Tag: cctv

Macbooks use cameras to spy on owners

The fruit themed toymaker Apple’s legendary sloppy security has been bought into the spotlight again after it was revealed that you can turn on the laptops camera without the owner knowing.

Miss Teen USA Cassidy Wolf contacted the FBI after she received two nude photos of herself by e-mail which had been taken over a period of several months.

The untouchables found that the person who had taken the snaps was a high school classmate, a man named Jared Abrahams. Abrahams’s had software on his computer that allowed him to spy remotely on her and numerous other Apple fangirls. Abrahams pleaded guilty to extortion in October.

Laptops with built-in cameras have a privacy feature that turns on a light when the camera is being used. In the case of PCs, security experts say that there is no way to deactivate the warning light. However it appears that in the case of Macbooks someone has worked out how to do it.

In fact the FBI recently admitted to the Washington Post that it has known how to do it for years. This is despite the fact that Apple assured its users that the camera had a “hardware interlock” between the camera and the light to ensure that the camera couldn’t turn on without alerting its owner.

Security experts at Johns Hopkins University have come up  with a method using MacBook and iMac models released before 2008 and would probably work on later models too.

It is based on the fact that a modern laptop has several different computers in one package. Apple designed its MacBooks to block software running on the MacBook’s CPU from activating its iSight camera without turning on the light. But if you target the chip inside the camera, known as a micro-controller, you can defeat this security feature.

But this also opens up a large number of security vulnerabilities in Macbooks which no one ever really thought of.

The researchers found that you could also mount an attack on Apple batteries, which causes the battery to discharge rapidly, potentially leading to a fire or explosion. Another researcher was able to convert the built-in Apple keyboard into spyware using a similar method.

It all depends on how much security Apple puts on its hardware, and it appears that they might not put on much. The reports’ authors said that they had contacted Apple, which got back to them several times. However it does not appear to have done anything.

The best way to deal with the problem is to put a piece of tape on your camera which you take off when you want to use it. No Apple fanboy would do that of course, it would destroy the gizmo’s design. It is much better for them to trust in the power of Steve Jobs to protect them from all hacks. 

US to make improvements in facial recognition software

The US federal government is closer to making a surveillance system that would pair computers with video cameras to scan crowds and automatically identify people by their faces.

The New York Times has got its paws on reports relating to the Department of Homeland Security’s crowd scanning project called the Biometric Optical Surveillance System [BOSS].

The system was not fully baked, but researchers say they are making significant advances.

The idea is to have a system that would help match faces in a crowd with names on a watch list. It would allow police to spot suspects at high-profile events like a presidential inaugural parade or find those who have escaped from prison.

So far technical specialists say crowd scanning is still too slow and unreliable, but the NSA is still keen on coming up with a workable plan in time for when computer processing power is strong enough.

BOSS began as an effort to help the military detect potential suicide bombers and other terrorists overseas at “outdoor polling places in Afghanistan and Iraq”. But in 2010, the Department of Homeland Security wanted it to be developed for use by the police in the United States.

During a recent test of the system, the department recommended against deploying it until more improvements could be made. However, at this point it is not clear when this may be done.

Researchers say they made progress, and independent specialists say it is virtually inevitable that someone will make the broader concept work as camera and compute power continue to improve.

The feeling is that it could be in place in five years centred around a two-year, $5.2 million federal contract given to Electronic Warfare Associates.

BOSS is handicapped by the fact that taking snaps of crowds from a distance is blighted with lighting problems and faces tend to be partly obscured.

Currently BOSS researchers are trying to overcome those challenges by generating far more information for computers to analyse.

BOSS consists of two towers bearing “robotic camera structures” with infrared and distance sensors. They take pictures of the same subject from slightly different angles.

A computer then processes the images into a “3D signature” built from data like the ratios between various points on someone’s face to be compared against database of faces.

A more recent test used 30 volunteers whose facial data would be mingled in a database among 1,000 mug shots. The agency set up six tests to determine the technology’s overall accuracy. The test worked out that the technology was not ready for police to buy.

Currently the belief is that the technology could be ready to deploy within five years. 

Post-Sandy Hook, US school surveillance market rockets

American schools are rushing to purchase high tech surveillance and security equipment in the wake of school shootings like the Sandy Hook massacre.

By 2017, the market for security systems integration in schools alone is expected to be worth $4.9 billion, compared to $2.7 billion in 2012, or an 80 percent rise, according to analysts at IHS.

On the shopping list is provision, installation and maintenance of video surveillance, as well as alarm systems and physical access control. Physical access control includes security products like smart cards and other ways to limit access to restricted areas.

