>>molecu+(OP)
To me, Comey is a man who has lost the goal in pursuit of his particular mission.

Defense, intelligence, policing, all these things exist in order to uphold the constitution, protect the "American ideals", etc. Many of his statements pretty directly show that he doesn't care about the collateral damage to innocent people's privacy or any founding principles, he just wants his mission to be unhindered. It's the same mentality behind police forces wanting to make their job less dangerous and more straightforward, by escalating use of force and trampling rights.

With this hypocrisy, as has come many times before (congress shocked and demanding privacy when the CIA spies on them, for instance)... I can only shake my head. Come on.

Encryption is our webcam tape.

>>molecu+(OP)
I don't really understand the webcam paranoia. If my computer is completely compromised, somebody watching my face is the least of my worries.

>>comboy+41
It's about risk/threat minimization

>>comboy+41
To me it's not about the computer being compromised, but rather joining a WebEx/Hangouts/other conference/meeting software that suddenly decides to start sharing your webcam without prompting you.

There's been numerous times where I've joined meetings and someone gets caught with a goofy face or working from home in their PJs because they mis-clicked something on a crappy e-meeting UI.

>>molecu+(OP)
>"I saw something in the news, so I copied it. I put a piece of tape — I have obviously a laptop, personal laptop — I put a piece of tape over the camera. Because I saw somebody smarter than I am had a piece of tape over their camera."

Such a telling statement. It's my belief that this man does not adequately comprehend the magnitude of the issues at hand. General Hayden, on the other hand, is a man whom I believe to actually understand the technology that he was charged with professional addressing.

>>molecu+(OP)
So does my mother. She is able to coherently explain why, though, and isn't a massive hypocrite when she does so.

>>molecu+(OP)
Trust me, I wouldn't.

>>molecu+(OP)
So even the FBI can't protect their networks?

>>kobaya+p1
Hayden understands technology like a politician understands rhetoric. He's a snake.

>>molecu+(OP)
I'd be interested in finding out how many people do this with the front facing camera on their phone. It seems to be a much lower percentage than those who do it with their laptop webcam (from what I've observed at least).

>>awqrre+V1
From HN 3 days ago: "FBI Says a Mysterious Hacking Group Has Had Access to US Govt Files for Years"

https://news.ycombinator.com/item?id=11433178

>>comboy+41
It also covers the lens from dust, smears, etc.

>>comboy+41
The first Apple iSight cameras, back in the days of Firewire, had this nifty mechanical iris that covered the lens. A twist of the bezel ring and it opened, another and it closed.

Granted, just that feature was 6 times the volume of a modern webcam and probably three times the cost, but it did perfectly address people's discomfort with the eye staring at them.

For some reason, the ear listening to them doesn't seem to evoke the same reaction. I don't know anyone that tries to deafen their microphone.

>>molecu+(OP)
Don't almost all cameras activate their "on" light when being used?

>>molecu+(OP)
If it's a company laptop, put tape on it.

>>CorpOv+i1
I used WebEx meetings for the first time very recently and was rather frustrated by this as well. Quite a few of my colleagues had the exact same issue, and there were quite a few surprised people showing up on the camera after clicking the camera icon after mistaking the preview as broadcasting to the meeting.

>>billhe+W2
It seems reasonable to assume that a bad actor who is able to gain access to a computer's webcam could also override the software that activates said "on" light.

>>jws+L2
All it takes is a toothpick.

>>billhe+W2
Yeah, but you may not notice it if it takes a snap and then turns off

>>CorpOv+i1
Yep that's why I do it. I don't take it off either. Voice is good enough for anything remote.

>>jws+L2
Exactly, microphone provides much more useful information and requires similar permissions. Not many people seem to be unsoldering them.

Regarding webcam, led is OK, but it shouldn't be driven by some firmware, it should be a simple circuit - when there is a voltage on the camera Vdd, the led is on. I don't know how it is with the newest macbooks and if the led is still hackable.

>>billhe+W2
Yes, as long as someone hasn't figured out how to turn it off.

>>billhe+W2
Like phones, most laptop webcams have no "on" light.

You have to trust that the software you have on your device isn't using the microphone and camera without your permission.

>>molecu+(OP)
All these little wires [0] emit electromagnetic radiation that be intercepted and turned back into whatever you see (and more).

Despite what you read on Hacker News no amount of encryption or software trickery is going to stop this.

[0]: http://imgur.com/IHXKlNw

>>jws+L2
And then there's the accelerometer ;)

>>worker+X2
What are you doing while using your company laptop???

>>molecu+(OP)
I care about audio so much more than video, and text/keys/etc captured from the machine even more. As long as my screen and keyboard are out of the frame of the camera, I don't really care about it getting RATed. At worst, you'll see me naked, or making angry/etc. faces at someone on irc or email. While embarrassing it would be less bad than most of what you could accomplish by stealing actual information.

OTOH, carrying around a microphone connected to the Internet which can be remotely enabled at any time without leaving any real trace (battery use/network use is the only real sign, although even that could be covered up to a great degree -- there is probably a way to do either low-fidelity or infrequent audio pickup, maybe keyed on location and charger state, and on-device pre-processing) -- people do this all the time Mostly because there's no real alternative to carrying smartphone yet.

Plus, of course, there's the fact that no modern desktop OS is particularly secure -- either you give up auto-updates and likely fall to bugs, or use auto-updates and are at risk to your OS vendor or anyone who can compel him. So sensors attached to it, as well as stuff processed on it, is also at risk. You can somewhat mitigate this through a large combination of other protections, but it's almost impossible for a single user single machine to solve that problem.

I'd love a custom run of Dell Chromebook 13 or Lenovo Thinkpad 13 Chrome Edition with no built-in mic/camera, and an EPROM vs. EEPROM, and some special case features. Would be willing to commit to buy 10k units at ~$800/unit retail in 8-16GB x 32GB config.

>>kobaya+p1
> "Because I saw somebody smarter than I am had a piece of tape over their camera."

And there's (tens of) thousands of people smarter than you telling you how wrong you are about encryption, yet you're ignoring them.

>>mrep+w3
you don't wanna know...

>>mwti+r3
I like to believe that converting those EM signals back into something useful is beyond the ability of current technology, but I'd be happy to be proven wrong

>>kobaya+c1
It seems like a losing battle though. Small embedded cameras are becoming too widespread and you can't put tape on all of them. I think looking forward it's not unreasonable to rely on software controlled switches to minimize this risk, knowing that they will fail or be exploited sometimes anyway.

