Cross-posted to: https://sh.itjust.works/post/15859195
From other conversations that I’ve read through, people usually say “Yes, because it’s easy on Windows”, or “Yes, because they simply don’t trust the webcam”. But neither of these arguments are enough for me. The former I feel is irrelevent when one is talking about Linux, and the latter is just doing something for the sake of doing it which is not exactly a rational argument.
Specifically for Linux (although, I suppose this partially also depends on the distro, and, of course, vulnerabilites in whatever software that you might be using), how vulnerable is the device to having its webcam exploited? If you trust the software that you have running on your computer, and you utilize firewalls (application layer, network layer, etc.), you should be resistant to such types of exploits, no? A parallel question would also be: How vulnerable is a Linux device if you don’t take extra precautions like firewalls.
If this is the case, what makes Windows so much more vulnerable?
Doesn’t Pegasus spy on you from the hardware?
I never really understood the obsession to cover cameras. While yes you don’t want someone to hack it and yes I do cover mine. What are they going to do? Watch you fap? I really don’t care. I personally am much more concerned with the mic. I would hate for someone to record me saying something well not so pleasant. You can use your imagination. I rarely see people mention the mic. I see it mentioned a few times here but not much. I much rather have a kill switch for my mic.
Cool, then respond to this post with a video of you masturbating. It would be helpful to the scenario to include your full birth name, address, and employer, since that is the scenario that folks who would be blackmailed would be facing.
Since you really don’t care.
It is possible that you mean what you say, but I believe its more likely you lack imagination to what impact the above scenario would actually feel like once you’re in it.
That silly proposition aside, I agree with you about the microphone killswitch. Certainly overlooked.
So sending a video of you fapping to your employer and family isn’t a problem? It still wouldn’t be a problem if you were a teenager or a young adult at the beginning of their career?
That’s a rather self-centered statement, imo. Just because you may not be bothered by the idea, does not mean that it does not have merit for others. That line of thinking is in a similar vein to saying “We don’t need freedom of speech because I have nothing to say.”.
TL,DR: no
ITT: Yes.
If this is the case, what makes Windows so much more vulnerable?
As with most exploits: they go for where the most and easiest targets are.
As a Linux user it is very unlikely that anyone will try to hack your webcam, even if Linux were similarly vulnerable as Windows.
I wouldn’t put it past Microsoft trying to spy on you, just changing some line in that 11 pages thing you click “OK” to because you don’t have an alternative.
That wouldn’t hold up in court, not even in the fucked up pro corp system the US has.
Besides, they don’t need to take any photos, they already know pretty much all your habits and interests without taking a major risk.
The Windows threat comes from other places
I do, for three reasons:
- Hackers. It’s unlikely that anyone would hack my webcam, but there’s always a chance. Maybe I’m paranoid, idk.
- Hardware exploits. Three of my laptops are too old for me to update the firmware with
fwupd, so I cover the webcams in case there’s some critical hardware-level vulnerability which could be exploited; or in case one of the three-letter agencies are in there. - Consequences. Despite the incredibly low chances of anything happening whatsoever, the possible consequences are too bad for me to want to risk it.
I’m paranoid, aren’t I…
Security is always applied in layers. If you aren’t inconvenienced by it, it’s a really solid layer to use. Doesn’t matter how ‘paranoid’ you are, it’s a good strategy.
And for me: 4. It makes it a lot harder to accidently turn my camera on in meetings (a different form of privacy)
Also, it’s incredibly low effort to cover it. There’s no subscription plan for covering a webcam.
If I’m not using my cam, it’s not plugged in. If I am not chatting, my headset’s physical button has the mic deactivated. That’s two potential vulnerabilities I just don’t have to think about.
Honestly, I don’t think anyone can actually say 100% for sure that your webcam can’t be accessed. We don’t know what we don’t know—new exploits are discovered every day—thus it’s worth the extra 2 seconds to cover and uncover it.
It’s better to be proactive than being reactive. Take preventive measures that fit your threat model.
No. It’s necessary
Especially if you own a smartphone. You’re carrying 4x+ cameras and a wiretap with you at all times.
I thought about this one day when I was in the bathroom and used autorotate with face detection. I practically had the camera facing towards my crotch while it was on.
Face ID is one of the sillyness things in my option
Yeah, when my new iPad broke and I had to go back to my old iPad. I forgot how much more convenient the fingerprint reader was compared to face I’d.
On the iPad at least if you had it standing up on its own or flat on a table it was no bueno for face I’d. You know, like showing recipes or a big e-reader while learning to code from an e-book. I miss that big screen, it was like carrying a nice netbook screen with me everywhere.
There’s this youtuber that goes around and films people in public, its funny because people get mad but most people in cities are already being filmed hundreds of times a day.
The message is the same, if you are worried about X vector you should really think about YZ first for it to make sense.
The way I would look at it is:
- If you aren’t sure you can trust your computer, you should probably cover your webcam.
- Your level of risk tolerance can vary, so what a person would consider trustworthy may differ from person to person. (For some, maybe any proprietary software makes the computer untrustworthy. For others, maybe they feel smart enough to make good decisions about what software is trustworthy and they just don’t download anything that sets off their spidey sense. Or whatever.)
- If you’re taking extreme measures to ensure your machine is trustworthy, you’re probably going much further out of your way than covering your webcam anyway. If you’ve picked a lot of the higher branches clean anyway, you probably ought to go ahead and pick that remaining low-hanging fruit.
- Regarding Windows specifically, some would probably call Windows systems less trustworthy on some combination of that a) Microsoft is assholes that might themselves use webcam data in evil ways and/or b) Windows is more targeted by crackers and malware.
If you are running zoom, teams, skype or similar software, cover it.
Better yet, use them in a VM or don’t use them at all.
All software has bugs, including Linux. Some bugs can lead to security escalation. Those bugs are called vulnerabilities. Like bugs, all software has vulnerabilities - including Linux.
Your webcam can be accessed by hackers on Linux, on Windows, on MacOS, on BSD, it doesn’t matter.
If they have that level of access you are in trouble
just buy a little stick-on privacy slider. They’re like 3 for $10
these sliders are very thin, but not thin enough. neither of my laptops close correctly with one equipped. :(
Ah well. Masking tape suffices.
If I had a nickel for every time I bought a privacy slider for a laptop that already had one, or one with a hard-to-notice hardware switch. I would have 2 nickels which isn’t a lot but it’s weird it happened twice.
Uh, yes? It always seemed a bit silly to me. If they have that level of access you’re in trouble
“you’re already* in trouble”
Thanks
