Slashdot Mirror

← Back to Stories (view on slashdot.org)

FBI Director James Comey: Cover Up Your Webcam (thehill.com)

Posted by BeauHD on from the sticky-note dept.

An anonymous reader quotes a report from The Hill: The head of the FBI on Wednesday defended putting a piece of tape over his personal laptop's webcam, claiming the security step was a common sense one that most should take. "There's some sensible things you should be doing, and that's one of them," Director James Comey said during a conference at the Center for Strategic and International Studies. "You go into any government office and we all have the little camera things that sit on top of the screen," he added. "They all have a little lid that closes down on them. "You do that so that people who don't have authority don't look at you. I think that's a good thing." Comey was pilloried online earlier this year, after he revealed that he puts a piece of tap over his laptop camera to keep away prying eyes. The precaution is a common one among security advocates, given the relative ease of hacking laptop cameras. But many found it ironic for Comey, who this year launched a high profile battle against Apple to gain access to data locked inside of the iPhone used by one of the San Bernardino, Calif., terrorists. Many viewed that fight as a referendum on digital privacy.

38 of 168 comments (clear)

  1. Some sensible things by Anonymous Coward · · Score: 5, Interesting

    "There's some sensible things you should be doing, and that's one of them,"

    Another sensible thing you should be doing is using encryption.

    And voting out anyone who thinks that the FBI's warrantless wiretapping is sensible.

    1. Re:Some sensible things by Z00L00K · · Score: 5, Insightful

      But you also need a switch on your microphone to turn it off. It's a bigger risk than the camera since eavesdropping on a conversation can reveal a lot more than the camera can when it comes to company secrets.

      --
      If builders built buildings the way programmers wrote programs, then the first woodpecker would destroy civilization.
    2. Re:Some sensible things by guruevi · · Score: 3, Insightful

      Another thing would don't trust your corporate overlords with 'managing' your laptop and stop using Windows as an admin user or stop using Windows altogether.

      Hacking a laptop is fairly hard to do if it's properly secured without remote access. Things like SELinux or Mac's Gatekeeper or any Unix-type OS can be set so that only specific applications have access to certain hardware.

      If you want to use tape, you should also snip out your microphone and speakers, glue your USB ports shut and fully encrypt your system with a third party, open source encryption.

      --
      Custom electronics and digital signage for your business: www.evcircuits.com
    3. Re:Some sensible things by poofmeisterp · · Score: 5, Funny

      But you also need a switch on your microphone to turn it off. It's a bigger risk than the camera since eavesdropping on a conversation can reveal a lot more than the camera can when it comes to company secrets.

      Ah, but not if you're Comey. He encourages people to listen to his microphone to ensure transparency and fairness. Of course that microphone is in an enclosed break room in the "building next door".

      Har.

    4. Re:Some sensible things by Anonymous Coward · · Score: 5, Informative

      No it doesn't. At a cursory glance yes it can because it'll probably switch the default input, but in software you can still access each input source independently. So a trojan could continue listening on the microphone array in your screen even when you have your headset plugged in.

    5. Re:Some sensible things by btroy · · Score: 4, Insightful

      I agree - the microphone has been ignored largely, both on phones, tablet and laptops. I do think companies should provide a MECHANICAL means for disabling microphones and cameras.

      Anyone wanting to develop a SECURE device should be seriously looking at that option.

    6. Re:Some sensible things by jellomizer · · Score: 4, Insightful

      Well if a good portion of the population votes for the actual person they feel will win, instead of wallowing in their own self delusion that the it is too corrupt for them to do anything.

      If you want to do something.
      1. Do your research on who is running and what they stand for.
      2. Pick the person who you like independant on if you think they will win or not, or if you think your vote will detract from your most likely candidate.
      3. Go to the polls and vote.

