I was chatting to a friend yesterday and he was recalling visiting a family member in hospital. They were using a laptop over a wireless subscription service for longer-term patients and whilst reading an article together noticed that the webcam had turned itself on and was potentially 'watching' them. It stayed on for about 10mins and then seemed to turn itself off again. Apart from being both amusing and sinister, they surmised that the administrator of the system was bored and was snooping around.

Although I know that this is perfectly possible for hackers to do, especially with windows, is it possible for someone to do this on a closed system and with most of the users having firewalls/passwords/other to protect them?


SHJ

SpringHeeledJack,

Ever heard of logmein or teamviewer ?

Extrapolate the theory of operation (reverse proxy) to more malicious uses and you'll soon see it is possible to gain control of a computer without needing inbound ports open.

Similarly if you look at Stuxnet and Duqu, almost anything is possible if gaining access to otherwise difficult to access networks is important to you and you've got sufficient resources behind you.

The old story goes that the only safe computer is one that's turned off and unplugged. Failing that, one that is stand-alone with no live connectivity to the outside world, and carefully monitored offline means.

On a closed network with Administrator rights you can pretty much do whatever you want.

Nothing a piece of black insulating tape can't fix! :ok:

And the built-in microphone ?

Thanks for the replies chaps. :ok: I thought that on a 'subscription private network' like that there would have been some hurdles to hop over before whomever's privacy was breached. Would I be correct to say that some laws had been broken in the case of the OP ? I should imagine that they were looking at nothing more racy than an embroidery shop's website from their ages and interests :p but hypothetically, as I have no clue, nobody should have the ability to look over someone's shoulder literally and figuratively without court orders. Or am I being naiive :confused:



SHJ

Would I be correct to say that some laws had been broken in the case of the OP ?

In any civilised "western" country, the likely answer is yes.
(although there could be further questions to ask you first, such as whether you consented to more in-depth monitoring by signing paperwork etc.).

nobody should have the ability to look over someone's shoulder literally and figuratively without court orders. Or am I being naiive

No, you are not being naive.

System administrators have a lot of power, and are in a great position of trust, and it's an unwritten law of IT (sort of unwritten Hippocratic Oath) that such power shall not be abused.

Obviously there are genuine reasons why power is needed. This is generally either to comply with legislation (i.e. if the Police come with a warrant and request certain communications to be intercepted). It is also needed for genuine diagnostic purposes.

However, infringing on someone's privacy, without their consent (Police warrant excluded), is a big no-no. And should really be discreetly reported where possible to someone more senior (or HR department if a big enough organisation).

Whilst system admins do have "the keys to the vault", in order to use them they need to have control of a user account on the target machine with the appropriate rights to the local machine. If all you have done is join a wireless network and not downloaded any plug-ins or background apps. then its highly unlikely this is the case.

When joining the network you will most likely have been challenged and accepted some form of either terms and conditions or acceptable use policy which will probably have had some form of monitoring notice. These are usually so widely defined that they allow them to monitor anything from the data you are drawing down and sites visited through to video streaming - all in the name of protecting themselves and those around you from anything you may do. (Lets face it if you were in a hospital bed and the patient in the next bed was showing the outside world the inside of the hospital with their web came you wouldn’t be hugely impressed would you...)

So best advice is disable the web cam & microphone, make sure the general user account is low complexity and has minimal rights over the local machine to do what you need it to now (unlikely you will want to install new software, remove programmes, disable AV, add new hardware etc). If you have programmes in the start-up folder then remove then to stop the machine polling - progs like Skype and the like will poll for data continuously and keep pinging devices attached like the web cam. Also check the relevant folder in the OS to make sure no unrecognised user accounts are present in there and if they are - delete them and use the tools available to monitor what afoot on the machine (task manager etc).

As noted above, most technology professionals don’t abuse their rights over their networks and associated network assets - however this doesn't mean its not possible. When the dust has settled though, almost all examples of breach of security on a personal computer are attributable to it still being in the state it was when it came out of the box...the same is true for home wireless routers..most are unsecure and retain the 192.168.....IP range as well as the default admin/password combination....
:ugh:

Flash player has the ability to access webcam and other local resources.

You can adjust the settings - see here for details:

Adobe - Flash Player : Settings Manager (http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager.html#117118)

SD