this post was submitted on 07 Mar 2024
11 points (100.0% liked)

Cybersecurity

5764 readers
35 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Community Rules

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected]

Notable mention to [email protected]

founded 2 years ago
MODERATORS
11
submitted 8 months ago* (last edited 8 months ago) by Kalcifer to c/cybersecurity
 

Cross-posted to: https://sh.itjust.works/post/15859253


From other conversations that I've read through, people usually say "Yes, because it's easy on Windows", or "Yes, because they simply don't trust the webcam". But neither of these arguments are enough for me. The former I feel is irrelevent when one is talking about Linux, and the latter is just doing something for the sake of doing it which is not exactly a rational argument.

Specifically for Linux (although, I suppose this partially also depends on the distro, and, of course, vulnerabilites in whatever software that you might be using), how vulnerable is the device to having its webcam exploited? If you trust the software that you have running on your computer, and you utilize firewalls (application layer, network layer, etc.), you should be resistant to such types of exploits, no? A parallel question would also be: How vulnerable is a Linux device if you don't take extra precautions like firewalls.

If this is the case, what makes Windows so much more vulnerable?

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 3 points 8 months ago

I probably wouldn't bother. I can think of two scenarios you might get spied on.

  1. Through your browser you've granted a website access to your webcam (Zoom etc.) and left a tab open. Maybe it could activate it when you weren't expecting?
  2. Someone has used a vulnerability to take control of your computer to the degree it can access your webcam directly. Desktop linux software doesn't usually have meaningful isolation between software running as the same user, so at this point they can grab all your data, passwords, take screenshots, etc. and the webcam is just the cherry on top.

I expect most people don't do (1) very often, let alone for sketchy websites, so IMO it doesn't make much difference either way.