March 29, 2013

Google: We make it easy for anyone to spy on you...
...using your own web cams or security cameras! [Purp]

— Open Blogger

Google, now with 50% more evil. You're welcome. No extra charge.

...finds Wireless Security / Webcams that are accessible from the web. The interesting part is that for some reason these cameras do not generally allow users to remove/change the default administrative username and pass. So in most cases you can view any camera that shows up in the Google search.
Evil is a feature, not a bug.
In the Google, you don't search web, web searches YOU!



Posted by: Open Blogger at 10:58 PM | Comments (62)
Post contains 113 words, total size 1 kb.

1 New thread already?

Posted by: Arbalest at March 29, 2013 11:07 PM (6noA3)

2 Ah, so stuxnet was just googleware? Neat.

Posted by: dudenolongerinsantacruz at March 29, 2013 11:08 PM (ZCu9v)

3 What time is it?

Posted by: Body Builder at March 29, 2013 11:13 PM (2ArJQ)

4 I just had an idea for electronic "flash paper" using salvaged SRAM parts from junk network routers and LAN bridges.

I think the resistance is gonna need something like that.

Posted by: @PurpAv at March 29, 2013 11:17 PM (/gHaE)

5 Yep, it'd sure be nice if we could make all our bridges out of  flash paper...

Posted by: Ray Sist, who will likely blow up like Gary Oldman any minute now Serious, You Guys!11 at March 29, 2013 11:28 PM (ZdbBe)

6 I just had an idea for electronic "flash paper" using salvaged SRAM parts from junk network routers and LAN bridges. I think the resistance is gonna need something like that. Posted by: @PurpAv at March 30, 2013 04:17 AM (/gHaE) What is electronic "flash paper"

Posted by: The Poliltical Hat at March 29, 2013 11:29 PM (Vk2pI)

7 What is electronic "flash paper"

Old school flash paper is nitro-cellulose.  You can write on it with a pencil/pen, but it's unstable and will burn completely very fast when touched with a match or cigarette eradicating completely whatever was written on it. 

It was, and still is, popular with illegal bookies for recording their client's bets.  If the police raid the bookies shop, they just touch their cigarette to the pile of betting slips, and poof, its gone.

Modern devices, like cell phones, PDA's, flash drives, etc are all designed around the notion of RETAINING data, NOT around the idea of being able to dispose of it instantly if needed.

Enter "electronic flash paper".  It would be a battery powered device that consisted ONLY of volatile memory.  Turn off the power, the device goes blank instantly leaving no evidence that can be used against you.

Posted by: @PurpAv at March 29, 2013 11:54 PM (/gHaE)

8 http://www.youtube.com/watch?v=54H3EUAzpVg

I know they play the Metallica song better than Metallica did, but fuck it anyway.

Hand me that joint, please.


Posted by: Ray Sist, who will likely blow up like Gary Oldman any minute now Serious, You Guys!11 at March 29, 2013 11:58 PM (ZdbBe)

9 This is better:

http://www.youtube.com/watch?v=umeZtszNShk

Posted by: Ray Sist, who will likely blow up like Gary Oldman any minute now Serious, You Guys!11 at March 30, 2013 12:01 AM (ZdbBe)

10 I'm not trying to make any political point with that last post. I just think anyone who finds the bass and/or the rhythm disagreeable... you know, un-talk-to-able.

Posted by: Ray Sist, who will likely blow up like Gary Oldman any minute now Serious, You Guys!11 at March 30, 2013 12:07 AM (ZdbBe)

11 Junk SRAM is attractive because it doesn't need any external support circuitry to generate refresh cycles.  Essentially, a junk SRAM chip is a "one chip" solution.