      Here is the cool thing about the power of voting third party. The two major parties are not stupid, they track trends and voter demographics like any big data company. While they may not necessary know who at every household has voted for they can get a feel of the political temperature within a few miles of the polling place.
      So while most polling places will most of the vote for the major party, your third party vote is useful unaveraged bit of information. There is this one guy who voted for third party out of a hundred who voted for the establishment. Now that data is useful. So if they voted Green Party, then that may tell the Democrats that your area may have some additional concern about environmentalism, if they voted libertarian then the person may be concerned about their personal liberty. Now if there are enough 3rd party votes say 1% overall trending in a direction, that will tell the parties that they will need to incorporate aspects of that third party into their base policy as to adapt to the electorates wants.

      While your vote may not win the election. It can change the direction of the next one.

      Take a look at the Tea Party. Like them or despise them, they were able to get national recognition and many of its aspects became core of the republican party. Because that group voted in local elections, than for their representatives and senators creating a large party growth. Sure they were backed by some big names that sneaked their agenda in it. However the people voted them in. While those liberals complaining on how bad those guys were stayed home during the off year election and allowed them to get in power.

      --
      If something is so important that you feel the need to post it on the internet... It probably isn't that important.
    7. Re:Some sensible things by AmiMoJo · · Score: 4, Interesting

      I wish manufacturers would include a physical switch that simply disconnects the webcam (most use an internal USB connection for both video and audio) by physically breaking the link. No possible software bypass.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
    8. Re:Some sensible things by gfxguy · · Score: 3, Insightful

      Except the parties don't "incorporate aspects of that third party into their base policy," they only say they will and then don't, with some lame explanation why... but they are still the major party that claims it supports that third party policy, so people vote for them anyway. I'm libertarian - people think republican party must be the party to vote for if you're libertarian (they falsely only look at certain economic issues), or you are effectively voting for democrats - but neither republicans nor democrats are libertarian in any way. The only difference is which of your liberties and freedoms they don't care about.

      --
      Stupid sexy Flanders.
    9. Re:Some sensible things by Z00L00K · · Score: 3, Funny

      Switch the web cam to serve a random video stream of cats copulating maybe?

      --
      If builders built buildings the way programmers wrote programs, then the first woodpecker would destroy civilization.
    10. Re:Some sensible things by clodney · · Score: 3, Interesting

      Things like SELinux or Mac's Gatekeeper or any Unix-type OS can be set so that only specific applications have access to certain hardware.

      I wouldn't trust Mac, as it's closed source. But I don't blindly trust my Linux-based systems, either, as they run on closed hardware. Comey and the Three Letter Agencies have made open hardware all the more necessary.

      Open Source is perhaps modestly more trustworthy, but things like the obfuscated C contest and the fact of very long lived bugs in core elements like SSH prove that open source is no panacea. Whether done by the US or somebody else, I wouldn't be at all surprised to find out that there are intentional backdoors injected into lots of open source projects, and that it is done skillfully enough that they haven't been noticed.

    11. Re:Some sensible things by fahrbot-bot · · Score: 3, Funny

      I agree - the microphone has been ignored largely, both on phones, tablet and laptops.

      Not to worry. Apple will be removing the mic too on all these too -- not for security but to free up space and improve water resistance. Surveys show that doing it on the iPhone will be a hard sell though.

      --
      It must have been something you assimilated. . . .
    12. Re:Some sensible things by guruevi · · Score: 2

      I'm saying that taping over your webcam is useless if you leave your microphone and your speakers (which can also act as microphones) untouched.

      It's far more damaging and perhaps even easier (no indicator lights) for someone to be able to listen in surreptitiously than watch. A Flash vulnerability could easily turn on your camera and microphone but your indicator would still work. Your camera still has physical limitations (it can't watch around the room) while microphones will pick up anything from conversations to passwords being typed in.

      If all you care is nobody catching you masturbating, then yes, the camera trick will do, for all other things, your other sensors are far more valuable.

      --
      Custom electronics and digital signage for your business: www.evcircuits.com
    13. Re:Some sensible things by Comen · · Score: 2

      Not if the switch was inline with the microphone circuit, not everything can be bypassed in software. If you put a switch in line with the connection directly coming from the microphone(s) then they are disabled.
      I mentioned this years ago and still think there should be security standards for microphones and cameras that basically say if yo meet certain specs you are a secure deice, that would include hard cut off switches and lights that are always on when the switch is closed to show you can be seen or heard.

