Spying through smartphone cameras is the latest version of hacking tactics that have been going on for some time, used by government intelligence organizations among others.
How does the idea grab you that your mobile device is filming you – without any visible indication to you and with the recordings being sent to a remote destination that you know nothing about?
Blog posts have appeared recently on some ethical hacking performed to show how camera permissions on an Android phone can be manipulated to record sound and vision without the phone’s owner being aware. Normally, the camera only operates when a viewfinder image is present on the phone screen. The trick is to reduce the viewfinder to just one pixel. This is technically enough to allow the camera to work, but too small to be seen by most users on their screen.
Other cases of smartphones turning into spy cams against their owners include an app capable of filming and piecing together images to create a 3D model of the space around the smartphone. Experts at the Naval Surface Warfare Center in Indiana, US, put the app together and then tested it on volunteers. The results were disquieting, with virtual images of people’s homes and offices, and details such as checkbook numbers available to the spies as they roamed around the virtual room images – a burglar’s dream come true.
Spying through smartphone cameras is however just the latest version of hacking tactics that have been going on for some time, used by government intelligence organizations among others. Computer webcam and microphones, as well as in-car hands-free phone systems (for the microphone) have already been in the news for the same reasons. The specific danger with smartphones is that they are so widely used, going wherever their owners go, that they multiply the risks of video and audio eavesdropping.
What can smartphone (and tablet) users do to avoid being spied on? Crude solutions include masking the smartphone camera lens with tape, when the owner has not deliberately decided to use it. However, this does not solve the problem of the microphone, which can be used to listen in to conversations.
Other preventative measures include paying attention to install permissions for apps, especially when the app asks for access to the camera or microphone for apparently no good reason. If the app is already installed, telltale signs that something untoward may be occurring are high battery consumption, high bandwidth consumption, and apps running background services for no justifiable reason. Remember that background services must be stopped properly and that just swiping an app out of an application list on your smartphone is not enough to switch them off.
Alternatively, you may be able to nip spy cam problems in the bud by running security tests on apps before choosing to install them. The RECON online testing service from Mi3 Security tests apps rapidly and effectively to show users how safe (or unsafe) a mobile app is. IT departments pondering the adoption of an app, wanting to check on an app that is proving popular with employees, or even wanting to test an app developed internally, can access the service online at any time.