Posted by: @PurpAv at March 30, 2013 12:22 AM (/gHaE)

12 is it made of flash paper? Will it explode if you pour some hydrogen peroxide on it? If it won't, it ain't cool, IMHO...

http://www.youtube.com/watch?v=hyWJCd1GYhw

Posted by: Ray Sist, who will likely blow up like Gary Oldman any minute now Serious, You Guys!11 at March 30, 2013 12:36 AM (ZdbBe)

13 So ... ah ... can you all see me now? I mean, is my webcam working for you? The red light is not on. But I guess if you can do all of the rest of this voodoo then you can probably keep the light off, right? I better put on a better t-shirt, instead of this GO BUCKEYES! thing that I am wearing right now.

Posted by: and irresolute at March 30, 2013 12:38 AM (DBH1h)

14 Posted by: and irresolute at March 30, 2013 05:38 AM (DBH1h) Put some pants on, too.

Posted by: BignJames at March 30, 2013 12:40 AM (Sg0G/)

15 Fight evil by unplugging your  webcams! duh! ... or better yet, just always broadcast with those overlays that show you with a moustache or funny hair and eyes!

Posted by: and irresolute at March 30, 2013 12:41 AM (DBH1h)

16 .

Posted by: @PurpAv at March 30, 2013 12:41 AM (/gHaE)

17 I taped a file card over this laptop's builtin cam

Posted by: @PurpAv at March 30, 2013 12:42 AM (/gHaE)

18 Best comment, like EVER, # 16! Me too! I am down with that!

Posted by: and irresolute at March 30, 2013 12:43 AM (DBH1h)

19 "I think the resistance is gonna need something like that." If you can read https://www.facebook.com/sarahpalin, then you ARE the resistance.

Posted by: East wind rain, I say again, east wind rain at March 30, 2013 12:44 AM (p4U6S)

20 I wonder if a North Korean is watching me right now? Maybe using me as ground-zero for one of their super-atomic- missile targets! Oh, gosh! 

Posted by: and irresolute at March 30, 2013 12:45 AM (DBH1h)

21 Yeah, we don't do webcams around here. I uninstalled the drivers for it on my laptop, the OS doesn't even know it's there. No phone cam on the face. And the phone "misreports" its GPS location. It's a bug, honest.

Posted by: Merovign, Dark Lord of the Sith[/i][/b][/s][/u] at March 30, 2013 01:00 AM (bxiXv)

22 #18, I'm a little disappointed. I thought I'd said so much that might make a person think, you know? There's a lot more to life than just period.

Posted by: Ray Sist, peroxide bearer for the explosive king at March 30, 2013 01:01 AM (ZdbBe)

23 Hmmmm. Good post, thanks OB.

Posted by: Helen at March 30, 2013 01:21 AM (93bH6)

24 #17 a file card? Do you mean to say you're not a machinist? Why don't you care about your files?

Posted by: Ray Sist, peroxide bearer for the explosive king at March 30, 2013 01:23 AM (ZdbBe)

25 Last night was the first time I ever really used the web cam on either of my laptops that came with one built in. I was making sure Niven could work with the new install at his end and that the bandwidth was adequate at his house.

The conditions that otherwise make it a very wealthy neighborhood make it very unattractive for anyone to bring decent last mile service in. There are plenty of people there who'd pay a major premium to get some serious speed but from what I've been able to find out, the regulatory regime won't allow it. To make the build-out profitable in a reasonable time frame, the carrier would need a lot of signups for the premium service but the rules require low end low price service to be offered. The risk is too high that not enough people in this neighborhood would sign up.

So ATandT only offers low end DSL and no cable company wants the neighborhood.

Posted by: epobirs at March 30, 2013 01:25 AM (kcfmt)

26 So ATandT only offers low end DSL and no cable company wants the neighborhood.

Better than Comcast. =D

Posted by: Ray Sist, peroxide bearer for the explosive king at March 30, 2013 01:32 AM (ZdbBe)

27 I know this is probably a stupid question, but does this mean some douchebag can access the cam on my MacBook, even if I'm not running the cam application ?

Posted by: My Sharia Moor at March 30, 2013 01:57 AM (liORJ)

28 James Carter is coming to a local venue with a trio and I cant find anyone to take.

http://bit.ly/167lsDy

Not your below average president.