Traditionally, schools have depended on a mix of physical access control and emergency notification systems. This is still desirable for a lot of schools, but more are increasingly changing the way they think about outright surveillance, and demand for video surveillance is through the roof. IHS says the growth rate for video surveillance equipment is more than double that of products like smart cards.

Security analyst at IHS, Paul Bremner, said after events like Sandy Hook and the Santa Monica shooting, schools now think security systems should be used to “detect and mitigate problems as they happen”. In other words – real time, intelligent surveillance, rather than just providing forensic evidence after the fact.

“Because of this, schools are employing security system integration providers, which provide technologies and services that combine multiple safety mechanisms into a cohesive solution,” Bremner said.

“Video surveillance systems in the education sector have the added advantage that they can be used for a broad range of tasks,” Bremner said, “including gathering evidence for a criminal investigation, acting as a deterrent for theft, assault and vandalism, or simply by providing greater visibility to the school’s security staff”.

Photos of Boston bombers released to stop web vigilantism

Last week, thousands of people took to social media in the aftermath of the Boston Marathon bombings, hoping to help identify the perpetrators. 

It didn’t take long before the admirable effort degenerated into a racist Where’s Wally, with thousands of people trying to find brown people with backpacks in the huge crowd. Eventually these industrious CSI fans “identified” dozens of such individuals, including a couple of law enforcement officers and security staff in plain clothes. 

Of course, they were all dead wrong. 

The terror suspects were eventually identified thanks to CCTV footage, which wasn’t even made public following the attack. In other words there was absolutely no way the public could have identified them, but the cyber vigilantes did find quite a few dark skinned people with backpacks. It turned out the real suspects were not “brown,” they were from the Caucasus, which means they were, er, Caucasian. 

The Washington Post now reports that law enforcement was practically forced to release the suspects’ images due to the social media witch hunt. Investigators were concerned that the manhunt could become a chaotic free-for-all, with civilians, media and internet vigilantes in the mix. The FBI stressed that only its images should be considered by the public, to no avail. Even US president Barack Obama cautioned the FBI to make sure that their photos really showed the real suspects.

What’s more, even after the Tsarnaev brothers were identified, the mob kept going, spurred on by conspiracy theorists. 

The fact that the vigilantism contributed to the decision to post the images may have far reaching implications. We will never know whether the suspects would have been apprehended quietly, with no casualties had the photos not been published. Once the photos were released, the Tsarnaevs panicked, shot an MIT police officer and carjacked an SUV. One of the suspects was eventually killed, while the other one suffered extensive injuries and may not be able to provide investigators with information even if he recovers.

Group warns Google Glasses mean dystopian future

While the geekier of us have been frothing at the mouth dreaming of ugly glasses that are sort of like smartphones, one group is dead against it: Stop The Cyborgs argues that technology trends are leading the world into a future where “privacy is impossible and central control total”.

The group describes its primary objective as sparking debate, but it also wants sympathisers to take active action toward making life difficult for what it calls intrusive surveillance. It is not after an all encompassing ban on devices like Google Glass, but claims it’s “important for society and democracy that people can chat and live without fear that they might end up being published or prosecuted”.

The argument swings both ways. Many abuses of power have been captured by citizens with smartphones that otherwise would have not even been on the radar.

Stop the Cyborgs frames technological developments not as politically or socially neutral progressions, but instead that they impact the lives of people, and “encourage and discourage certain behaviours but we typically don’t even question their design and intrinsic biases”. The group espouses the idea that regular Joes must become politically active to shape the social norms around technology.

Supporters are encouraged to make their property or places of work free of Google glass or surveillance devices by asking people to turn off their devices. This, the group argues, achieves several points: it is a practical act to cut off localised surveillance, a symbolic act that displays privacy concerns, it is a way of exerting social pressure to establish norms around usage, and it can serve as market pressure to discourage consumers from buying – and ultimately companies from developing – the systems.

A cynic could argue this push back against surveillance is too little too late. Already it is possibly for intelligence agencies and authorities to gain access to email logs and more. A recent study also suggested that if you have a GPS-enabled smartphone, you are stuffed – with simple technologies available to authorities it is already possible to track and determine your ID.

Once in to a personal device, that one portable portal to the net is already a marsh of information about the user, so often connected to other accounts online as well.

Multi-billionaire New York City mayor Michael Bloomberg sounded somewhat worried when he recently appeared on radio to warn that the tide is coming in on domestic UAV drone use. Britain is the most surveillance-heavy country in the world. Facebook probably knows more about you than you or your close friends do, and the concept of utilising big data to extract predictive trends or existing information is getting smarter every day.

