Are your phone camera and microphone spying on you?
Here is what the former FBI director James Comey said when he was asked back in September 2016 if he covered his laptop’s webcam with tape.
“Heck yeah, heck yeah. Also, I get mocked for a lot of things, and I am much mocked for that, but I hope people lock their cars … lock your doors at night. I have an alarm system, if you have an alarm system you should use it, I use mine.”
If he does, we all should.
Who could be accessing your camera and microphone?
Apps like WhatsApp, Facebook, Snapchat, Instagram, Twitter, LinkedIn, Viber
Felix Krause described in 2017 that when a user grants an app access to their camera and microphone, the app could do the following:
· Access both the front and the back camera.
· Record you at any time the app is in the foreground.
· Take pictures and videos without telling you.
· Upload the pictures and videos without telling you.
· Upload the pictures/videos it takes immediately.
· Run real-time face recognition to detect facial features or expressions.
· Livestream the camera on to the internet.
· Detect if the user is on their phone alone, or watching together with a second person.
· Upload random frames of the video stream to your web service and run a proper face recognition software which can find existing photos of you on the internet and create a 3D model based on your face.
For instance, here’s a Find my Phone application which a documentary maker installed on a phone, then let someone steal it. After the person stole it, the original owner spied on every moment of the thief’s life through the phone’s camera and microphone.
The documentary tracks every move of this person, from brushing their teeth to going to work. To grabbing a bite to eat with their co-worker to intimate moments with a loved one. This is the power of apps that have access to your camera and microphone.
· Edward Snowden revealed an NSA program called Optic Nerves. The operation was a bulk surveillance program under which they captured webcam images every five minutes from Yahoo users’ video chats and then stored them for future use. It is estimated that between 3% and 11% of the images captured contained “undesirable nudity”.
· Government security agencies like the NSA can also have access to your devices through in-built backdoors. This means that these security agencies can tune in to your phone calls, read your messages, capture pictures of you, stream videos of you, read your emails, steal your files … at any moment they please.
Hackers can also gain access to your device with extraordinary ease via apps, PDF files, multimedia messages and even emojis.
An application called Metasploit on the ethical hacking platform Kali uses an Adobe Reader 9 (which over 60% of users still use) exploit to open a listener (rootkit) on the user’s computer. You alter the PDF with the program, send the user the malicious file, they open it, and hey presto – you have total control over their device remotely.
Once a user opens this PDF file, the hacker can then:
· Install whatever software/app they like on the user’s device.
· Use a keylogger to grab all of their passwords.
· Steal all documents from the device.
· Take pictures and stream videos from their camera.
· Capture past or live audio from the microphone.
· Upload incriminating images/documents to their PC, and notify the police.
And, if it’s not enough that your phone is tracking you – surveillance cameras in shops and streets are tracking you, too
You might even be on this website, InSeCam, which allows ordinary people online to watch surveillance cameras free of charge. It even allows you to search cameras by location, city, time zone, device manufacturer, and specify whether you want to see a kitchen, bar, restaurant or bedroom.
How would we feel if someone were standing outside our bedroom window, staring in through the curtains. The most common response would be to call the police. However, what do we do when everyone is being monitored? We shake our head, and try to forget it’s happening. Try to go on with our lives and ignore the constant nag that we’re being watched.
If this article achieves anything, I hope it teaches you digital mindfulness. This is the act of being careful on the internet and taking precautionary measures to save yourself pain and potential ruin in the future, all because you didn’t install an antivirus or put a little bit of tape over your camera.
A good first step to counteracting these issues is study what permissions an app asks for. Does an app like LinkedIn really require camera access? Does an app like Twitter really require microphone access? Before you download an app, check out the reviews and search for any negative information about it to prevent yourself future harm.
Always make sure to cover your webcam with tape, and plug out your microphones when you’re done using them. You never know who’s watching, or what’s happening in the background on your device. It’s only paranoia until it’s too late.
Dylan Curran is a data consultant and web developer who does extensive research into spreading technical awareness and improving digital etiquette