Recently Twitter seized on a comment by FBI director James Comey describing how he puts tape over the webcam of his personal laptop. Many seized on the privacy aspects of the comment but generally the technical aspects were overlooked. Dr David Chismon, senior research consultant of MWR InfoSecurity highlights the bigger picture when a webcam is abused.
A large number of modern computers have a light that comes on when the webcam is in use. This is intended as a privacy aid, showing when the camera is in use. The camera light is a common topic of conversion in forums for persons engaged in what is called ratting. Ratting is where attackers attempt to get malware on laptops in order to get compromising footage.
On some laptops there is no light so no problem for attackers. For some laptops it’s reportedly possible to trigger the camera without triggering the light, whilst for many laptop brands, it is not known to be possible to use the webcam without activating the light.
As such, on many laptops if the light comes on when you are not using the camera, this could be a real indicator of a compromise with an active attacker currently spying on you. By putting tape over the camera and light, Comey might be missing an important indicator should he be compromised. Taping the camera doesn’t stop the attacker dumping files, listening to audio or tracking a laptops movement through the networks it connects to.
For the best of both worlds, a number of us at MWR like ‘webcam shutters’, which allow us to use the webcam when we need, but leave the light visible when we don’t. For devices where the user is unlikely to use their laptops camera, disabling it in the BIOS can be an effective way to prevent attackers from using the camera as well.
What are other possibilities for Comey? He may be just taping the camera and not the light. No pictures have emerged of his personal laptop so this is possible. Alternatively he may believe that his laptop security is so good that anyone who could get malware on there could work around the light problem. For those of us who aren’t directors of the FBI, any possible indicator you can consume is worth keeping an eye out for.
By Dr David Chismon
Senior research consultant
MWR InfoSecurity