Covering laptop cameras, revistied



I often agree with John Gruber on Daring Fireball, save for his views on the necessity of tipping. But in 2016 he wrote this, emphasis added:

I think this is nonsense. Malware that can surreptitiously engage your camera can do all sort of other nefarious things. If you can’t trust your camera, you can’t trust your keyboard either. Follow best practices to avoid malware in the first place — don’t install Flash Player, and don’t install software from sketchy sources — and you’ll almost certainly be fine.

My comment back then:

Security is about layers, so covering your laptop camera is perfectly rational.

Now there are widely circulating reports about a Zoom video conferencing vulnerability that allows any arbitrary client to access your webcam. It’s not the first time this has happened with similar software, and I would bet my professional career it won’t be the last.

Zoom isn’t malware; corporate users download it as part of their job. So the argument that avoiding malware in the first place is well intentioned, but misguided and incomplete. Almost certainly is true, just in the other direction.

Author bio and support


Ruben Schade is a technical writer and IaaS engineer in Sydney, Australia who refers to himself in the third person in bios. Wait, not BIOS… my brain should be EFI by now.

The site is powered by Hugo, FreeBSD, and OpenZFS on OrionVM, everyone’s favourite cloud infrastructure provider.

If you found this post helpful or entertaining, you can shout me a coffee or buy some silly merch. Thanks!