Unexpected webcam sexytime

Everyone knows to try to avoid hackers, to take care to avoid giving away personal data and such really stupidly annoying things.  Web identity theft is clearly life changing, and so can many other of the prolific things that the be-scared-be-very-scared media reports that we see regularly would have us positively bricking it over.

So what of the merely annoying stuff?  I’ve found this is constantly ignored, people having installed a firewall and anti-virus will have missed many of these mostly just annoying little scams, many of which are only risks from your own housemates.

The router thing

It’s necessary to understand the router thing to get why your housemates are at least more likely to have the ability to do some of this whacky stuff.  This is why:

Unless you plug directly into a modem, your computer accesses the net via a router which allows a few computers to share access to the net through one connection.  When this happens each computer is assigned an address on the local network, not the internet.  This means that accessing a single computer on the network is difficult (not impossible, but generally not worth it for anyone who knows how).  Computers already on the network will have an address relative to yours, and so they can more easily access yours.

And, onto the pranks…

Remote fun

Whether you have a PC or a Mac or something else, running Windows or a linux flavour or whatever, you may well have a feature called something like “Remote Desktop” or whatever.  This is exploitable on some systems, and surprisingly it’s not Windows that’s the worst offender.  On a mac, when you set up this system, you don’t have to enter a required password, and nor does it suggest you should.  Switch it on, and anyone on your network can take control of your computer.  Granted you can stop them, but with it still on, they can do it again.

Admittedly, often this is blocked by an Allow Y/N type dialog box, but again on Apple’s MacOSX, this isn’t necessarily the case.

Linux fun

If your housemate has a linux computer, they may well set up a housemate account for you to use.  Some versions of Linux include this in setup (only the really homey ones).   If you are lucky enough to have a housemate who has done this, you may want to check if they have installed OpenSSH server too.

By way of explanation, OpenSSH server is a remote access server for getting to the system command line.  Linux is so flexible that this can leave some interesting tricks to play.  My favourite is below.

For linux you can get a few speech simulation engines.  There are one or two that will run without installation so even as a low level user you could give them a try.  Or, you could just get your housemate to install them when drunk.  Let’s now imagine the computer has a speech eng installed, and it’s command is “speak”.  Doing the following is immense fun.  Imagine your housemate’s computer is called “Bobs_laptop”.

From command line do this:

ssh housemate@bobs_laptop.local

You’ll be asked for a password, but just enter the one you actually have for using the machine.

Then you’ll see a command prompt.  Brilliant.

Wait for a good point, preferably at 2AM when your housemate has just finished a revision marathon or very involved project, type:

$ speak Hard Drive failure, all data erased

Or, if, like me, you’re altogether a bit more macabre, type:

$ speak If not for you, I’d have survived.

That last one gets an amazing reaction.

Other pranks involve remotely turning on webcam via this kind of method and rooting it’s output to a file on the web.  It’s a bit complicated, but the ‘cat’ command is really useful for it.

Unexpected webcam sexytime.

For those of you who want to avoid these issues, remove your housemates’ logins from the ssh server group, and put a bit of tape over your webcam.

Related posts:

1. Downside of Jailbroken iPhones