>>billhe+W2
A lot of people ask why the light isn't automatically turned on when it's in use. I think the problem is it's easier to turn it on through software than hardware. Plus, if you can treat the webcam as just a microphone, then anytime a device accesses the microphone (games for example), the light would turn on. Not a problem, per se, but the light would be turning on and off a lot if you use a push to talk game. Something that might cause people to make it so they can just turn the light off. Of course, this is all just speculation.

>>rdl+D3
Did I understand what you said at the end correctly, are you willing to commit to buy 8 million dollars worth of laptops?

>>billhe+W2
There's this https://jscholarship.library.jhu.edu/bitstream/handle/1774.2... [PDF]

>>colejo+Q3
This has been a known/practical attack for decades. OTOH, it does require physical proximity, although you could probably do it with a remotely controlled sensor at an intermediate location near the target.

What would be terrifying would be if someone could figure out how to do this attack via software compromise of some hardware sensor system already present throughout the environment; say, a way to repurpose a wifi chipset to pick up nth-order harmonics off a keyboard bus or something. Then, remote-root of some lesser machine could be used to spy on a hardened machine.

>>shurco+X3
Yes. (and then sell them, obviously, ideally for much more than $8mm)

>>tonmoy+63
Easy enough to make it stay on for some reasonable number of seconds after each use.

>>mwti+r3
Yes, carrying around a backpack with all of the receiving kit, and then processing it remotely or in the same kit. Most studies are done under idealized conditions as proof-of-concept for now. If they are close they can grab enough data, but it is still not 'there' yet to be ubiquitous; it will be soon though. That being said, I use tape at work, and at home on my forward-facing cameras, simply for privacy insurance. Those wires don't show a masked image. Even the best image re-construction or processing algorithms need more data, although you'd be surprised how much data can be extrapolated from semi-transparent Scotch tape over your camera! Maybe you think it's ok if somebody wants to RAT you, but don't forget, some of the photos released or used for extortion are of your SO, or other loved one in the background walking around naked, or doing something embarrassing. I don't care if somebody wants to RAT me this way; they'll go blind, and they must have nothing better to do!

>>colejo+Q3
https://en.wikipedia.org/wiki/Van_Eck_phreaking

Have you heard of this?

Video demonstration https://youtu.be/ZZ5HS8GWIec?t=1m45s

>>shurco+X3
Thats what happens if you take your privacy seriously. You buy one-off Laptops that you can use like paper tissues.

>>comboy+41
If someone hacks into my computer and steals my CC info, I can very easily remedy that situation by calling the bank. Hell, my bank will probably notice before I do. I'm not even liable for the fraudulent transactions. The same is true to varying degrees of inconvenience for most information.

If someone hacks into my computer and takes videos of me in the buff (or worse, in an intimate situation) and posts them online, I have no remedy. The Rubicon has been crossed. The ship has sailed. The cat is out of the bag. You get the point.

Spare me the lecture about nudity and sex being a stupid taboo. If the world was how I wanted it to be, a lot of things would be different. You have to deal with the reality you live in.

>>rdl+34
That was done a couple years ago

"IN THE AGE of surveillance paranoia, most smartphone users know better than to give a random app or website permission to use their device’s microphone. But researchers have found there’s another, little-considered sensor in modern phones that can also listen in on their conversations. And it doesn’t even need to ask."

http://www.wired.com/2014/08/gyroscope-listening-hack/

>>colejo+M3
Exactly

>>jd3+32
I have no reason to believe that he's a snake - quite the opposite. He seems to be a man with strongly held convictions and a keen eye for reason. I certainly don't always agree with him, but he's thoughtful and thorough, as can be observed from his many interviews and his recent book. I can respect a person without agreeing wholeheartedly with them, and such is the case for Hayden. Comey, on the other hand, seems to be a one-track-mind kind of guy; a personality that is associated with the worst kinds of cops.

>>jws+L2
The old Sparc pizza boxes had a physical switch on their external microphones as well.

>>white-+L
This is a pattern you see in a lot of high-performing people.

They aren't particularly interested in the 'big picture'. They may say they are, they may think they are, but on a practical, day-to-day basis, it's irrelevant. They know the mission of their organizational unit, they know the goals that need to be accomplished to achieve that mission, they know the metrics they need to hit to advance within that organization, and they are adept at focusing their full attention and energy on whatever task is in front them that leads directly to those ends. It's a personality type that thrives in large organizations - government, private, whatever - and to a certain extent its necessary to make large organizations work, but the risk is that you end up with people wielding significant power who behave like wind-up dolls.

>>JohnTH+p3
you and i have very different experience with webcams. i have yet to see a webcam without an indicator led in my life.

>>molecu+(OP)
I put a tape over the camera on all my laptops. It's just basic security measure.

>>ww520+m5
Or is it basic paranoia? Who draws the line where?

>>molecu+(OP)
tin. foil. hat.

>>molecu+(OP)
Ever seen Whitfield Diffie's Laptop? ;) http://www.zdnet.com/article/how-sticky-tape-can-secure-your...

>>rdl+D3
That custom run you've described sounds like exactly the sort of "interesting" order I'd like to intercept and backdoor (as part of NSA's TAO or some other yet unnamed organization).

Personally I'd prefer to buy off-the-shelf hardware and just snip the mic and camera.

>>rdl+D3
Some laptops already have physical switches for wireless connectivity, couldn't you just add one of those that cuts power to the onboard microphone and camera?

>>molecu+(OP)
I've been telling friends and family to do this long before the Snowden revelations (as well as disabling their computers internal microphone). Many of them mocked me about the shine on my tinfoil hat. They don't do so much mocking anymore.

>>robert+L5
It's not that uncommon. EFF sells a sticker set specifically for this purpose: https://supporters.eff.org/shop/laptop-camera-cover-set

>>JohnTH+p3
Have there been any documented cases of an iPhone's camera or mic getting hijacked?

>>molecu+(OP)
EFF sells a sticker set specifically for this purpose: https://supporters.eff.org/shop/laptop-camera-cover-set

>>comboy+41
Some people want to take additional assurances that they won't be blackmailed with explicit footage or find themselves on a revenge porn site. That sort of thing can make identity theft pale in comparison.

Another aspect to consider are devices used by children. Tape should be pretty much requisite.

>>nyolfe+c5
I agree, I can't recall seeing a laptop cam without an indicator led.

>>nyolfe+c5
I'm pretty sure his meaning was that an "indicator led" is not the same thing as an "on" light. A usb webcam is on as long as the host is providing power, the led is on the honor system - completely implementation dependent. My $2 dynex lights up when accessed in Windows, but I can easily pull images from it in linux without the led coming on - it is driver controlled. It wouldn't be hard to modify the windows driver, or write your own.