  2. "people who don't have authority don't look at you by LichtSpektren · · Score: 4, Insightful

    Like the NSA, doing illegal mass surveillance on their own citizens?

  3. Re:Paranoid much by Anonymous Coward · · Score: 2, Informative

    Ive seen this before from some of my customers and yes I've thought of it. Since its possible I guess its a step you need to take but why stop there. His phone has two cameras and they need some tape also. That pinhole in the wall may be sporting a camera also. How do you know the air conditioner vents doesn't have camera. Oh MY GoD they are watching ME!

    I trust desktop software to behave as far as I can throw it. Sure it's possible to bug anything, but after the horror of video conferencing software lighting the camera up unexpectedly while I was in "work from home" attire, never again.

  4. Re:Paranoid much by Anonymous Coward · · Score: 2

    Are you being obtuse for a reason? Seeing as you're on /. you know perfectly well most CCDs in webcams can be activated without the "on" LED being powered. In fact a good number of webcams are always on - just measure the current draw if you have any elementary skills.

    There's a world of difference between a hidden camera placed for espionage, and one built into a consumer device that's permanently connected to the Internet and happens to be remotely accessible by various govt agencies as well as the OS supplier, and no doubt the company that has a badge on the front.

    No go and fix your teeth and shitty language skills you limey turd.

  5. Alternately by Anonymous Coward · · Score: 2, Funny

    stare directly into the camera and slowly stroke off. establish dominance.

  6. Morons.... the lot of them.... by Lumpy · · Score: 3, Informative

    "You go into any government office and we all have the little camera things that sit on top of the screen"

    Why the hell are they not ordering real pro laptops without the camera? my Dell Precision 7510 does not have a camera and company wide we all understand that a camera on the laptop is 100% useless in business. if you need to do a video call you use one of the conference rooms.

    we are not even high security and we dont have cameras. what the hell are they doing ordering laptops with cameras at their level?

    So the director of the FBI has a insecure laptop...... This is why we cant do shit in this country in law enforcement.

    --
    Do not look at laser with remaining good eye.
    1. Re:Morons.... the lot of them.... by HBI · · Score: 2

      The FBI is notable for poor handling of classified information. It's a civilian organization with all the slipshod nature of an organization that doesn't understand "mission" in the military sense. The Army has many faults, but this is one thing it does reasonably well.

      --
      HBI's Law: Frequency of calling others Nazis is directly correlated with the likelihood of the accuser being Communist.
  7. Something to hide? by nick.degraeve · · Score: 5, Funny

    It must mean he has something to hide, right? Because privacy is only needed for people who have something to hide.

  8. Re:Paranoid much by bickerdyke · · Score: 2

    You can't get a camera in the air vent from a drive-by download from an otherwise reputable website that had the bad luck of its ad content network being hacked.

    And the workaround with the tape wouldn't even be necessary if the camera LED would be hardwired to the camera reliably across laptop manufacturers and not switched on and of by the driver on a goodwill base.

    --
    bickerdyke
  9. Lost their way by doug141 · · Score: 2

    The different parts of executive branch can't even count on being safe from each other, when their culture is to disregard the constitution for some perceived higher purpose.

  10. But today's Thursday by wonkey_monkey · · Score: 2

    The head of the FBI on Wednesday

    That guy's old news. What does Thursday's head of the FBI say?

    FBI Director James Comey: Cover Up Your Webcam

    Don't tell me what to do, chief. Maybe being perved on by hackers is my thing! You can't judge me!

    --
    systemd is Roko's Basilisk.
  11. Or you could use a more secure OS by damn_registrars · · Score: 2

    If he's worried about someone hacking his laptop and turning on his webcam without him realizing it, then he isn't using his laptop in a secure and reasonable way.

    He is also overlooking the fact that voice recordings are generally at least as valuable as video (unless he is worried they are going to record his silent meetings with prostitutes or something), and covering up the webcam doesn't generally do anything to prevent sound from being recorded. If someone else has control of your webcam, they almost certainly have the ability to record sound using your system when the webcam is blocked by tape. Equally important, if they are recording sound with no video, they can record much longer time-wise than if they are recording sounds with video.

