from Kalcifer@sh.itjust.works to cybersecurity@sh.itjust.works on 07 Mar 2024 20:39
https://sh.itjust.works/post/15859195
Cross-posted to: sh.itjust.works/post/15859253
From other conversations that I’ve read through, people usually say “Yes, because it’s easy on Windows”, or “Yes, because they simply don’t trust the webcam”. But neither of these arguments are enough for me. The former I feel is irrelevent when one is talking about Linux, and the latter is just doing something for the sake of doing it which is not exactly a rational argument.
Specifically for Linux (although, I suppose this partially also depends on the distro, and, of course, vulnerabilites in whatever software that you might be using), how vulnerable is the device to having its webcam exploited? If you trust the software that you have running on your computer, and you utilize firewalls (application layer, network layer, etc.), you should be resistant to such types of exploits, no? A parallel question would also be: How vulnerable is a Linux device if you don’t take extra precautions like firewalls.
If this is the case, what makes Windows so much more vulnerable?
threaded - newest
I don’t really have a good answer for you, but I mean you yourself used the word “resistant” to exploits, not impervious. Nothing is bulletproof, so if a user has any concern, rational or not, what’s the harm in covering it?
Maybe your question really doesn’t have to do with the webcam question, it’s more about the level of trust you should or should not have in your software. And that, to me, depends largely on the individual.
Personally it’s just a matter of me never really using my webcam and not minding moving a little bit of electrical tape if I need to. It’s such a small inconvenience that I can’t see why not.
Back in the day the webcam didn’t even work on Linux. I still covered it…
If my laptop ever got pwned like that, someone watching me through my webcam is literally the least of my concerns.
If you cover too much of the webcam, you won't see the blinking light that says you've been owned.
Most of the security benefits of desktop Linux is that it’s less popular, and thus less likely to be targeted. Add to that the diversity in Linux and you’re unlikely to be hit by most attacks. But security through obscurity isn’t real security at all, so take that for what it’s worth.
Linux also has some benefits due to security architecture, but that again depends a lot on your specific setup (which distro, which settings, etc). Most Linux distros are probably pretty resistant, but some have larger holes than others.
So I guess it comes down to what you’re worried about:
Personally, I don’t bother, but the effort required is quite low so there’s really no reason not to.
I probably wouldn’t bother. I can think of two scenarios you might get spied on.
I expect most people don’t do (1) very often, let alone for sketchy websites, so IMO it doesn’t make much difference either way.
One word for you: undies