>>jd3+32
I recently had the chance to meet Gen. Hayden. He is quite competent and could hold his own in a technical discussion at a high level. He understood the minutiae of the Clinton email scandal and shared some insights that made me reconsider my view on the issue.

>>everly+82
You would find ioerror's cell phone project interesting: https://people.torproject.org/~ioerror/skunkworks/moto_e/

>>dsl+87
What was your view on the issue?

I had read that they didn't even have SSL on the box for some time after it was up and running.

>>molecu+(OP)
Every corporate laptop I've worked with has the camera and microphone physically removed.

If needed for a function, a USB camera and/or microphone is applied for through various chains of approval, and plug-in pull-put tracked.

>>dsl+87
Not sure if you're at liberty to say, but if you are I'm interested in what he had to say about the emails.

>>molecu+(OP)
> "absolute privacy" hampers law enforcement.

"We hold these truths to be self-evident, that all men are created equal, that they are endowed by their Creator with certain unalienable Rights, that among these are Life, Liberty and the pursuit of Happiness.

"That to secure these rights, Governments are instituted among Men, deriving their just powers from the consent of the governed, ..."

Sorry man, you were instituted to serve me, at my consent and pleasure, not the other way around. You have the make the case to me to do what you want, not the other way around.

>>nyolfe+c5
My just retired Acer laptop has no such light. My HP Windows tablet I use with a bluetooth keyboard doesn't either.

I checked and my new(ish) XPS 13 does have a tiny light when you use it as does my ASUS 2-in-1.

So I'm at 50-50 in my collection. I asked my girlfriend and she doesn't recall there being a light on her Toshiba laptop and she does Skype with it semi-regularly.

>>dsl+87
At the Hoover Book Soiree? I heard great things about it.

I'd love it if you might share what he mentioned about the email scandal, as it's one of the few current political events that I haven't followed in great detail.

>>drvdev+R3
Still, I'd say my comment stands. It's about threat minimization. Reduce the attack surface by covering the cam.

>>brbsix+46
Yes, but there are solutions to this (cut-and-choose, published specs, etc.)

>>50CNT+f6
Some Lenovo ThinkCentre all-in-one PCs have a physical sliding webcam cover, and you can see at a glance what position it's in. Microphones are harder to handle in such a low tech way, though.

>>50CNT+f6
That is already out there too, with Purism Librem laptops.

The commenter you're replying to would be better off giving his money to a company that puts privacy (and FOSS) above all else, instead of trying to bribe a lost cause (let's not forget about the 3 times Lenovo has been caught with nasty factory-installed malware on their consumer laptops).

Here's the Librem laptop homepage: https://puri.sm/products/

>>sudoju+T8
Purism is a joke - they rely on binary blobs like everybody else. It's an overpriced laptop with a fancy marketing campaign - might as well buy a Lenovo.

>>mkl+J8
Shorting the two wires of the mic together with a low-value resistor will do what you want, or you can have a physical disconnect switch. It's very easy to modify a mic in this manner if desired. You can even have the switch built into the sliding webcam cover. On digital mics it's a bit more complex to mute without disabling, but the brute force solution is to disconnect their power line in the same manner. Then again, you now have to watch out for things like accelerometers in the board or hard disk which can reconstruct keypresses or act as a very low quality microphone.

>>molecu+(OP)
Comey: "Because I saw somebody smarter than I am had a piece of tape over their camera."

Snowden?

>>molecu+(OP)
So 21st century.

If this was 20 years ago, headline would read: "The FBI Director Puts Electric Tape Over His Blinking VCR Clock"

>>blackb+K4
Yeah... if you really do promote based on who's done what's best for the org, and it's sufficiently competitive, such that it's always between people who had a lot to give who gave their all, eventually all the other bits are stripped off, and it's just a cosine between the vector of you and the vector of the next step.

>>rdl+54
You think there is a market for 10k of those? </sceptic>

>>rdl+D3
All smartphones now come with programmable low-power audio recognition DSPs for always-on "Hey Siri" and "Ok Google".

So it's here.

>>colejo+T3
Just make it have a 3 second fade time where instead of the LED being at 100% intensity, have it as 75% intensity so it's not distracting by coming on and off.

>>everly+43
Most laptops have them wired in hardware, i.e. you can't power on the webcam without the circuit also lighting up the light as a side effect.

>>Drdrdr+x9
Not as random laptops, no.

>>CorpOv+i1
Yep, I just joined a early morning meeting via webex recently and accidentally revealed to about 20 people from around the world what I look like without a shirt on. It's not pretty.

>>zhte41+D7
I bought a Lenovo Thinkpad 450S about 6mos ago and configured it without a webcam/mic.

>>blackb+K4
> they know the metrics they need to hit to advance within that organization

This is really the one.

It seems like the country is in a crisis of metrics. Nobody trusts anybody to do their job anymore so everything has to have a surrounding bureaucracy with the stated purpose of keeping everybody honest but having the actual consequence of setting many misguided and contradictory rules and then strictly enforcing an arbitrary subset of them.

The people who succeed are then the people best able to game the bureaucracy rather than the people who are honest and good at their jobs.

That is basically how the Soviet Union fell. Something has got to change if we don't want to be next.

>>molecu+(OP)
I think it's a big stretch to compare this to uncrackable encryption. While the piece of tape makes one avenue of surveillance impossible, it doesn't block them all. If law enforcement needed to surveil him in the same way that a webcam could, they could get a court order and place a camera in his home.

Uncrackable encryption, on the other hand, blocks all possible avenues of surveiling the desired communications. That isn't a bad thing, but it is different than placing tape over a webcam. I am definitely a proponent of government-proof encryption technologies, but grasping at straws trying to call this guy a hypocrite seems like a wasted effort to me.

>>Klimen+f9
That last point is interesting. Even with an RF detector, an accelerometer may act as a cheap room bug. Heck, if automobiles use them to detect when an airbag should be deployed, why not just use them as bugs in cars? Now I'm scaring myself.

>>molecu+(OP)
This can't be unfamiliar to the director of the FBI. I have tape on my laptop cameras placed there by intelligence agencies as a prerequisite for bringing my laptop inside their security perimeter, albeit in a quarantined space.

The reason I was given for the tape when asked was interesting, since they obviously didn't care about the microphone. Supposedly it was possible for the camera to capture people in the facility in the background and through glass that could be matched with facial recognition. The very fact that certain people were seen inside their facility could be sufficient to expose secrets they wanted to protect. Audio, on the other hand, just captures ambient noise in quarantined spaces which isn't that interesting since the discussion is not classified. In that sense, the camera has much greater range than the microphone. Which makes some sense.