    But ultimately if he was using a secure OS, or at least using his OS of choice in a moderately secure way - he shouldn't have to worry about this. If he's spending most of his day falling into clickbait and loading malware, he's going to get what he has coming.

    --
    Damn_registrars has no butt-hole. Damn_registrars has no use for a butt-hole.
  12. Cover microphones doesn't work by Anonymous Coward · · Score: 5, Interesting

    As a side note, sticking tape over the microphone holes does not work, no matter how thick the layers of tape. You can confirm this yourself by sticking tape over mics on your phone and then using a recording app. It will still record audio that is clear enough to understand.

    A modern tablet or phone has enough microphones in a mic arrange, and enough sensitivity that sound coming through the case can be recorded easily. The best you can achieve is to make it muffled.

    Snowden used a fridge to stop stuff recording (it is airtight and bulky enough to stop sound so phones inside cannot record). It's not useful as a faraday cage, because a lot of the spyware records stuff and sends it only when opportune (e.g. on Wifi, or when you're sending lots of other data to conceal the transmission). So a faraday cage would not help, it could still record audio and video and send it later.

    FBI head tapes over his cameras, Mark Zuckerberg does, Anonymous Cowards does, so *you* definitely should.

    Perhaps you recall the case of the Pennsylvania schools that installed spyware on their laptops and recorded kids at home using the computer? Well if you take a typical Android phone, it has lots of apps pre-installed that have camera access. So I noticed that Microsoft Word came pre-installed, and when I hooked the camera API, Word was being started periodically by Microsoft Skydrive, and accessing the camera api.

    http://www.computerworld.com/article/2521075/windows-pcs/pennsylvania-schools-spying-on-students-using-laptop-webcams--claims-lawsuit.html

  13. The only time this is reasonable by iCEBaLM · · Score: 2

    is when you do not have a record light on your webcam, otherwise when the webcam is on, the record light is on, and it's a hardware mechanism and it is impossible to get video without the record light coming on.

    1. Re:The only time this is reasonable by kbonin · · Score: 2

      You probably believe it takes 30 seconds of connection before a phone call is traceable, too...

  14. Re:Paranoid much by AHuxley · · Score: 2

    Re How do you know the air conditioner vents doesn't have camera.
    Most cults and inward looking communities with global ambitions have some very easy and old methods to try and counter that digital sneak and peak hardware placement.
    The extended community stays around any sensitive locations and have eyes on 24/7. Or can even fake a sensitive community project for decades and understand who comes looking and how they try to gain entry, build trust :)
    All strangers entering the area are noted, photographed and talked to.
    If the neatness, sloppiness, jargon, slang, accent, hair cut, life story, education level, local issues, local sports, stories told, trade tools don't fit and access is requested, its usually ex mil, federal or state efforts to seek access with limited time or funding for a full back story.
    Its getting harder to place undercover officers as many groups of interest are not just allowing people to join. Informants will often admit they got turned and pass on lots of low level gossip to keep their freedom i.e. the faith, other nation or cult has more of a hold than any gov offer.
    All most federal and state task forces can then do is track all movements from public land, try and bluff their way in just once, get any informant with a real life story in or push malware down any network.
    COINTELPRO https://en.wikipedia.org/wiki/... worked too well and most groups by faith or method understand the easy past entry methods.
    State or federal courts paperwork on any case can even be leaked back by deep cover cult or faith members. Secure telco requests to collect or log phone numbers will often be tracked long term and database changes noticed. Very interesting people can then escape thanks to telco and court database issues.

    --
    Domestic spying is now "Benign Information Gathering"
  15. Some things shouldn't be software controlled. by jellomizer · · Score: 3, Insightful

    That switch to turn off your microphone and video camera. Should not just send a digital bit to the OS to decide what to do with it. It should physically cut circuit that provides the device power. Also the same with the LED on camera to show that it is recording this shouldn't be a feature that is programmed in the software it should be hard in the device.