Posted by: sTevo at March 30, 2013 02:01 AM (VMcEw)

29 I believe you, PurpAv, that Google is evil. But what's an acceptable alternative? I think all of em are in collusion to one degree or another. You struck a chord with me with Angus Young, but it's too early for AC/DC.

Posted by: L, elle at March 30, 2013 02:02 AM (0PiQ4)

30 For those who's skills are in need of honing; here's a test that will improve your HOBODAR.

If you can't tell the Hobos from the professors, how can you lay any traps effectively?

http://tinyurl.com/cpvfr36 

(American Thinker article and link to actual test)

Posted by: Bitter Clinger and All That at March 30, 2013 02:05 AM (Kpn/z)

31 #27, yes. It'd be in your best interest to stop picking your nose too.

Umm...

Posted by: Ray Sist, who will not likely blow up like Gary Oldman any minute now Serious, You Guys!11 at March 30, 2013 02:06 AM (ZdbBe)

32 Mornin'.

Posted by: dogfish at March 30, 2013 02:08 AM (N2yhW)

33 I prefer Bing maps over google maps although Bing hasn't covered the whole Earth in high res yet.

Posted by: sTevo at March 30, 2013 02:12 AM (VMcEw)

34 You could always use duckduckgo.

Posted by: RiverC at March 30, 2013 02:15 AM (KTytI)

35 Good morning,  everybody!

Posted by: Miss Marple at March 30, 2013 02:18 AM (GoIUi)

36 Embrace the suck.

If not Google, it would be someone else.

Learn how to locate and nullify web cams/spy cams.

Act as if you're being watched (because you most likely ARE) unless you're in a personally assured "Safe" room.

Learn how to nullify face recognition software.

Did you think all those folks in them old time sci fi movies had fancy tattoos on their face because it was FASHIONABLE or FUN?

Posted by: Bitter Clinger and All That at March 30, 2013 02:19 AM (Kpn/z)

37 Also, you do know that there exists equipment and software that can allow someone to spy on what your doing on your computer by detecting the signals going back and forth between your computer and your keyboard and monitor?

I know they had it for crt monitors and I'm guessing that lcds/leds aren't any "quieter". (electronic noise can be picked up like any other electromagnetic radiation.)

Takes a hell of a set up though.

Soon they'll shrink that to fit on an iPad.

Welcome to your Brave New World.

Posted by: Bitter Clinger and All That at March 30, 2013 02:23 AM (Kpn/z)

38 Some of those searches on the database are a little creepy, I gotta admit.

Posted by: chemjeff at March 30, 2013 02:23 AM (BBWjt)

39 Mero, you know how to make your phone report a false GPS location? Really? This deserves an in depth, instructional post. My fallback has been to put mine in a zip lock baggie full of air, toss it in a river and let em track me to the gulf.

Posted by: teej at March 30, 2013 02:24 AM (M7Cfv)

40 I wouldn't trust a site like that.

Anyone who makes cracking code and hacking computers for funsies most likely doesn't have many "normal" ethical constraints.

Posted by: Bitter Clinger and All That at March 30, 2013 02:24 AM (Kpn/z)

41 But I am not sure how much of this is Google's fault.  Is it Google's obligation not to permit search results for things like webcams?  Or is it webcam owner/manufacturer obligations to use/distribute tehir web cams to make sure they can't be searched in this manner?

Posted by: chemjeff at March 30, 2013 02:25 AM (BBWjt)

42 also, for the clinically paranoid; DON'T BUY THE DAMN SMARTPHONE!!

Jeessh, you guys. They've convinced you to track yourself and fill their databases. And all for a few funky apps and texting.

Plus they get you to PAY for it.

!!!!!!!?????

Anyone who connects to the "world wide web" (get it? web as in sticky trap for the unwary?) deserves what they get.