But surely the Director of the FBI would know this.

>>rdl+3a
If you see a market oppurtunity like this, I suggest you go for it. There are many companies which will make you a custom laptop for such a quantity. Good luck!

>>rdl+D3
> Mostly because there's no real alternative to carrying smartphone yet.

And yet somehow, I manage

>>50CNT+f6
At work, two of our users have Asus notebooks (I forgot the model, though) where the "On/Off"-switch for the camera just moves a piece of plastic in front of the lense. Maybe it also turns of the camera, but once the lense is covered it doesn't really matter any more. I like the idea, and since it must be rather cheap, too, I wonder why not more companies do this.

>>kobaya+p1
I went back and watched his whole talk. His entire appeal is that everybody arguing against him is stuck on emotion and won't let go of their incorrect notions. He characterizes all those arguing against him as lashing out that gubment shouldn't be poking into their tweets and instagrams, and that they are being irrational and need to open up their minds. He believes that all the people at technical companies are falling back to this emotional trap and won't actually address the greater issue of balancing privacy and law enforcement.

He really doesn't understand the actual underlying argument, which is the technical and mathematical fact that a system will either be unreadable by global 3rd parties, or will be readable by global 3rd parties.* It truly is either fully secure from both criminals and government, or it is open for criminals and government to have unchecked free access to our data.

The guy studied chemistry. It's not a "conversation" whether or not particular chemical reactions occur under particular conditions, but fact. Similarly, this is not a "conversation", but fact:

The reality we are faced with is that this easily accessed global communication network carries and connects to basically everything private and public, and all our knowledge of encryption leaves us without a viable "government only" access tool to data.

Any conversation needs to start from the recognition of that technical reality, not before. Comey is tossing this impossible request over the wall to tech companies, completely acknowledging he has no idea how any of that works but that they'll "figure it out", and views that as the way forward.

[* = This is considering that breaches of a mandated government-only back-door to encryption will inevitably happen, be it a leak of keys, attacks on the algorithms, or international information politics weakening the system as a whole. The precedents for these scenarios are plenty.]

>>rdl+D3
My mother used to be a police officer, and she once came back from a visit to the department of the interior in our federal state (of Germany) and told me about a room they had there (maybe several) for meeting where sensitive issues are discussed. What sets them apart - among other things, I guess - is that there are no phone lines, no network, and for meetings people are not allowed to bring telephones/smartphones, tablets, or computers of any kind.

So, yes, the audio thing is something to worry about.

>>molecu+(OP)
Best surveillance film ever http://m.imdb.com/title/tt0071360/

>>molecu+(OP)
Genuinely funny song on the issue : The Government Knows - Knower : https://www.youtube.com/watch?v=4zH9Zca1vRM&app=desktop

>>rdl+54
This is a perfect scenario to test the demand will kickstarter

>>molecu+(OP)
no-one tell him the mic is still always on

>>molecu+(OP)
How stupid do you have to be to doubt the security of your laptop enough to put tape over your webcam, but not enough to stop using it all together. If you are concerned that your laptop might be compromised, then you should stop using it. If hackers have access to your webcam, they most certainly also have access to your keyboard, mic, and every file on your system as well. So, what you are basically saying to the world is you don't care enough about your personal communication, files, and speech to properly secure your laptop, but by god, no one shall see you in front of your laptop. It's like sitting in a car that's on fire and saying to your self: "I know, I'll turn on the air con!"

>>x0054+cf
"Stop using it altogether" isn't a viable option, because it's not this particular laptop whose security is questionable, it's every laptop.

>>leeree+rf
That may be true, but again, what do you care about more, your files and key strokes, or your webcam. If you have tape over your webcam but you still use online banking, you are a fucking idiot. You either have faith in the security of your computer, and log into your bank (risking hackers stealing all your money) or you don't. But if you don't think twice about saying anything you want in front of your computer or logging into your bank, but still chose to have type over your camera, I am sorry, but you are a idiot.

>>x0054+Uf
If you have that much faith in the security of your computer, you are "an idiot". That's not within your control.

It's not dumb to take whatever precautions you can.

And people do worry about having their pictures taken. Remember the scandal when a school took pictures of children undressed at home with their laptops' cameras?

https://en.wikipedia.org/wiki/Robbins_v._Lower_Merion_School...

>>molecu+(OP)
Is it just me or is there at least one other person laughing their ass-off. Honestly, I am not sure to know if I am laughing at or feeling sorry for the FBI director. I felt that the director of FBI would not be scared of anyone monitoring him.

>>colejo+Q3
The NSA publishes standards for how to protect against this kind of attack: https://en.wikipedia.org/wiki/Tempest_(codename)

We can speculate about whether the tech exists, but read their guide to securing your Red Hat box and decide for yourself how good they are at publishing defense against attacks they won't tell you about: https://www.nsa.gov/ia/_files/os/redhat/rhel5-guide-i731.pdf

>>leeree+2g
Yes, I read that story. But you are missing the point. I do not trust in the security of my laptop implicitly, or any laptop for that matter, but I weigh my risks proportionally. I care a lot about the security of my laptop because I care about my bank accounts, my files, and things that I discuss in the privacy of my own house. Out of all those things, people stealing pictures of me in front of my computer are not even on the horizon of my concern. If you have my bank account, all my passwords, and all my files, why the hell would I care if you also happen to have a picture of me in my underwear? The problem with the tape over camera "solution" is that people feel safer when they have tape over their webcam, and they should NOT feel safer, because, unless you are a celebrity, no one gives a flying fuck about your pictures. Tape over webcam my FEEL safe, but it's dangerous when it's "implemented" instead of actual diligent computer security. I know, anything can be hacked, no matter how careful you are. But some tape over your webcam isn't going to stop it, or mitigate the damage in any significant way when it does occur.

>>HappyT+M9
Some laptop do. Most? I'm not so sure of that.

>>molecu+(OP)
I am using a small sticker from some apples brand.)

>>x0054+zg
You may not care about naked pictures, but many people do.

They aren't idiots for realizing that humans are, above all else, sexual animals.

>>rdl+u8
> cut-and-choose

So, OEM buys 10k units, chooses a few samples and tests them. Then he sends all the units on to his logistics warehouse to fulfill customer orders. The shipment from the testing facility to the warehouse is an interesting target now. Alternatively, the outgoing orders from that logistics warehouse.

An induvidual customer buying one laptop is no closer to his goal of ensuring no outside party tampered with it.

> published specs

I'm curious how published specs help a regular user verify his laptop does not contain manufacturing backdoors.

