way to protect their everyday privacy and simultaneously send a personalized message to intruders," said Cian Mckenna-Charley, the company’s marketing director, in a statement.  
      A Real Threat  
  While there’s no sign that Zuckerberg and Comey themselves have ever had their webcams tampered with, the problem is more than just a theoretical worry. In 2014, a California man    pleaded guilty to chargesrelated to allegedly hacking into multiple women's computers, surreptitiously taking nude photos and attempting to blackmail his victims. Pranksters have reportedly also taken control of networked baby monitors,    frightening parents and children. Computer stores have been accused of    installing spying software on the devices they sell, and a Pennsylvania school district agreed in 2010 to pay more than $600,000 to settle a lawsuit alleging district employees spied on students through    cameras installed on school-issued laptops.  
  In some cases, malware used to remotely activate webcams and spy on users has been used for international espionage, says Kevin Haley, director of security response at    Norton by Symantec, the security vendor.  
  "We see these used by nation-states to spy on others," he says. "They’re done by criminals when they get inside an organization and they want to steal something."
  Hackers can even hijack webcams in offices to observe people typing in passwords, he says. The sheer size and complexity of video files means that it's generally not possible to fully automate webcam snooping—a human typically has to be on the other end actually spying to make use of the hacked device. But there are still enough hackers more than willing to actively watch webcam feeds to make such attacks a threat, he says.
  And since any software tools used to disable webcams, microphones, and other input tools can generally be overridden by hackers with sufficient control over a computer, physically obscuring the devices generally does make sense, he says.
  "You could turn off the driver if you knew what you were doing on the machine, but of course, if somebody’s on your machine, they could turn it back on," he says, referring to the low-level software that controls the camera. "Blocking your webcam is kind of your last line of defense."
      The Analog Solution  

  Makers of computers, phones, and other connected devices historically don’t provide built-in ways to physically disable potential spy gear. It could be that they are reluctant to provide built-in ways to block cameras and microphones since it would add to the complexity of the devices—and make potential customers think of hacking risk, which is hardly a great marketing point, he suggests.
  "The last thing they want to do is make you think about somebody being able to spy on you when you’re trying to decide on a new computer," says Haley.
  It also runs against a decades-old culture in the computing industry that emphasizes software control, rather than physical switches, in digital electronics, says Gunter Ollmann, the chief security officer at San Jose-based security firm    Vectra Networks.  
  The risk isn’t just limited to traditional webcams, says Ollmann, whose    company reported on vulnerabilitiesin one inexpensive networked camera earlier this year. He adds that internet-enabled household tools like home security cameras and networked TVs with cameras and microphones can also be hacked. So can videoconferencing tools often installed in offices, which can sometimes be used as a gateway into other office machines.  
  "Those webcams themselves are compromised as if they were a computer and used for additional nefarious harm into the network it’s connected to," Ollmann says. "The current generations of these technologies are still highly vulnerable to network exploitation and compromise."
  In addition to taking physical steps to block or disable webcams and microphones—connecting an external microphone cord with nothing attached will often disable a laptop’s internal microphone—computer users can take traditional steps like keeping firewalls and security software up to date and monitoring device makers’ websites for security patches, he says. But many devices, especially those geared toward home users, simply don’t deliver security updates, even if newer versions are safer, he warns.
  "There’s not an awful lot of product support for year-old technology in the consumer sphere," he says. "They’re just not patched or updated. Security is a cost to these companies."
  Ultimately, that may mean that as such devices, not to mention smartphones, and wearable recording devices like Google Glass and Snapchat Spectacles become ever more ubiquitous, people may simply learn to guard themselves around any electronics and seek deliberately private spaces for private activities, he says.
  Edward Snowden, the National Security Agency whistleblower,    reportedly insistedhis Hong Kong lawyers place their cell phones in a refrigerator to avoid remote spying, and    some government agencies restrict where employees can bring personal devices for security’s sake.  
  "It’s not just our home to which we’re deploying these technologies," says Ollmann. "They’re now in our workspace and public and private areas, so we’ll constantly be monitoring against these things."



上一篇:Digital apprentice turns social media into power security tool
下一篇:TalkTalk overhauls broadband packages to challenge rivals
雁寻 发表于 2016-10-3 23:01:01
学习零食戒了,好好回帖!
回复 支持 反对

使用道具 举报

zxc12 发表于 2016-10-3 23:01:19
拿分 路过
回复 支持 反对

使用道具 举报

我要投稿

回页顶回复上一篇下一篇回列表
手机版/CoLaBug.com ( 粤ICP备05003221号 | 文网文[2010]257号 | 粤公网安备 44010402000842号 )

© 2001-2017 Comsenz Inc.

返回顶部 返回列表