TORONTO – Since the U.S. government’s controversial Internet surveillance program PRISM was unveiled in the press, both U.S. and international citizens have been feeling the watchful eye of big brother.
PRISM allows the U.S. National Security Agency (NSA) to track the activity of foreign nationals overseas who use services from companies such as Google, Microsoft, Facebook and Apple.
Read More: What is PRISM? A cyber-surveillance explainer
This means the personal information of Canadians may have already been scrutinized by the NSA.
But it’s not just the NSA who may be keeping tabs on your every move – your gadgets and the hackers that are working to compromise them are watching you too.
Smartphones
Your smartphone – whether iPhone, Android, or BlackBerry – it’s your most trusted sidekick, right?
Think again.
Most of the features built into smartphones to optimize their usefulness can also be turned against you and used as spy gear. This includes the GPS receiver, Wi-Fi antenna, camera and accelerometer (the part that helps your phone detect changes in orientation).
Take for example the ‘PlaceRaider’ app – an Android ‘proof of concept app’ developed by researchers with the U.S. navy that uses the phone’s camera to secretly take photos and use data from the accelerometer to create a 3D map of the user’s house or office.
- Stuck in B.C. lagoon for weeks, killer whale calf is finally free
- Invasive strep: ‘Don’t wait’ to seek care, N.S. woman warns on long road to recovery
- T. Rex an intelligent tool-user and culture-builder? Not so fast, says new U of A research
- Nearly 200 fossil fuel, chemical lobbyists to join plastic treaty talks in Ottawa
Developers refer to the app as a kind of “visual malware.”
According to a report by Tech News Daily, “PlaceRaider would permit hackers to zoom in on sensitive information scattered around a room, such as financial statements, phone numbers, personal checks or a wall calendar showing travel plans.”
Even scarier, the app could be disguised as an ordinary camera app – making potential users unaware of its capabilities.
PlaceRaider was designed as a “proof-of-concept” app for researchers to learn more about smartphone software vulnerabilities. The school of Informatics and Computing at Indiana University and the Naval Surface Warfare Center created the app from a National Science Foundation grant.
But smartphones are increasingly at risk of hackers using mobile malware.
The Internet Security Threat Report released annually by Symantec Corp. found that mobile malware attacks increased by 58 per cent from 2011 to 2012, and that 32 per cent of those attacks attempted to steal information from the device, such as contact information.
“While Apple’s iOS had the most documented vulnerabilities in 2012, there was only one threat created for the platform,” read the report released in April.
“Compare this to the Android OS; although only thirteen vulnerabilities were reported, it led all mobile operating systems in the amount of malware written for the platform.”
Mobile malware can take on many forms – from bugs that search devices for personal information, to apps that secretly use the device’s camera to take photos – and can be disguised as gaming or practical applications in the platform’s app store.
It’s not just information stored on your phone that hackers could access either.
Students at Georgia Tech’s School of Computing found that they could determine what someone was typing on a keyboard that a smartphone was sitting next to by tracking vibrations through the devices accelerometer.
The team used pairs of keystrokes to determine what words were being typed.
“Take the word ‘canoe,’ which when typed breaks down into four keystroke pairs: ‘C-A, A-N, N-O and O-E.’ Those pairs then translate into the detection system’s code as follows: Left-Left-Near, Left-Right-Far, Right-Right-Far and Right-Left-Far,” read a press release from Georgia Tech.
The technique was found to have up to 80 per cent accuracy.
Gaming Consoles and webcams
Gaming consoles have been at the centre of the spy debate for years.
Gamers and concerned parents have expressed concerns over the Kinect webcam that operates on Microsoft’s Xbox 360, following rumours that the devices can be easily hacked and turned on remotely.
The debate resurfaced in late May after Microsoft announced Xbox One – which will feature a webcam that is always on and constantly connected to the Internet by default.
“With the Xbox One, Kinect is constantly on, so that you can navigate around the console with voice and gesture commands. This means that that you’re constantly being watched by an IR camera that can see in the dark, and a microphone that’s constantly listening for your audio cues,” wrote Extreme Tech’s Sebastian Anthony in an article.
“Even more terrifyingly, you can turn on the Xbox One with a voice command — yes, even when the Xbox One is off, Kinect is still listening.”
In the article, Anthony even raises the question, “What if a developer goes rogue and develops malware that snoops on you?”
But webcam hacking is possible and has even been used in bizarre online hacking games to scare and torture users.
In an Ars Technica article titled, “Meet the men who spy on women through their webcams,” reporter Nate Anderson depicted a bizarre online world where hackers use remote administration tools (RAT) to gain access to random users’ computers and then their webcams.
According to the article, these hackers can use RAT’s to launch a user’s webcam and watch them whenever they please.
RATs are installed on a computer like a virus after the user opens an infected file and are commonly shared on peer-to-peer (P2P) file-sharing downloads.
Once installed, the hacker can access private data on the computer, restart the computer, and even open the CD/DVD tray.
Comments