Mark Zuckerberg is one of the most powerful men in the world because billions of people give Facebook, which he founded, free access to their personal data. In return, users receive carefully curated snapshots of his life: baby photos, mundane office tours and the occasional 5K.
On Tuesday, observers were reminded that Mr. Zuckerberg, 32, is not just a normal guy who enjoys running and quiet dinners with friends. In a photo posted to his Facebook account, he celebrated the growing user base of Instagram, which is owned by Facebook. An eagle-eyed Twitter user named Chris Olson noticed that in the image’s background, his laptop camera and microphone jack appeared to be covered with tape.
Other publications, including Gizmodo, used the tweet to raise the question: Was this paranoia, or just good practice?
The taped-over camera and microphone jack are usually a signal that someone is concerned, perhaps only vaguely, about hackers’ gaining access to his or her devices by using remote-access trojans — a process called “ratting.” (Remote access is not limited to ratters: According to a cache of National Security Agency documents leaked by Edward J. Snowden, at least two government-designed programs were devised totake over computer cameras and microphones.)
Security experts supported the taping, for a few good reasons:
• The first is that Mr. Zuckerberg is a high-value target.
“I think Zuckerberg is sensible to take these precautions,” Graham Cluley, an online security expert and consultant, wrote in an email Wednesday. “As well as intelligence agencies and conventional online criminals who might be interested in targeting his billions, there are no doubt plenty of mischievous hackers who would find it amusing to spy upon such a high-profile figure.”
• The second is that covering photo, video and audio portals has long been a basic and cheap security safeguard.“Covering the camera is a very common security measure,” Lysa Myers, a security researcher at the data security firm ESET, said in an email. “If you were to walk around a security conference, you would have an easier time counting devices that don’t have something over the camera.”
• Third, Mr. Zuckerberg is not immune to security breaches.
A recent hacking of his Twitter and LinkedIn accounts shows that he most likely committed two basic privacy faux pas: He may have used the same password across several websites and did not use two-factor authentication.
Judging from his photo, however, it appears that Mr. Zuckerberg was taking simple precautions to protect himself from anyone who may try to gain remote access. The practice is fairly technologically simple: Hackers trick people into clicking on links or unfamiliar websites containing malware that allows them access to the devices.
Mr. Zuckerberg is not the only high-profile case: James Comey, the director of the F.B.I., also puts tape over his computer’s webcam, for surprisingly simple reasons, according to NPR:
“I saw something in the news, so I copied it,” Mr. Comey said. “I put a piece of tape — I have obviously a laptop, personal laptop — I put a piece of tape over the camera. Because I saw somebody smarter than I am had a piece of tape over their camera.”
People who are not billionaires or high-ranking government officials are not without risk, said Stephen Cobb, a senior security researcher at ESET.
“For people who are not C.E.O.s, the threat is people scanning the internet for accessible webcams for a range of motives, from voyeurism to extortion,” Mr. Cobb wrote in an email.
Experts don’t have a good estimate for how often such attacks occur, but according to a 2015 report released by the nonprofit Digital Citizens Alliance, the practice is a growing problem for consumers, especially young women. The report also said that trojans account for some 70 percent of all malware.
“They’ve been one of the most popular types of malware on every operating system, for quite a long time,” Ms. Myers, of ESET, said. “The best ways to protect against them are to update all your software on your machine regularly, and use reputable security software, including anti-malware and a firewall.”
How webcam hacks happen
There are two major kinds of webcams: Internet-connected webcams and computer-connected webcams.
Internet-connected webcams typically connect over Wi-Fi. Most have their own IP address, which enables remote access, letting you connect directly to the webcam from anywhere in the world. Of course, that evil-doers could potentially connect to it as well, so your camera should be protected by a strong password. Unfortunately, these webcams often come with weak default passwords, and many people don’t change them.
A 2014 report on Naked Security revealed that, at the time, 73,000 Internet-connected webcams were accessible if you just put in the default password. If this setup matches your description, change your password immediately to something strong. And if you don’t need to use it, it’s still a good idea to cover it up.
Computer-connected webcams on the other hand can be a bit more difficult for hackers to get into, but that doesn’t mean it’s impossible. These are the webcams are the cameras built right into your computers (usually above your laptop screen) or connected via USB.Hackers can access these cameras through malware. If you accidentally click a bad link or download the wrong file, that malware could contain executable code to turn on your webcam and send that video feed to a website or save it somewhere else. Worse, often this kind of malware can even disable the camera’s LED light, so you’d never know your camera’s been hijacked just by looking at it.
If you don’t want people watching you when you don’t know it, the only thing that’s a surefire method to make sure you aren’t being recorded is to put a physical barrier over your webcam. After all, antivirus programs can’t catch everything.
What about your phone’s camera? It’s definitely possible to hack into a phone camera, and it’s been done, at least on Android. However, it’s probably less of a concern since, when you’re not actively using your phone, it’s typically in a pocket, handbag or sitting face-up or face-down on a tabletop. That means it’s less of desirable target for hackers, since you’re far less likely to be in a compromising position when you’re in front of the camera. Also, the sandboxing of mobile operating systems makes hijacking a camera inherently more difficult.
Besides, covering your phone’s front-facing camera would make selfies a lot less convenient. And we can’t have that.
Have something to add to this story? Share it in the comments.
Copyright 2016 Tech Savvy Hub