I've seen many suggestions for hardware integrity, but none of them enables the end user to verify that his hardware exactly matches with the published schematics/ASIC masks. They all simplify the problem description to only reach part of the way, requiring trust on part of the end user in all the later links in the chain. Or they just assume that the customer is buying 10k units - which does nothing to help individual end-users.

>>leeree+Ng
If putting tape over your camera makes you feel safer, by all means go for it. My guess is though, given that you are on HN and such, that your security efforts didn't stop at pealing some electrical tape and applying it to your laptop. The problem is (anecdotally, in my experience) many peoples efforts stop right there. The FEEL safer without actually being safer. This boils down to perception of safety vs. reality of safety. This is how they sold us the patriot act, because it felt safe. We need to stop feeling safe and actually make efforts to be safe.

>>x0054+Ih
Getting back to the context of this post:

I'm sure putting tape over the camera isn't the only security precaution the director of the FBI has taken.

>>sreena+kg
Nation state spies, criminal groups, insiders that want to whistleblow, etc. etc.

>>Drdrdr+x9
I'd seriously consider it. It would not be a sole criteria, but it is important to me.

>>rdl+D3
> no built-in mic/camera

Most people would settle for a physical switch, that is, a switch in hardware.

>>Klimen+f9
> things like accelerometers

Personally, I am not worried about quite sophisticated attackers. When securing my house I'm worried about run-of-the-mill burglars, and this is like that.

>>molecu+(OP)
I used to have a piece of tape on my webcam. But I figured that it couldn't possibly be so interesting to see my face, so I took a different strategy, and moved the tape piece 1cm to the right, so it covers the led indicating if the camera is in use. I don't trust that LED anyway, and if someone should peek at me, I do not want to be made aware of it (and thereby distracted)

>>jimhef+fi
Switch would be the best, as long as it is a physical switch that physically disconnects the whole module. Not the kind that is typical nowadays, that only reports its state to the firmware which then decides what to do.

>>analog+a9
I think they were referring to the part where it says

  Mic/Camera hardware cut-off:	Yes

>>molecu+(OP)
While it's not reasonable to ask this of everyone, it would seem to me that if anyone should strive to have "nothing to hide" it would be politicians and people in positions where they are definitely under foreign surveillance.

Like okay, they have to do deal with classified material and sensitive things - but there is a time and place for that and I trust the FBI director doesn't use his personal laptop for work.

He should be basically streaming his video camera on the internet for everyone to see - b/c the people that want to see it probably will

>>jws+L2
People don't react the same to audio because when we got on a call, audio is presumed to be on, while we may not be prepared or video. And when we're not on a call, chances of being caught saying something embarrassing is lower than chances of being caught in an embarrassing state of undress etc.

>>molecu+(OP)
I wonder what he uses as a (Smart)phone, if he uses any at all. Since there are very few with physical lens cover for the back camera, and probably none covering both (the front camera and the back).

Recently, I have got back to feature phone after decade long struggle with several smartphones, keeping all on my desk for app development purpose only. I hope Comey would follow me. If not doing it now. ;)

>>x0054+Uf
"But if you don't think twice about saying anything you want in front of your computer or logging into your bank, but still chose to have type over your camera, I am sorry, but you are a idiot."

Not necessarily. Maybe an adversary having naked pictures of you (or seeing your affair, or whatever) causes you more (financial?) trouble than what is on the bank account.

>>molecu+(OP)
There are actually smartphones and laptops where you can close the camera with an integrated sliding window. I don't know of such a thing for integrated microphones, but Thinkpad's bios allows disabling mic and camera, though if you don't trust bios's software switch, I'd recommend pulling the internal cables. Then you can connect a USB headset and/or camera on demand, knowing there's no always-on mic.

But, since even Windows desktop edition has Cortana these days, I'm afraid mic will be harder to disable in newer machines.

>>everly+82
I recently did it with the front facing camera of my phone. The back facing camera always points into the table. I feel uncomfortable undressing myself with that 'eye' staring at me (crazy times we live in ;p). I mean, this is one of those security measures that cost you basically nothing (a sticker) and can save you a huge ache in the unlikely case that someone is actually recording - why not do it?

>>HappyT+F9
A co worker is heading to Las Vegas next week and we chatted about it yesterday. My Facebook ads are now advertising Las Vegas night clubs.

>>Drdrdr+4c
The problem is the brand specification. Nobody wants unbranded laptops.

>>Kenji+Mk
That seems a little silly to me. A laptop camera is normally facing into the room, but the camera on your phone will normally be facing upwards, so surely you have nothing to worry about unless you are standing naked over your phone.

Actually, that's given me a great idea to secure my phone from hackers. Stand over it naked and waggle my sack about - that's one camera they'll never ever hack again lol

>>rdl+D3
Why would you use Chrome if you're concerned about privacy?

>>white-+L
Something else to consider: Comey is also the man who famously rushed to the bedside of a very ill John Ashcroft who was being asked by Alberto Gonzales to reauthorize the warrantless wiretapping [now known as STELLAR WIND] to stop it because he felt it was illegal. Like he actually threatened to quit and was acting AG. [1]

I'm no way trying to defend his agency's actions on encryption - it's chilling and probably one of the most important and defining issues of the information age. Only adding this to point out that people are complex and not black and white and their motives and beliefs and actions can sometimes be in conflict and cognitively dissonant.

1 http://www.washingtonpost.com/wp-dyn/content/article/2007/05...

>>kobaya+D4
I am hesitant to engage at this level, but - you just couldn't be more wrong about Comey. I know him to be every bit as thoughtful and reasonable as your glowing description of Hayden. That doesn't mean I agree with all of his positions, but he is one of the smarter people I've met, and I do not believe that is an indication of how sheltered my life has been. I also know him to be perfectly capable of acknowledging when he's gotten it wrong, and generally willing to admit it, change course, and move on. That leaves me fairly optimistic about how this whole mess will turn out. In any case, you taking this instance, and something you obviously feel strongly about, and using it to craft barbs about "the worst kinds of cops" - well, frankly that's exactly the kind of emotional hyperbole that will continue to make rational discourse here difficult. This sort of frothy angst distracts from otherwise potentially reasonable arguments, and probably makes dismissing them seem more reasonable. Can you see how that might be happening here?

>>vinceg+Nl
I (anecdotally) disagree. I'd love to have a good-spec laptop that had no logos or branding on it.

>>nyolfe+c5
I recall a blackhat video on YouTube where they could access webcams and disable the LED, having a LED isn't a certain indication unless you know that it's not software activated. I have a Logitech and was able to control the LED using information given at the time ... can't recall the details now sorry.

