Windows security

[andrewducker]

I have a laptop. It has a webcame built into the lid, so that if I'm using it it's pointing directly at my face.

Why not, whenever I get my login password wrong, take a photo from the webcam? And then, when I do log in, it could tell me there were 76 failed log in attempts, and show me the photos. It wouldn't catch people all the time, but sometimes it might.

Comments

[drjon.livejournal.com]

sounds like a relatively easy app to write.

[andlosers.livejournal.com]

Mine has the interesting ability to log me in through facial recognition. I haven't enabled that, because it freaks me the shit out, but I wonder if that has that feature? It should.

[andrewducker]

"Since you last sat here, 14 other people have smiled at my suggestively"

[erindubitably.livejournal.com]

"Hello, User. How YOU doin'?"

[a-pawson.livejournal.com]

Mine too. It fails utterly, however, as it is seems to be convinced Susan and I are the same person. In fact if there is any vaguely oval shaped object in the picture it seems to randomly log into a user account.

[anton-p-nym.livejournal.com]

I believe that there's after-market security software that does precisely that. I wouldn't want it as part of the OS directly, though... too Orwellian.

-- Steve's a bit leery of built-in webcams, particularly given the horrible invasion of privacy that happened to those students in the US because of them.

[red-phil.livejournal.com]

This is where a little bit of insulating tape come in handy.

I may be a little paranoid, but I turn my webcam to face the wall when I'm not using it.

[the-magician.livejournal.com]

My (work) laptop has a yellow post-it (piece) over the camera, in part because occasionally on a team or company wide dial-in, I can sometimes see a few seconds of someone else on camera, and I don't want it to be me, particularly if I'm working from home!

My "loose" webcam on the home desktop gets put in the top desk drawer when I'm not actually using it (still connected, but can only see my pens!)

If I were Google, and evil, then I'd record the *wrong* passwords people type when logging into GMail etc., as there's a good chance than some of those are work email passwords, ebay/paypal passwords etc. and I could then use them to do ID theft, empty bank accounts etc. ... luckily I am neither Google nor evil (where Google may or may not be a subset of Evil(tm))

With multi-touch screens, can't be long before they start implementing chord passwords ("press three buttons at same time, take hand away, press another three buttons, phone unlocks")

And of course Microsoft have already demonstrated software that reads your expression and adjusts the replies based on whether you look happy, sad, upset etc.

[red-phil.livejournal.com]

I had similar thoughts about logging password failures, or even successes. Too many people share too few passwords among all their logins.

[the-magician.livejournal.com]

hmmm, I see the possibility for having a password that's built from the URL of the site and your standard password using some sort of "app".

E.g. you type in "www.nytimes.com" and "mypassword" and get back "MrMxyzptlk", but if you type in "www.youtube.com" and "mypassword" you get back a different set of characters.

My problem with the commercial versions of this sort of thing is that
a) it adds steps to logging into anything
b) I don't trust the writers not to have a backdoor to get access to my passwords

But still, it looks like it should be relatively easy to add it as a right-click option in Firefox or similar ...

... what I don't want is something that shows me the calculate password and requires me to cut and paste it across into the other input screen, or worse, requires me to rekey it (like an iPhone app might do).

I'm sure there are tools out there that do most or all of that.

[alpha-c3ntaur.livejournal.com]

Seconded on the insulating tape. If i could semi-permenantly disable the webcam on mine I would tbh. Unfortunately it uses the same drivers as the Wireless for some obscure reason.

[0olong.livejournal.com]

I missed that. Please could you fill us in?

Thanks.

[cartesiandaemon.livejournal.com]

Maybe it _does_ :)

[momentsmusicaux.livejournal.com]

I heard of a thing that you can set up on your computer and if it's ever nicked you can somehow activate it and it sends everything the webcam sees to your email...

[alpha-c3ntaur.livejournal.com]

Yeah or somebody else can install it on your computer and monitor everything you do.

[mair_in_grenderich]

my brain has seen too many lolcats and insists that the first sentence should be "I has a laptop".