Webcam security

Discussion in 'other security issues & news' started by Anakunda, Mar 18, 2012.

Thread Status:
Not open for further replies.
  1. Anakunda

    Anakunda Registered Member

    Joined:
    Feb 20, 2010
    Posts:
    94
    Hello,
    How to find out if webcam installed in my notebook is imune against any hijhacking or unwanted remote control, i.e. if it at least can't be fooled to keep off the LED control while of eventual misuse. I have seen something about some webcam models firmwares can be altered this way, not knowing much about it tho. So is my model affected by this weakness, any information?
     
  2. TheWindBringeth

    TheWindBringeth Registered Member

    Joined:
    Feb 29, 2012
    Posts:
    2,089
    I think answering such a question would require specialized knowledge, particularly of the hardware design of the camera and/or indicator. You could google for information and visit the manufacturer's forum, hoping to get lucky. If you do so you might also consider the microphone if it is separate. Perhaps you could disable that which concerns you (via BIOS, or electrically if you know what you are doing) and utilize a USB camera/mic on an as needed basis.
     
  3. BrandiCandi

    BrandiCandi Guest

    I would say that no piece of equipment is immune. However the liklihood can be extremely low.

    So it's not a very high-tech solution, but you could always put a piece of tape/paper over the lens when you're not using the camera. At least you wouldn't feel watched.
     
  4. EncryptedBytes

    EncryptedBytes Registered Member

    Joined:
    Feb 20, 2011
    Posts:
    449
    Location:
    N/A
    Short answer it is not. The most likely way someone will use your webcam against you is if they sneak spying software onto your laptop though would require you to lose physical control of your device. Additionally there have been documented cases of backdoor malware and proof of concept 'games' that have gone after webcams. Though this type of attack is rare. You would ideally need to be the victim of a targeted attack.
     
  5. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Yeah, it's kind of like worrying about BIOS viruses. It can happen but they have to be going after a very specific set of hardware.
     
  6. Anakunda

    Anakunda Registered Member

    Joined:
    Feb 20, 2010
    Posts:
    94
    I assume firewall is is not powerfull enough to prevent a spyware installing unattended but it should be sufficient to block a keylogger or spyware from hijacking a webcam or microphone and stream a/v channel outside? I'm using Comodo Pers. Firewall.
     
  7. CGuard

    CGuard Registered Member

    Joined:
    Mar 2, 2012
    Posts:
    145
    Isn't disabling the webcam's drivers -when it's not needed- a solution?
     
  8. EncryptedBytes

    EncryptedBytes Registered Member

    Joined:
    Feb 20, 2011
    Posts:
    449
    Location:
    N/A
    I feel you are mixing up a firewall and a HIPS (host intrusion prevention system) . A firewall is simply a device or software that permits or denies network traffic based upon a set of rules defined by the user. The firewall will not stop software from being installed or alert of potential threats.

    CGuard yes...I suppose uninstalling the drivers for the webcam and disabling the microphone is one way though overkill if you plan to use the devices at regular intervals.
     
    Last edited: Mar 19, 2012
  9. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    The attacker can just reenable them or provide their own drivers.
     
  10. EncryptedBytes

    EncryptedBytes Registered Member

    Joined:
    Feb 20, 2011
    Posts:
    449
    Location:
    N/A
    That would be easier said than done, and if done then refer to my original remark on targeted attacks. Though that scenario is even more remote than the remote chance that a remote attacker would take over the webcam...remotely.
     
  11. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Well, reenabling would be easy unless you uninstalled the drivers. Providing their own would be, again, as you say a directed attack. lol
     
Loading...
Thread Status:
Not open for further replies.