A quick search on security.stackexchange reveals similar info.

>>Anthon+1b
Wish I could upvote you a million times. Many supposedly capitalistic organizations are in fact like miniature Soviet Unions.

>>molecu+(OP)
NPR suggests people in the director's position have a more legitimate need to cover their webcams "... It's certainly not unreasonable to worry about webcams, especially for someone as high-profile as Comey"

And teenagers?

There is no mention in the article of the "Lower Merion School District" case where school officials were spying on teenagers through their webcams in their rooms.

Call me old fashioned, but I think that's an important case for the general public to know about when discussing webcam privacy...

>>sbarre+Fn
Agreed. I love Apple's hardware (much more than their user interface), but I dislike being in public with a giant glowing half eaten apple.

>>Digit-+2m
Every time you use your phone your camera is on your face. Facial microexpressions could be automatically detected and analyzed based on the content the user was viewing at the time. This information could provide a detailed emotional picture of the individual as it relates to different stimuli.

>>sbarre+Fn
It's not so much the logos or the branding, it's the build quality. I used to run Ubuntu on old ThinkPads, ditched it like an ugly girlfriend once I could afford a Macbook Pro. Old ThinkPads were a step up from commodity PC laptops, which were a step up from desktops. In a brief fit of FOSS zeal I bought a System76 Galago Pro, but the build quality was so inferior to a Macbook Pro that I relegated it to desktop duty. If I felt the need to move off of Apple hardware for whatever reason for my primary ride, it'd be back to a ThinkPad.

Rdl specified Dell or Lenovo also for the reason that the supply chain for those two ecosystems are well-developed enough that providing customer support won't be a huge hassle.

>>rdl+D3
You can just buy the laptop and disassemble and cut the wires to the webcam and microphone.

>>icebra+Cg
Do MacBooks?

>>molecu+(OP)
He should NOT represent FBI as long as he puts tape over his webcam;

>>mclovi+hb
Heck, if automobiles use them to detect when an airbag should be deployed, why not just use them as bugs in cars?

AFAIK the airbag accelerometers are designed to detect much larger accelerations than e.g. the ones in a smartphone, and are thus essentially completely insensitive to anything lesser than a huge impact -- spurious airbag inflation is one of the things the manufacturers really, really don't want to happen.

Many of them are just mechanical switches actuated by a weight, with no active electronics (makes sense for such a safety device to be as simple as possible): https://www.youtube.com/watch?v=mWSlwhYyOhI

And even when not impacting anything, a car is not exactly a quiet and vibration-free environment either...

>>nyolfe+c5
You have not seen these?

http://www.amazon.com/Logitech-961237-0403-QuickCam-Messenge...

10+ years ago they basically defined what a webcam is (search "webcam icon" and observe the symbology --- appropriately eyeball-shaped), and they don't have any indicators.

>>dforre+Nk
Or your coworker searched for or mentioned going to Las Vegas on Facebook and you are connected on Facebook as friends, by location on netblock.

>>SixSig+Dc
Well, if you manage it by using feature phones, I have bad news for you...

But if you do indeed manage to not carry a mobile phone at all, yep, you are safe.

>>Reedx+et
Not the 2008 model. I don't know about newer ones.

"iSeeYou: Disabling the MacBook Webcam Indicator LED"

https://jscholarship.library.jhu.edu/bitstream/handle/1774.2...

>>molecu+(OP)
For a while there, when built-in webcams weren't quite as common, my employer would either remove the camera completely or, if that wasn't possible, they would smash the lens and sensor with a metal punch.

They eventually quit (now we can use Lync to do video calls, even) but a lot of people now put little sliding windows over their cameras (you can get them at conferences these days, branded with the Splunk logo or whoever's giving them out)

>>tlrobi+o6
They're really nice, too. Thick enough to block almost all light. And Post-It Note-like glue, so you can remove and replace the sticker occasionally.

>>jws+L2
Early SGI cameras had a physical lens cover, too. I wish that were still the norm, although I certainly see how hard it'd be to build into the frame of a thin laptop.

>>jacobu+gp
Bureaucracy and hierarchy are the same no matter the ideological varnish.

>>thotpo+on
Might you share an example of what leads you to believe that Comey is capable of acknowledging when he's gotten things wrong, changing course, and moving on? I've never had the chance to meet him but even General Hayden's remarks on Comey seem less glowing than yours. For example, while Hayden does describe Comey as a "very competent" and "very honourable man", Benjamin Wittes, in a conversation with Hayden, described some "not so veiled hostility to Comey" in Hayden's recent book [0]. Hayden has, in my view, been able to weigh the national security benefits on encryption alongside the national security risks. I've never once heard Comey speak with any degree of clarity or comfort on the issue, and has instead doggedly pursued his goal of ensuring the FBI's access into content data. Thus, I've described him as a 'one-track-mind kind of guy'.

Well, I'm not sure if my comment about "the worst kinds of cops" is necessarily hyperbolic or even emotional, but I can see how it does make having 'purely rational discourse' more difficult. Surely, a singular focus and unwillingness to consider the validity of alternative perspectives is not unique to some members of the law enforcement community, but I think that the shorthand I employed does cut to the core of my understanding of Comey; He doesn't understand this issue as well as the technology experts who, virtually uniformly, disagree with his position on crypto.

[0] Hayden did rebuff that characterization, though I think the public forum might have had something to do with it.

>>x0054+Uf
My Laptop is issued to me by my employer, and I have no control over the security of it..

I have no personal information on it

and you bet I have tape over the camera. Not just because of security, but many communications apps simply turn it on by default when you start a session... Lync, WebEx, Hangouts etc...

>>Anthon+1b
What are the alternatives? I'm honestly asking. How can I coordinate the activities of 100+ people to a common goal, without providing intermediate goals to individuals?

>>rdl+D3
How can you trust Dell or Lenovo, if you don't trust the FB I or NSA (or Chinese intelligence community)?

>>spinch+Mm
This just underscores that people are complex, fallible, and inconsistent and that we rarely have the full story.

With people like this, I'd just really like to get them alone in a room, off the record, and probe their beliefs, motivations, why they did things, etc.

I wonder what it was like to work with Comey at Bridgewater Associates.

>>alanwa+0r
Starbug (CCC hacker) recently found something even better.

You can use the reflection in the eye as keylogger for, say, PIN entry dialogs.

>>marcos+6x
I moved abroad in January and didn't have a SIM, and time went on and I didn't get a SIM and now, 5 months later, I never miss my phone.

My contract expires in two weeks, I am not going to renew it.