From a slightly conspiratorial point of view, theoretically it’s not a gigantic leap to imagine devices like Google Glasses as a more obvious push to turn the public, enthusiastically and with consent, into becoming constantly-connected and accessible on the move. We guess the question isn’t of blocking the technological developments, but rather how the information gleamed from those developments can be used, and for what.

For now, Stop the Cyborgs believes concerned citizens should write in to their political representatives, set up local groups, or even build “more human, privacy preserving systems”. As one of the top comments on the group’s about page points out, the companies developing these systems will “be spending a fortune promoting” them.

Companies like Google and Qualcomm are pushing an ever connected future and deciding the emerging trends: with the Internet of Things around the corner, it will not be long before many of us are intrinsically linked to the internet, whether we like it or not. 

CCTV turns into Mystic Meg

In a development which looks like it comes from an episode of Red Dwarf, researchers from the Carnegie Mellon university have developed a surveillance system which spies on humans and can predict what might happen next.

According to Parity News  the researchers have been developing the spying software for the military. Dubbed Mind’s Eye, it recognises human activities in video and can predict what might happen next.

This means that the authorities can be on the scene before anything nasty happens. Or people can be arrested before a crime takes place.  If the software gets good, it can predict if a child will commit the crime at the moment of birth and make sure it pays for it, long before it even thinks of it.

Curiously this is exactly the software which was demonstrated in an episode of Red Dwarf, where such predictive software sabotaged a repair on the assumption that the human crew would stuff it up.

In a paper with the catchy title “Using Ontologies in a Cognitive-Grounded System: Automatic Action Recognition in Video Surveillance”, the researchers describe an artificial intelligence cognitive engine that automatically detects and interprets a person’s actions using a surveillance feed.

It is all based on previous research in the field of surveillance and specifically in object recognition.

They have also incorporated activity forecasting that tries to understand what humans will do based on their physical trajectories.

Currently, the main cost associated with CCTV surveillance are the people needed to analyse the imagery.

If this sort of software works then local councils will be tempted to use it to replace humans involved in imagery analysis. What could possibly go wrong?

Mass school CCTV snooping readies kids for Spy Society

Secondary schools and academies across the UK have been spying on staff and students using CCTV cameras, a new report has found.

According to Big Brother Watch, there are more than an estimated 100,000 CCTV cameras installed across these institutions – with some even found in private areas such as toilets and changing rooms.

Parents, speaking with TechEye, have said the findings show the “spying state has gone too far,” while other privacy groups have said the use of cameras mirrors “reality TV”.

Big Brother Watch obtained the data under the Freedom of Information Act. Responses from 2,107 secondary schools and academies showed they used 47,806 cameras overall, including 26,887 inside school buildings.

In 207 schools, cameras were located in toilets or changing rooms, while 54 schools were found to have more than one camera inside the school for every fifteen pupils.

The Radclyffe School in Oldham was found to be the worst culprit when it came to recording footage in toilets and changing rooms, admitting to having 20 cameras in these areas.

With 1.8m pupils being taught in these schools, there was an average of one camera for every 38 children.

In all, 90 percent of schools had CCTV cameras, with an average of 24 cameras in each of the 1,537 secondary schools that responded and 30 cameras in each of the 570 academies.

Earlier this year, Big Brother Watch found there are currently at least 51,600 CCTV cameras controlled by 428 local authorities.

The group said this posed the question of how the situation in schools had reached this level without any concerns being raised.

It also pointed out that the Home Office’s proposed regulation of CCTV would not apply to schools and that the new post of Surveillance Camera Commissioner would have no enforcement or inspection powers.

Nick Pickles, director of Big Brother Watch, said the research brought with it some serious questions about the privacy of schoolchildren across Britain. He said the full extent of school surveillance was far higher than the group had expected and “would come as a shock to many parents”.

“Schools need to come clean about why they are using these cameras and what is happening to the footage,” Pickles said. “Local authorities also need to be doing far more to reign in excessive surveillance in their areas and ensuring resources are not being diverted from more effective alternatives”.

The government’s snooping bill does cover CCTV, but according to Big Brother Watch, the regulations aren’t robust enough to cover the spiralling schools problem.

Under the Protection of Freedoms Bill 2012 (Part 2, Chapter 1), the Home Secretary is required to prepare a code of practice containing guidance about surveillance camera systems. The Act outlines that relevant authorities ‘must have regard’ to the code, however “a failure on the part of any person to act in accordance with any provision of the surveillance camera code does not of itself make that person liable to criminal or civil proceedings”.

The draft Code also states “the commissioner has no enforcement or inspection powers” and that the code will only apply to a limited range of organisations.

Big Brother Watch argued that the code would therefore not apply to schools.

Charles Farrier, No CCTV spokesperson, told TechEye that the report showed “the worrying degree to which children are being tacitly taught that surveillance is a good thing”.

