How sticky tape can secure your MacBook

How sticky tape can secure your MacBook

Summary: AusCERT 2010 keynote speaker and public-key cryptography expert Whitfield Diffie doesn't trust Apple to keep attackers from taking control of his webcam.

SHARE:
TOPICS: Apple, Hardware, Security
6

AusCERT 2010 keynote speaker and public-key cryptography expert Whitfield Diffie doesn't trust Apple to keep attackers from taking control of his webcam.

At the conference, Diffie had a piece of tape over his Apple MacBook's built-in webcam. When asked why, he answered it was the most effective protection against prying eyes.

"I trust the tape more than I trust any program. I figure if there's a piece of tape over it, it isn't taking pictures of things," he told ZDNet Australia.



Diffie isn't the first security guru to consider this problem. At AusCERT 2008, Ivan Krstic (who previously worked as the director of security architecture for the One Laptop per Child program) tried to tackle the issue using LED indicators to alert users to a live webcam or microphone.

Krstic now works on core security for Apple.

Would you like to see hardware-based protection against someone spying on you via your built-in microphone or webcam?

Topics: Apple, Hardware, Security

Munir Kotadia

About Munir Kotadia

Munir first became involved with online publishing in 1998 when he joined ZDNet UK and later moved into print publishing as Chief Reporter for IT Week, part of ZDNet UK, a weekly trade newspaper targeted at Enterprise IT managers. He later moved back into online publishing as Senior News Reporter for ZDNet UK.

Munir was recognised as Australia's Best Technology Columnist at the 5th Annual Sun Microsystems IT Journalism Awards 2007. In the previous year he was named Best News Journalist at the Consensus IT Writers Awards.

He no longer uses his Commodore 64.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

6 comments
Log in or register to join the discussion
  • I would have thought that if anyone could get access to your webcam, they have access to everything else, which means that there are potentially a lot more damage that could be done than just streaming video. Try identity theft or stuffing up the computer data.
    Patanjali
  • Look at the nightmare world of "Max Headroom" where the networks can look straight through your TV at you, anytime 24*7 and an "off switch" is illegal.

    Video phones have generally been unpopular because cordless phones mean that people are doing video-inappropriate activities whilst talking--I really don't need to know that you're ringing me from your mobile while sitting on the bog.

    It didn't even occur to me as a "security issue". When I received my first machine that had a built-in camera, the piece of tape was automatically in place--just as naturally as physically disabling wireless/bluetooth and junk: no so much to protect data, but I don't need an unshielded micro-wave oven sitting only a few feet from my body thank you very much.

    If it's data security that worries you--that's why you have a dedicated machine that isn't connected to anything else.
    Treknology
  • Can anyone hack into your computer if you're not connected to the internet?
    Why can't he just disconnect from the internet if he is that paranoid.

    Yes security is an issue as more and more people use the internet as second nature.
    But education is the best prevention.
    Not some plastic strip that has a adhesive backing because you were too lazy to think of anything else?
    Are we getting taught to be lazy now?
    YudiS-9d3f8
  • I know many people that do this. I myself have been on the other side of the computer on occasion when I was young and silly. Back in the day it was easy enough to use something like Sub7 to connect to someone's computer and watch them. Remember, a lot of people have computers in their bedrooms.
    A lot of people have seen a lot of things they should not be seeing.
    duke149
  • It's not just Mac Books either. Given the plethora of intrusions your computer can have: keyloggers, bots, general data destruction etc it only makes sense to protect yourself from having input devices remotely controlled without your knowledge.

    I remember one friend who inadvertantly left their webcam on....then walked from the bathroom past the camera whilst naked. Embarrassing yes. Now imagine the scenario where someone activates your webcam/microphone to spy on you...

    Always disconnect your microphone when not in use. Turn your webcams to blank walls (or disconnect it), cover your laptop camera lenses etc. It's not paranoia just common sense.

    Executives with webcam equipped laptops etc are ripe for industrial espionage...and I'm sure there are people out there exploiting that.

    BTW, similar methods have been used to tap telephones (on the hook) for decades. So be careful with your new phone etc. It's only a matter of time (if not already happening) before ways are discovered to activate your mobile phones microphone or camera without your knowledge.
    Scott W-ef9ad
  • For the paranoid out there … I'm a keen photographer, you should see the wonderful shots I can get with a 1400 mm telephoto lens from well over a kilometer away. Does any one worry about their screens facing a window?

    So you close the blinds, maybe even move to an all internal office … think you're safe? Think again, $1,000 buys an RF detector and oscilloscope that will let you read the RF emissions from your screen from several hundred meter away. A bit of clever Black Hat Software and all those cryptic signals are suddenly resolved to the images on your screen. Are you frightened yet? You should be.

    About a foot of aluminium chaff in all the walls, doors ceiling and floor should do the trick, (the floors above or below you are the best places to spy on you from), otherwise it's a Faraday Cage.

    Worse still if you have taken all the possible precautions in the world and I want your information badly enough, I can always just beat it out of you or threaten you pet-wife-kids … I I'll bet what ever information your protecting isn't worth your arm and a leg literally, certainly not the lives of your loved ones.

    The moral of the story is no matter how secure your information is, there is ALWAYS a way to get it. So don't worry too much, and don't spend too much, if your information isn't worth the effort and cost you take to secure it, then you've got it wrong.

    The Black Hat's are out there, and some of them are very, very clever, so be vigilant, read, think, research, and keep your security systems/plans changing all the time.

    Finally is the contents of your device really worth all the effort of stealing it? Probably not... but be careful anyway!
    tim.cotterill