>>molecu+(OP)
If I were director of the FBI I'd have an internet device secured by the sharp minds I hire. Probably more than one to route through and log packets, especially outgoing ones. I'd think as director of the FBI you could even get something like that setup on your personal laptop. I've been using OpenBSD, Snort, and also FreeBSD/PFSense to monitor my networks for at least 16 years even my own personal ones. The fact such a high profile target (and his team) can't figure out technology in this way seriously let's us know how inept and incompetent they must be.

If he worries someone is watching him through his webcam I wonder how he feels about the microphone? Does he talk about top secret things in front of laptops?

>>molecu+(OP)
In Russian FSB top officials use only typewriters, and physically destroy the ribbons when done. Compare to our security officials, current and former. The political appointees who helm our security state bureaucracies bring to mind one's kindly uncle who still emails from AOL and forwards pop econ items from yahoo news.

>>krylon+md
For the interested, the US intelligence services call these "SCIFs": https://en.wikipedia.org/wiki/Sensitive_Compartmented_Inform...

>>white-+L
I don't understand why smart people have so much trust on encryption mechanisms. For any information to be useful, it has to be converted in some way. For example, if it is an image it has to be unconverted and presented as pixels in a screen. If you're typing an email it has to come unencrypted from a keyboard. Encryption only make it difficult to access the information once it is transmitted, but it is still pretty easy to create a virus or something that access the data at the moment it is used. In my opinion there are cases in which using tape on a webcam is far superior than using complicated encryption strategies.

>>HappyT+H9
So, make it "breath" like the MacBook charger light? While that's a great idea, good luck getting a company to implement that in hardware. I'm sure some privacy/FOSS focused company will come up with something, but for the majority of companies, it's not cost effective compared to just writing a driver that just tells the webcam to turn the light on and of.

>>rdl+D3
I typically buy older Lenovo laptops that I can put LibreBoot on, an open-source BIOS replacement. Then I open it up and disconnect the speakers, microphone, and camera. When I close the laptop back up, I usually place tamper-resistant seals over several locations.

For an OS, I run Whonix and have it configured so the system wipes the memory and shuts down immediately if anything foreign is attached or removed from USB.

Since I don't use any eSata or Firewire devices, if those ports exist I epoxy over them. There are too many ways to dump memory with direct DMA access.

If you were serious about a custom run of security-focused laptops, I think you would have a market for them. Dell and Lenovo just subcontract with manufacturers in China and it wouldn't be too difficult to contact one and give them the specs and do a custom run of laptops. Considering putting actual hardware switches for both the Wifi and Bluetooth.

I would certainly buy one!

>>colive+gG
While it isn't smart to assume that if its encrypted in transit, it can't be viewed by someone else on the other end, it is still necessary to have encryption in transit. You want to minimize the amount of places the data can be accessed by a third party.

>>SixSig+KD
Pretty inspiring to read, I want to throw my phone off a damn bridge most of the time.

>>colive+gG
> pretty easy to create a virus or something

Step 1: Find someone using encryption

Step 2: ???? pretty easy to create a virus or something ????

Step 3: Access encrypted information.

Why dig a well when water evaporates into the air? Because pragmatically the amount of water over time matters and what could be described in an incredibly naive way as an absolute suddenly becomes a very different scenario when looking at reality.

The NSA has tapped fiber backbones, encryption would stop them from getting information from that source.

If you think there is already no privacy, post your full name, address and a picture of yourself in the shower, I'll leave it up to you whether you want to encrypt it or not.

(Also the fact that anyone is able to store crypto-currencies pokes an immediate hole in your theory)

>>rdl+D3
It is already possible to run a VM and get 95% of the normal performance with a processor with recent virtualization instructions. My next computer will be built with this specifically in mind. I think this is an important step to better computer security.

>>molecu+(OP)
Isn't mic of much bigger importance than camera?

>>kobaya+pA
I wish I could provide such an example in good conscience, but a (very broad) NDA with a former employer precludes me from doing so. They might not mind, and he might not mind - but I would have gone back on my word, which I definitely would mind.

I know that this reduces the strength of my argument to essentially "nuh-uh!" ... sorry. But I will tell you that, when he says (in that keynote address) that he is willing to explore the possibility that he could be wrong - I believe that he is being completely honest.

As to your description of his "singular focus and unwillingness to consider the validity of alternative perspectives" - that just doesn't seem accurate at all; it describes neither this speech nor his observable approach at large. It does, however, remind me of a funny pinterest picture/quote:

"Once you hate someone, everything they do is offensive. 'Look at this bitch, eating those crackers like she owns the place'. "

>>molecu+(OP)
Honest question. Not to ignore any flame wars

I have been following this surveillance and privacy debate. I understand that encryption cannot go both ways. We cannot create back doors that are only available to the good guys. Add to this that the 'good' guys are known to abuse power.

But I also cannot deny that at certain times there are legitimate reasons for law enforcement. What solution, maybe political if not technical, can we adopt to meet the legitimate demands of law enforcement?

>>colive+gG
I got dizzy by your own confusion on this subject.

You need encryption for the same reason you need locks. Locks are not the only trick to provide you security but they are pretty much a very necessary tool. Without solid encryption you can't have a lot of the good things on the internet: online banking, online shopping, filling taxes online,...

> it is still pretty easy to create a virus or something that access the data at the moment it is used

It is not so much anymore. Viruses are getting quite harder to make, even for Microsoft Windows. And, even if you were right, you still need encryption for people that are smart enough to avoid viruses.

>>livus+KK
Cool question, I was thinking of much the same last night.

But, politically, nothing can be done because encryption and decryption is purely technical -- there is no middle ground that I see.

From a technical perspective.., the solution is also just to give the keys away. Theoretically we could give all the private keys to "just one government agency" so that no middleman (e.g. a CDN, etc) can decrypt the data, but this still 100% trusts the government with all the data.

>>livus+KK
> What solution, [...], can we adopt to meet the legitimate demands of law enforcement?

One big problem is how to distinguish "legitimate" from not. In ideal conditions you'd have a court order to do so. But what good is a court order in places where it is very hard to know the difference between a gangster and a police officer (e.g.: Latin America, Eastern Europe, Africa, ...)? How do you protect the "solution" from the bad guys when you are not sure who the good guys and the bad guys are?

>>CyberD+TI
> The NSA has tapped fiber backbones [...] If you think there is already no privacy, post [etc.]

I'm actually OK with the idea of sending my full name, address and a picture of myself in the shower to the NSA, CIA, SIS or similar, to be included in one of their databases. Because that's what we're talking about, privacy from law enforcement and intelligence agencies searching for criminals, spies, terrorists etc. To suggest that posting such information publicly is exactly the same as it existing in these agency databases is pretty disingenuous.