Posted by: Bitter Clinger and All That at March 30, 2013 02:27 AM (Kpn/z)

43 On most phones you can turn the GPS off. I keep mine off (like my wireless and 4G and bluetooth) to save battery life.

I don't know about the camera though, that's an interesting question.

Posted by: RiverC at March 30, 2013 02:30 AM (KTytI)

44 So ATandT only offers low end DSL and no cable company wants the neighborhood. Posted by: epobirs at March 30, 2013 06:25 AM (kcfmt) But the regulations make it "fair" don't you see. Besides those needy people that require Obamaphones have used up all the stimulus funds for the broadband upgrade boondoggle. As an aside, keep telling AT&T that you want high speed DSL and they might just swap out a card or two at the nearest central office and offer better service. That's what happened with me and Verizon.

Posted by: Hrothgar at March 30, 2013 02:32 AM (Cnqmv)

45 This post is kind of stupid. How does this make Google evil by crawling the open web? Yeah yeah, get off my lawn etc.

Posted by: HoboJerky at March 30, 2013 03:53 AM (FsUAO)

46 Low-tech solution? A small piece of black electrical tape.

Or a small picture of Roseanne Barr naked, eating a banana.

Posted by: CLP at March 30, 2013 03:54 AM (sZk6y)

47 Real headline: people are too stupid to buy a camera that is linked to the internet and allows you to change your password. Built in cameras are not connected to the internet by default.

Posted by: HoboJerky at March 30, 2013 03:58 AM (FsUAO)

48 Already posted this to the news thread, but since it relates to this thread, I do an unmoron thing and back up one: oh, and google spying... what's best for covering lenses on laptops & cells is not masking tape but freezer tape - no residue, easy to remove and replace, and cheap. Remember to fold over a bit to use as a lifting tab. Serious, you guys, you don't have to make Big Brother's job easy. They are out to get you.

Posted by: a mindful webwordsmith at March 30, 2013 03:58 AM (MBZW0)

49 @45  Yeah this post is pretty stupid.  Google does enough stuff that's evil without having to blame them for stuff that they're really not responsible for.  All they're doing in this case is cataloging what's out on the web.  If you want to spread blame around, blame the camera manufacturer for making a shitty product that apparently won't let the owner change the default username/password.  Or blame the people who installed the cameras for not putting the cameras behind a firewall.  Or blame the guy at exploit-db.com who publicized how to run that particular search.  (But really though, I wouldn't blame him.  Publicizing bugs is the best way to get them fixed.  Keeping them hidden is a great way to make sure only people who have malicious intent know about the bugs.)  In fact, if you want to blame exploit-db.com for publicizing it, you should also blame a particular smart military blog for putting a story about this exploit on their front page.

Posted by: ARL at March 30, 2013 04:02 AM (X4Pz8)

50 #44

Wouldn't matter what they do at the CO/RT. The distance is such that until they see potential profit in pushing fiber closer to the neighborhood nothing else will matter. This a necessity to get up to snuff with typical density neighborhoods, never mind offer a service like Uverse. This is the ATandT answer to FIOS but it doesn't actually bring fiber to less than a half mile from your home at best. It just gets close enough to max out what can be done with the existing copper.

The speeds they can get over short spans of copper have improved quite a lot since the first DSL deployments. But past a certain distance it just means you can get low end DSL instead of ISDN. Better but still far below what my far cheaper neighborhood gets. Niven is in a gated community of not quite mansions but quite large houses on very big lots. Density is a big factor in calculating ROI for a service offering.

Posted by: epobirs at March 30, 2013 04:21 AM (kcfmt)

51 I'm not especially excited about this. It has more to do with a single product having bad defaults than any malfeasance on the part of Google.

Before I had proper wiring in my home, I used powerline modules to create the network. I kept running into situations where I was getting constrained bandwidth even though my router was reporting very low activity. It turns out one of my neighbors in the same multi-unit building was also using powerline networking and his base address on his router/gateway was lower than mine and thus my PC was picking an address from his router and sending traffic over his DSL. He didn't understand what was going on but set up his router to throttle bandwidth to any single node.