“Both school pupils and parents ought to be asking why it is that schools are becoming ever more like high security prisons,” Farrier said.

“We should also be asking what problem the are cameras aiming to solve,” he said. “We know from study after study that surveillance cameras have no significant effect on crime but what we have yet to fully understand is their impact on our society.

“Schools should set an example to children of how to solve problems through relationships between people rather than simply turning problems into reality TV,” Farrier said.
The research has shocked parents who have told TechEye that they believe the “spying state has gone too far”.

One told us: “I can understand that schools would need a certain degree of CCTV given the age we live in. However, installing cameras in the toilets and changing rooms shows that the spying state has gone too far.”

Another added: “What happens if this footage falls into the wrong hands? There are a few people working in schools that may not be as nice as they seem. I’d hate for my child to be watched in his underwear while getting changed for PE. It’s not a TV show, it’s our children’s lives.”
Following the report, the Department for Education sent out a generic statement where it claimed it had already acted to make it unlawful for schools to use biometric data like fingerprints without parents’ permission.

A spokeperson added: “CCTV can be beneficial in some cases but this is a decision that head teachers should take.

“Schools using CCTV are required by law to adhere to the Data Protection Act.”

Smart CCTV uses Facebook-esque 'tagging', follows people

Eerie surveillance equipment developed by scientists that can ‘tag’ and track people over CCTV has beaten big name tech firms to a security prize.

London’s Kingston University has landed an award as ‘CCTV system of the year’ for the surveillance software which is able to pinpoint suspicious people and monitor them over a whole network of cameras.

As soon as operators notice something they consider suspicious, they can ‘tag’ an individual by clicking on their image, like in Facebook, allowing the computer to search through its systems to find out past movements, and even predict what the individual will do next.

So far, so ‘Big Brother’, then.  But the lead computer scientist on the project, one Dr James Orwell, believes it could really help policing.

With the automated tracking, named Tag and Track, police could drastically improve efficiency in poring over CCTV footage, making it even easier to keep tabs on the populace.

The surveillance software developed with Orwell’s team managed to fight off competition from Samsung and Panasonic at the annual International Fire and Security Exhibition and Conference (IFSEC) to take the top prize.

Tag and Track could be useful in finding missing kids, locating flight passengers who check in bags but don’t show up at the gate, or even predicting bottlenecks at queuing points before they even happen.

Whether this list will also include the monitoring of a futuristic dystopian society in order to break the will of those who oppose it was not noted by the university.

CCTV an overlooked security threat

CCTV is becoming a bigger security threat and one the UK should be worried about, a security expert has warned.

According to the source, the technology is becoming more of a target for hackers who have either been paid by criminal gangs to try and erase evidence, or for financial and pleasurable gain.

CCTV.co.uk reports there are around 1.85 million CCTV cameras across the UK. It put the top 0.15 million cameras as being spread out between public transport and local authorities, which left the rest owned by public and private companies.

However, as the result of some many security cameras, the incentive to hack into networks is becoming more and more tempting.

“There is one huge, underlooked risk on the UK’s doorstep. And that’s CCTV hacking,” the source said. “Although this isn’t a new risk, we’ve seen this increase over the past few years as this technology becomes more of a tool to provide evidence and put people away.” 

The source pointed to examples where images captured over CCTV or IPTV were able to pull pictures of people in compromising positions.

“As we all know it’s not possible to completely protect public security systems from hackers,” the source said.  “Hackers can react in the same way they would with a wireless network, breaking down the encryption and getting in”.

“I wouldn’t be surprised in a bid to cut back on budget that many local authorities have skipped the security side here, putting in basic encryption or layers than can easily be broken,” the source warned. 

Hacked cameras entertaining thousands

One of the latest internet hits is Big Brother style footage of an elderly woman watching TV in a care home. Apparently, television has become so bad that a woman identified by the press as “Martha”, along with other open cameras, has become must watch internet TV.

Martha’s carers were one of up to 50,000 customers who bought and installed a security camera made by the US company TRENDnet. It was discovered that the live footage they captured could be watched by anyone with an internet connection, without even having to guess a password.

While some TRENDnet customers have taken steps to fix it, most haven’t, and apparently remain unaware that the devices they installed to keep themselves safe could in fact be doing the exact opposite.

According to the Sydney Morning Herald, few customers registered their devices with the company, and TRENDnet is unable to fix the problem remotely. Users must download a software update from the company’s website and install it manually.

The distributor for TRENDnet took steps to contact local customers in February, but users who do not read the tech press are basically stuffed.

The TRENDnet case is being touted as an extreme example of what can go wrong when a security flaw is discovered in a device connected to the internet.