Encyclopedia > Computer surveillance

  Article Content

Computer surveillance

Computers make excellent surveillance tools because they can do things without their owners knowing about it . At the very basic level, computers are a surveillance tool because you confide your secrets into it. Anyone can then come along and access or remove your computer and retrieve your information. But if someone is able to install software on your system they can turn your computer into a surveillance device.

Getting software onto a computer can be done in three ways:

  • You obtain access to the computer directly - this requires that you load a CD or floppy disk into the computer and transfer the programs. This is possible if someone uses your computer for an innocuous purpose, or they gain access whilst you are not there.
  • You can receive a computer virus, form an email or an infected file, that can install a program on your computer. This can enable hackers to gain access to your computer, or it can send information such as your encryption keys to security services (a project the US FBI is currently working on).
  • Your computer can be hacked when it is online, and rather than damaging it the hacker can install software on the system that enables them to control it, store information on it, or read your private files. This is more of a problem for Internet servers, but computers with a permanently connected broadband line are also susceptible.

The simplest form of access would be via a new, unique computer virus. This is because it may not be picked up by virus scanning software. It could also use the facilities on your system to compile a digest of the information and usage of your computer, and send that back to its base. Whilst access to your system whilst you are online is possible, it would be difficult to arrange because unless you are online all the time, they will not when precisely when you use the Internet.

To protect against people accessing your computer from the Internet, and also protecting against rogue programs on your computer, you should use a firewall on your network or Internet connection. (refer to Firewalls in briefing 6) This will flag up a warning whenever an unauthorised access takes place. But beware of the Microsoft firewall - it only works on connections going into your computer, so rogue programs can still connect out.

Getting access to your computer is the next most likely. This is a real possibility, since you must assume that the types of people engaged in this kind of surveillance, because of the technical barriers involved, are professionals. They are also likely to have the technical capability to gain access to your home or workplace. You should therefore take steps to limit access to your system.

The briefing on Introducing Information Security (no.1) outlines how to protect your information. Perhaps one of the most effective means of preventing opportunistic access, apart from a boot password, is a screen saver with password protection. This is a simple means of preventing access whilst you are away from the computer.

Computer networks are another surveillance problem. Networks operate by sending packets of data to every computer on the network, but only the computer matching the packet address will process that packet of data. Using programs called "packet sniffers" it is possible to read all the packets that cross the network. Using a packet sniffer it is possible for one computer on the system to intercept all data transactions over the system, or just those for one of the other computers. This again could be done using software installed on the system without the knowledge of the computers operator. The problem would be extracting the large volumes of information that sniffing packets can generate. But for only a short period of time, packet sniffing could reveal all sorts of information.

One of the lesser known forms of surveillance goes by the name of 'TEMPEST'. Computer monitors and some other digital equipment emit radio waves as the high-powered coils and transistors switch electricity to create the video image. The same type of emissions can be used by TV companies to detect if their programmes are being watched on an ordinary TV without a license being paid. But with better technology, the actual image on the screen of a computer monitor can be captured and displayed.

One solution to the TEMPEST problem is to use a low powered display, such as a laptop computer. But it is possible that these displays could also emit waves that could be resolved to produce an image. The only certain solution to TEMPEST is to shield a monitor, which is a very difficult thing to do, or specifically buy an extremely expensive shielded monitor.

Finally, computers themselves can be tapped physically. For example, it would be possible to bug the keyboard in a way that transmitted the codes of the keys pressed - in this way it is easy to discover the passwords use to start the computer, as well as the passwords for accessing the Internet, email and encryption keys. Anything beyond tapping the keyboard would require taking your computer apart.

See also:



All Wikipedia text is available under the terms of the GNU Free Documentation License

 
  Search Encyclopedia

Search over one million articles, find something about almost anything!
 
 
  
  Featured Article
242

...   Contents 242 Centuries: 2nd century - 3rd century - 4th century Decades: 190s 200s 210s 220s 230s - 240s - 250s 260s 270s 280s 290s Years: 237 238 239 ...

 
 
 
This page was created in 24 ms