Latest Telepresence and Visual Collaboration News:
Five Tips For Dealing With VC Camera "Hacks"
Back in 2012, I wrote an in-depth article about the dangers of videoconferencing hackers. My takeaway was that while VC hacking may be technically possible, it is easily preventable by following basic security best practices. Furthermore, there is little evidence that it is happening en mass, or that it should be a concern above and beyond general internet security fears. While some said I was ignoring the dangers, in the two years that followed I have yet to see a massive wave of successful VC hacks, or anything other than anecdotal tales of breaches in unsecured environments.
Today I came across one such example, when a redditor posted a link to a video of an unfortunate victim of a supposed VC camera hack. Turns out it wasn't much of a hack after all. The camera software was using the default login (admin) and no password whatsoever. In other words, this was no backdoor hack, the front door was wide open with a plate of fresh baked muffins on the counter. The "hacker" was likely a friend or co-worker, enjoying a harmless prank by playing "I'll Be Watching You" over the camera's speaker (funny, right?). However, the "victim's" reaction provides a perfect lesson in how to handle the situation if you should suspect someone (other than Sting) may be watching you.
1. Don't Panic!
Whether this is a harmless prank, or an actual bad person at work, there is nothing to gain by freaking out. If you are being recorded, there is no telling who will wind up seeing it. Take advantage of the fact that you know (or suspect) you are being watched. Act cool and in control. The worker in this case absolutely nails it. Whether I was his boss, co-worker, or a potential client, I would feel comfortable with my work in his hands. Even though he is completely caught by surprise, he remains unruffled.
2. Assume You Are Being Watched And Heard
Ok, someone is messing around. There is no telling what parts of your system they are into. If they got the camera, they probably have your microphones. Again, whether this is a harmless prank, or a real attack, you don't want to give anyone any ammunition to make you look or sound foolish. Our hero in the video handles this perfectly, saying nothing that could make him appear foolish.
3. Stay Professional
This is related to the previous two points, but is worthy of its own discussion. Remember your goal isn't just to avoid looking foolish before your prankster to deny him the satisfaction of "getting you." Your goal is to show anyone who may wind up seeing this video how cool and in control you are under fire. You have the advantage here, you are being recorded, and you know you are being recorded. You are the actor, director, and screenwriter. Make yourself a hero like the worker in this video. Notice he never curses, or acts frustrated or annoyed. He simply, calmly, and professionally address the situation so he can get back to work.
4. Call Support. Fix It. Get Back to Work
After only a few minutes, the worker in this video calls IT support to set a password and lock down the software for his camera. It could be tempting to let this be a big distraction, call in your office friends to show them the problem and chat about it, etc. Remember, you are being recorded. Your boss or clients may wind up seeing this. Again, you write the script, so make yourself the hero. Handle the issue and get back to work.
5. Relax, Treat it Like a Joke (Outwardly).
Obviously, hacking is no joke. If it is a real breach, the repercussions could be severe. Until you can find the source, and be sure that it is just a prank, you will have to treat the incident seriously. But that doesn't mean you shouldn't stay cool on camera. Note in the last few minutes of the video, when he is talking to his IT support, he lightly says the incident is "weird" and "funny." Internally he may be planning on a set of new security measures, but for all appearances he is un-phased. No one looks good on camera when they are angry. If you are really upset by this intrusion into your work, wait till you get home to vent.
Some may say I treat the issue of VC security too lightly with articles like this. I do understand that it is a serious issue, and recommend that those working with sensitive information follow best security practices. However, at this time most evidence of VC security breaches are anecdotal, and involve situations like this one; an insecure environment and an open device without even a password. The only harm in this case was 6 minutes of wasted productivity, but that is more an issue with office pranks in general than with VC specifically. A bigger concern in terms of lost productivity would be dealing with the vicious scourge of offices covered in tin foil and wrapping paper, which according to Google Images appears to have resulted in the loss of incalculable man hours.
About the Author
David Maldow, Esq. is a visual collaboration technologist and analyst with the Human Productivity Lab and an associate publisher at Telepresence Options. David has extensive expertise in testing, evaluating, and explaining telepresence and other visual collaboration / rich media solutions. David is focused on providing third-party independent analysis and opinion of these technologies and helping end users better secure their visual collaboration environments. You can follow David on Twitter.
Add New Comment
Telepresence Options welcomes your comments! You may comment using your name and email (which will not be displayed), or you may connect with your Twitter, Facebook, Google+, or DISQUS account.
See what happens when YouTube and TPO come together at the Telepresence Options YouTube Channel.