So, apparently Miss Teen USA’s computer got infected with a webcam-spying remote access trojan. So someone got some sneaky pictures of her, and tried to blackmail her. Fortunately, instead, she decided to talk about it.
This is good. The majority of people don’t take computer security seriously enough. This could get some people talking, finally.
Unfortunately, the one effective technique against something like this–application whitelisting–isn’t available for the home versions of Windows. Most people think of application whitelisting is a corporate thing, but a signature-based whitelist would keep this kind of software from running on a home PC, which is the target for webcam snooping. Home users need it too. And unfortunately, it’s the people who are most likely to buy the cheaper home version who need it the most. Are you listening, Microsoft?
In the meantime, keep a piece of tape on your webcams, I guess.
But maybe now that Miss Teen USA is running around the talk show circuit talking about this stuff, people will start thinking that maybe, just maybe, bad stuff doesn’t always just happen to other people’s computers. Because it doesn’t.
As a security professional, I’m glad for anything that raises awareness. Because security awareness is one of the DSD Top 35 migitations–it’s #20. And of the 35, it’s the hardest to buy.
And if you’re not scared enough yet, it’s possible to do webcam spying not only with a laptop, but also with a smart TV. It’s a little harder with smart TVs because they’re all a little different, but nobody thinks about their smart TV, and the manufacturers rarely, if ever update them to fix security bugs. Fortunately, TV hacking is, as far as we know, more in the realm of theory right now than active exploitation, but it’s only a matter of time before that changes. The time to pressure manufacturers–or just stop buying smart TVs–is now.