The Digital Bullpen

The news site of the USF School of Mass Communications, covering life on and around the University of South Florida campus

Search

you're reading...

Student Life

If your computer has a webcam, you should read this… and invest in Post-It notes.

Posted by cdifonzo ⋅ April 12, 2012 ⋅ Leave a Comment

Filed Under camera, computer hacking, Jeremy Rasmussen, Luis Mijangos, malicious software, safety, USF, virus, webcam, webcam hacking, Whitehatters

While computer hacking is nothing new, a recent spike in that trend takes on a whole new (and more terrifying) level: webcam hacking.

Hacking into a webcam doesn’t take a computer science mastermind. One simply needs to Google the following:“WJ-NT104 Main Page”. The very first link takes you to a store’s surveillance system, complete with four different camera viewpoints. Or better yet, one should go to this page and type in any of the 600+ links; they are all connected to live webcams.

“Some of those [live videos] are intended to be for the public,” said USF computer science professor Jeremy Rasmussen, “but others are security cams or nanny cams that people unfortunately connected without changing any of the default settings.”

Rasmussen is an information security consultant to government and commercial clients and an adjunct instructor in the USF Department of Computer Science and Engineering. He founded the USF Whitehatters Computer Security Club in 2006, which is a student organization that meets weekly to learn about computer security and participates in organized cyber security competitions.

“Anytime you are connected to the Internet, you are going to be at risk for that sort of attack,” says Rasmussen.

In 2011, Luis Mijangos was sentenced to six years in prison for hacking into 100+ computers through a virus he hid in popular songs or videos. After the victims downloaded the malicious software, he was able to get to their personal information, tap into their webcams, and see all the files on their computers—including explicit pictures.

“There are myriad attacks that come in through things like getting people to click on a link or open an email attachment with a specially crafted PDF file that drops a Trojan horse on your system,” explains Rasmussen. “There is even ‘legitimate’ software you can buy online from Amazon or Newegg that essentially allows you full control over someone else’s computer. Spectorsoft eBlaster is one example. It runs about $99 and is a stealthy program that collects keystrokes, emails, and yes, webcam sessions.”

Yet this type of privacy violation can be avoided with the right software and precautions.

“Having a built-in webcam on your laptop is certainly a privacy consideration,” says Rasmussen. “If you’re worried about it, you might consider disabling it through the Control Panel on Windows and just re-enable it when you need to use it.”

The video at the beginning of this article, aptly titled “Webcam,” has been circulating the Internet and was created to bring attention to this matter. The video was created by Stefan Haverkamp, Jan Jaworski, Branden Kramer and Tom Kropp, and it was filmed entirely using a Macbook Pro webcam. It is eerily realistic and will have you pasting a Post-It note over your webcam before the eight-minute video is done.

“In many cases, adversaries prey on victims who are easily manipulated into providing information, pictures, passwords, etc,” explains Rasmussen. “User awareness is the key. Pretty much don’t trust anyone on the Internet. Make sure you are connected to a trusted site via an encrypted channel. Don’t click on links or attachments, except perhaps in your reduced risk VM environment. And lastly–if you can help it—maybe you should just avoid taking racy pictures and videos of yourself. Those things tend to stay around forever. Just ask Paris Hilton, Scarlett Johansson, and Mila Kunis.”