    The only real trade off with a mechanical switch is that it will take up more space. So your device will be a bit bulkier and heavier... However my point of view is how much security do you want to compromise for form factor.

     

    --
    If something is so important that you feel the need to post it on the internet... It probably isn't that important.
    1. Re:Some things shouldn't be software controlled. by Angeret · · Score: 4, Interesting

      A simple solution for this on laptops - a pair of small sliders, one a physical switch which cuts the mic line, the other a flag covering the camera lens (rear cameras on handheld devices are for someone else to figure out). Both would be near to the front bezel of the device so a small window could show a red mic symbol when the mic switch is moved to on, a green mic with a line shows when switched to off. For the camera, the green panel - off - would be solid and the red - on - would have a hole in it for the lens. You could still make the camera switch a camera power killer if so desired (might also be that rear camera solution for other devices?).

      The only problems I see are companies wanting to incorporate this and how small and idiot proof you could make the additions. This is simply an engineering solution with easy user access - no software required, no menu hunting, so no issues with "does it really cut out?"

  16. Just In Case by twmcneil · · Score: 2

    Just in case you missed it, James Comey has lied Congress, has lied to the American public and is not to be believed, listened to or repeated.

    Just sayin'.

    --
    "The ferrets, they're every where I tell you!"
  17. Better idea by JoeyRox · · Score: 2

    Replace the A/V driver that handles the webcam with module that mimics the webcam driver interface but streams a video file of the user's selection. My choice would be a video of a donkey show.

  18. Re: Paranoid much by bickerdyke · · Score: 2

    Well, yes.

    But is it more ore less paranoid than wondering if that webcam activity LED can actually be switched on and off independently from the camera by the device driver software? (which it usually is. Not due to malice, but to bad or "unsafe" design)

    And most camera sensors today ARE already IR cams due to sensor characteristics. Most have an IR filter to improve image quality in sunlight, but again, it wouldn't even take malice to cut that filter for cost saving reasons.

    --
    bickerdyke
  19. Hack my laptop but don't look at my face by naughtynaughty · · Score: 2

    Good thing the FBI director made sure nobody can see what he looks like when someone hacks his laptop and steals sensitive information.

  20. Don't. Make them watch! by aralin · · Score: 2

    FBI and NSA Clearly wants to stop looking at pictures of naked fat guys and I say: "No way!" Make them watch! That is the least we can do. It is the only revenge we can exact on them. Wave that dong, juggle those layers of fat right at the camera. Make them see what their eyes cannot un-see. FFS. What are they going to do with it? Show your naked pictures to your girlfriend? Come on, you don't have any anyway. So pull that tape and make them suffer!

    --
    If programs would be read like poetry, most programmers would be Vogons.
  21. Re:Comment from Comey: by poofmeisterp · · Score: 2

    Do you actually oppose the FBI decrypting the iPhone of a guy who declared loyalty to ISIS and killed a bunch of people? Many people thought that trying to force Apple to do it was a bit much, but what is so sacred about encryption itself?

    This was intended to be a semi-humorous comment, but I'll answer your question (though you probably won't see it because you're Anonymous and have forgotten about it already) - NO. Game on. If the FBI can decrypt the data, rock on. If they require that companies make all data decryptable, YES. I have a problem with that. It's not about having things to hide, it's about the constriction of American rights. Do I want them to be able to find a guy who shot 1000 people in Times Square, uh YEAH. Do I want them to have access to everyone's data in order for that shooter to be part of the "everyone" whose data is accessible, NO.

    Simple freaking logic: There's a line. Don't cross. One side of the line has people using paper to communicate and burning it / destroying the ashes / burying it. The other side has an encrypted electronic device. The rights of the government to TRY and reconstruct the paper and get details off of it OR decrypt a device using brute force or other methods they designed to uniquely, on their own, get access are fair game. Making a rule that paper is to be designed to electronically log everything written on it, or all devices have a quick access method is NOT. If the method exists, it will be exploited, so it shouldn't exist.

  22. Re:Paranoid much by Revek · · Score: 2

    I was going for funny. However I've never had a plus +2 flame bait before. Thats almost as good as a +1 Troll.;)