We had some fun with it for a while. His drive shares were wide open and I could easily change his desktop background to a solid color with large letters reading, I SAW WHAT YOU DID. Stuff like that. It's been three years since I last used the powerline modules but I can still plug one in and connect a computer to go poking around his network. It seemed like he would never learn so there wasn't any sport in it.

Posted by: epobirs at March 30, 2013 04:32 AM (kcfmt)

52 So I'm going through the list of google search results and am trying to spy on some sexy young coeds conduct some research. Most of the links don't load, most of the ones that do go to a blank page, and the few that ask for a login reject all the default passwords. Don't think this is that big a deal.

Posted by: mugiwara at March 30, 2013 04:38 AM (hpYnL)

53 ring ring ring ring ring ring ring ring obamaphone

Posted by: RiverC at March 30, 2013 04:39 AM (KTytI)

54 Safe BrowsingDiagnostic page for bible.org

What is the current listing status for bible.org?

Site is listed as suspicious - visiting this web site may harm your computer.

Part of this site was listed for suspicious activity 9 time(s) over the past 90 days.


The advisory Provided by GOOGLE

Posted by: T. Hunter at March 30, 2013 06:31 AM (EZl54)

55 I call bullshit!  I install cameras and DVRs for a living.  You can absolutely change any and all user names and passwords.  The results that come up are not webcams like you would think of, they are camera servers and all are password protected.  I clicked on the whole full page and not one was accessible.  Feel free to try it.  Many of them require activex and can only be seen in IE

Posted by: Voltron at March 30, 2013 06:42 AM (ceolo)

56 I don't get it...so Google is searching for my webcam on my computer? What if it's never on?  I don't understand what the point is, seeing a bunch of people in their pajamas surfing the net.

Also, I'm sick of my Android and Google's invasive, pervasive clutches. I'm probably going back to Blackberry. They're so lame nobody will be following us.

Posted by: PJ at March 30, 2013 06:56 AM (ZWaLo)

57 Way to crash a server Morons...

Posted by: Voltron at March 30, 2013 06:59 AM (ceolo)

58 Come on, man - this is exactly the sort of sensationalist bullshit that we call others out on all the time. Google is a search engine. They help you find sites on the web. Some other asshole found a way to exploit webcams made by negligent manufacturers and spy using them and put them online. Google has those sites listed in its search results. Blaming Google instead of the asshole is like blaming the gun manufacturer for school shootings.

Posted by: Dan G at March 30, 2013 07:14 AM (iq19F)

59 PurpleAvenger, to the barrel with thee!

Posted by: boulder toilet hobo at March 30, 2013 08:57 AM (QTHTd)

60

That's not so much google being evil as google doing what google does. As a group that is big on personal responsibility we should make sure we understand how to secure an item we use.

In this case it is just information.

Posted by: AdamPM at March 30, 2013 09:02 AM (KQUMx)

61 This is silly. And old. You've been able to do this for years, thanks to stupid and lazy people who connect their cameras to the entire planet, yet can't be bothered to do the most trivial of setup tasks. It has nothing to do with Google being evil. And neither did that made-up scandal about Google recording unsecured Wi-Fi traffic. This sort of thing makes the right look like fools, and it plays right into the plans of people who want the federal government to "regulate" the Internet so as "protect" us from teh evil corpurashuns.

Posted by: GalosGann at March 30, 2013 09:23 AM (vW1n3)

62 How is this Google's fault? It doesn't control the software that camera manufacturers choose to use.

Posted by: CTD at March 30, 2013 10:58 AM (VqiII)

Hide Comments | Add Comment

Comments are disabled. Post is locked.
102kb generated in CPU 0.13, elapsed 1.5751 seconds.
62 queries taking 1.5079 seconds, 298 records returned.
Powered by Minx 1.1.6c-pink.