When laptops and desktops first started shipping with webcams built right into the chassis, people immediately started joking about their computers spying on them, and I saw numerous semi-serious and completely serious attempts to cover them up with tape, post-it notes, permanent marker and just about anything people could put their hands on to alleviate that prickling sensation of being watched. Unfortunately, reality isn’t typically far behind imagination, and you probably aren’t surprised to know that it is completely possible for your webcam equipped device to be hacked, and yes, your webcam activated and watching whatever is in front of it. Not scary enough for you? What about that laptop you just gave your daughter?
Sadly, this isn’t just a scare tactic. ArsTechnica has a chilling article that takes a detailed look into the creepy world of “ratters” – young, mostly-male hackers who use covert Remote Access Terminal software (RATs) installed on compromised computers for the express purpose of spying on and remotely tormenting their “slaves.” RAT software is based on the same technology commonly found in support software used by IT professionals (like C2) to provide remote assistance and control on their customer’s computers. Unlike those legitimate tools, RAT software is designed to being undetectable and easy to install and spread without the victim’s knowledge.
What this means for you:
In nearly every case of malware attacks, especially ones that can deliver a payload like a RAT package, the incursion is typically the result of an action taken by the victim: visiting questionable websites, opening unknown attachments, clicking strange links in emails. Alongside of this is a set of inactions that the user is also guilty of: failure to install reputable antimalware software, failure to make sure the OS and installed software are kept up to date, and of course, failure to remain constantly vigilant! As you’ve heard me say many times, nothing will stop a dedicated hacker from penetrating even the most stalwart of defenses. However, a good malware application and some common sense will put you miles ahead of the less cautious and less safe and typically off the radar of hacking ratters, who are looking for easy targets.
Another simple solution? That piece of tape ain’t looking so bad now, right? Just remember to cover the lens and not the “activity” light for the camera, which will tell you when your camera is possibly watching your every move. As always, if you notice your computer behaving strangely, disconnect it from the internet immediately and call a professional for advice.
Image courtesy of idea go / FreeDigitalPhotos.net
The eagle-eyed internet has caught another dotcom company looking to cash in on its popularity (and recent integration with Facebook): starting on Jan 16, 2013, Instagram will be using a new Terms of Service agreement that allows it to use any content posted publicly to its service for marketing purposes.
“To help us deliver interesting paid or sponsored content or promotions, you agree that a business or other entity may pay us to display your username, likeness, photos (along with any associated metadata) and/or actions you take, in connection with paid or sponsored content or promotions, without any compensation to you.”
Also important: this not only applies to users who have an account with Instagram, but also anyone’s likeness that appears in a user’s publicly posted photos can also be used as such. Wait, we’re not done: if you are a minor and you’ve accepted the new TOU, you acknowledge that your parent/guardian is aware of the TOU and tacitly accepts the above.
What this means for you:
If you aren’t in the business of making money off your likeness, or your subjects aren’t celebrities, or if you don’t care that Instagram/Facebook might make some money off your own likeness, then carry on. However, if you happen to care how your children’s likeness may be exploited, you may want to ask any snap-happy smartphone users to not post pictures of your children onto Instagram, or at minimum, make them aware of these TOU changes. You may be surprised at how many people aren’t aware of Instagram’s control over the content they think they own, and doubly surprised at the number of people who don’t care that they may be providing profit for company’s that provide free services.