Main Page | See live article | Alphabetical index

Computer surveillance

Computer surveillance is the act of surveiling people's computer activity without their knowledge, by accessing the computer itself.

Computers make excellent surveillance tools because they can do things without their owners' knowledge or consent. Most computers have connections to networkss, which can be exploited (through security cracking) to gain access to any confidential data that may be stored on the computer. Additionally, if someone is able to install certain types of software on a system, they can turn it into a surveillance device.

Surveillance techniques

Packet sniffing is the monitoring of data traffic into and out of a computer or network. In some networks, data transmissions are sent only to the machine they are intended for, while in others, transmissions are broadcast to all machines connected, but processed only by the target computer. In the latter cases, it is possible to packet-sniff a computer using only another computer on the same network, without placing any software or equipment on the surveiled machine.

A surveillance program installed on a computer can search the contents of the hard drive for suspicious data, and report back to its operator through the Internet connection. It can also use more malicious tactics, such as removing or modifying the data.

Physical (hardware) surveillance devices ("bugs") are also possible. A relatively simple bug is a keystroke logger implanted in the keyboard. More sophisticated (and more easily detected) devices with access to more information can also, in theory, be inserted into the computer itself. The disadvantage of hardware devices is that placement and retrieval requires physical entry into the place where the computer is stored, and thus almost entirely restricted to law enforcement agencies equipped with search warrants.

It has been shown that it is possible to surveil a computer from a distance, with only commercially available equipment, by receiving the radiation emitted by the CRT monitor.

Installing the surveillance software

The simplest way to place surveillance software on a computer is to gain entry to the place where the computer is stored and install it from a compact disc or floppy disk. This method shares a disadvantage with hardware devices in that it requires physical access to the computer.

A more difficult method is to package the software as a computer virus or Trojan horse. This tactic has the advantage of potentially subjecting multiple computers to surveillance. However, if the virus is allowed to proliferate, it will become a target of antivirus programs, which will allow the software's removal from affected computers.

Another method is to use security cracking to gain access to the computer over a network. An attacker can then install surveillance software remotely. Servers and computers with permanent broadband connections are most vulnerable to this type of attack.

Protection against surveillance

A firewall controls network access to a computer, offering protection against crackers. Unless it controls outbound communication as well, this offers only very limited protection against surveillance.

A highly attractive surveillance target may face highly skilled attempts at physical entry to install software or hardware. Thus, to be truly protected, it should take measures such as reinforcing doors, windows and other potential entry points. Password protection can also be effective, particularly if provided by the BIOS during booting.

Protection against remote surveillance of radiation emissions is more difficult. The United States government's TEMPEST program is a standard of protection against eavesdropping of this nature. Non-CRT displays (such as LCD's or plasma displays may be impossible to surveil in the manner. Some software (Soft TEMPEST) has been designed to alter fonts to minimize radiation. The only certain measure is the purchase of a specially shielded monitor.

Related topics