>>deftne+WH
How do you do the shutdown on USB change? I would like to try that out.

I would imagine, depending on how it is done, that the malicious usb device might get a few keystrokes in before the system is completely down.

>>white-+L
> To me, Comey is a man who has lost the goal in pursuit of his particular mission. Many of his statements pretty directly show that he doesn't care about the collateral damage to innocent people's privacy or any founding principles, he just wants his mission to be unhindered.

There's nothing new about this, btw. The US government doesn't care about protecting the elusive "American ideals" or your freedoms and it has been that way for decades if not hundreds of years. There's nothing idealistic about the way a government operates, regardless of country.

>>deftne+WH
A friend does something similar with his laptops ThinkPad laptops for certain applications. He disconnects/removes the microphone, camera, bluetooth module and re-flashes the BIOS with a custom version.

On some ThinkPad models, there is a chip associated with the LAN management engine (AMT) that should be disabled as well. This isn't the Management Engine controller itself, only has a power management role for AMT & WoL that cannot normally be disabled.

My ThinkPad has a physical switch for Wifi and Bluetooth, although apparently that is only window dressing and can be bypassed with a BIOS setting (& configuration tool from Lenovo)

What do you think of having a hardware firewall processor for the Wifi and Ethernet interfaces on security focused laptops?

>>colive+gG
Well, sure, when a low-tech catch-all solution exists, its usually better- the best form of secure communication is to whisper the message in the recipient's ear in a dark alley. But this is not always feasible, so we have a set of more-secure-than-plaintext methods to at least give us a good shot at secure communication other times.

>>tpalla+oI
I would never have thought I could either. I just leave it at home. I'm never far away from the internet for most of my life, the few hours without it are good.

>>microt+Yw
That's actually an interesting thing to test. If it's the speech recognition you think is suspicious, why not try to talk it into showing you something it didn't show you previously, without mentioning the thing via facebook and stuff?

I'd even try it myself, but I don't have a facebook account, or any devices with "personal assistant" apps for that matter. For the obvious reasons.

>>white-+L
> all these things exist in order to uphold the constitution, protect the "American ideals", etc

Excuse me, but you are made to believe that they exist in order to uphold the constitution and yada yada.

>>thotpo+mK
lol, good quote. To be clear, I don't hate the guy.

One of the first times I heard him speak was in late 2014 and he was essentially arguing for all the same things that he argues now: "I don't know how the tech community is going to do it, but they're smart, and they can build in secure access for law enforcement". He still completely ignores the national security implications of such a precedent, and he also ignores the fact that, over and over again, crypto experts are telling him that the community has enough trouble building secure systems at the moment, and adding access to third parties is likely to exponentially weaken system security.

>>white-+L
'I will remain loyal to the state and constitution' ... where does it say 'remain loyal to its people' ?

>>lyle_n+9N
https://github.com/hephaest0s/usbkill

>>grkvlt+DM
This sounds very similar to the bankrupt idea of "I have nothing to hide from the government." It doesn't matter if you're currently comfortable; all it takes is a change in a law, or an new interpretation of an existing law to make you a criminal.

>>jff+Ay
I use vinyl cling material to cover up the cams, but what you described is much better and exactly what I want. Got any pics?

>>microt+Yw
No he's right, several apps listen in on your conversations for advertising purposes. Tons of similar stories can be found online.

The FTC just made an announcement about SilverPush, an example of such software:

https://www.ftc.gov/news-events/press-releases/2016/03/ftc-i...

>>random+aV
Like this: http://ecx.images-amazon.com/images/I/21g%2Bop3AZBL.jpg

>>tdalto+0C
With people who are intrinsically motivated to do a good job. Craftspeople take pride in their work, because doing it well feels better than doing it poorly.

They'll voluntarily make their own jobs more difficult if it makes the project better, even in ways that only others skilled in their craft would notice. They'll actually fight management for more hours, more money, better tools, different processes, etc. so they can get it right. Management's role isn't to force them to do their jobs, but to restrain them from going overboard.

Of course, this requires that they feel respected, sufficiently autonomous, and compensated fairly. And that they like what they're doing, at least a little bit. You get this routinely from theater professionals. Warehouse stock pickers, not so much.

Quantitative metrics and "goals" are a form of coercion that management deploys against its enemies to extract performance from people who fundamentally don't want to do a good job. In this kind of situation, we've taken to threatening to cut off their access to food and medicine and send armed men to seize their homes and cars (no, the layer of indirection between employers and lenders doesn't really matter). People like to eat, so they play along. And in rote jobs that only exist because they aren't cost-effective to automate yet, maybe that's the only way to do it.

You're not guaranteed a work environment where craftsmen are intrinsically motivated just by foregoing metrics, but as soon as your introduce "goals" (i.e. threats) a good chunk of people who would otherwise be on your side have instantly switched to searching for the minimum effort they can get away with until their either retire or find job that respects them.

Even if people still somehow feel respected, hitting/optimizing the metrics probably means doing the job sub-optimally, and that takes its toll - even if you personally decide not to play the wrongheaded metrics game, others in the organization will, and that creates conflicts (that you usually lose) where there should have been cooperation.

The Wire is essentially a show about this, and how it creates institutional dysfunction that breaks cities. "The fury of a bureaucrat who wants to do their job but can't because they've been fucked over."

>>userbi+qw
Very good points.

>>molecu+(OP)
The FBI knows how bad hardware and software security is, as well as how they're being exploited, and doesn't want the same things he wants from you.

>>molecu+(OP)
Wait, is he also blocking the microphone on his laptop? That seems like a much bigger security risk than his face.

>>superu+hX
Suppose there are 500 craftsman working together on a project because it too big for a smaller group to handle. How do they divide work? Especially when it comes to the work that everyone wants to do, or the work that no body wants to do? How do they resolve disagreements about what 'better' means? If caftman-1 says that craftman-2's performance is holding him back, while craftman-2 says that craftman-1 is asking him to do too much work, who adjudicates? What is a reasonable basis for a judgement?

Again, I'm honestly asking because I don't know. Large human organizations seem to repeatably converge on similar design patterns, but if there's a better way, I want to know it.

>>aftbit+LF
The most amazing is: http://www.nytimes.com/2013/11/10/us/politics/obamas-portabl...

>>grkvlt+DM
And OPM didn't happen, and will never happen again, anywhere.

>>kuschk+pD
If you've already got access to the camera, would it not in many cases be trivial to have access to the keyboard?

>>alanwa+hh1
Not when apps implement their own keyboard, for example, PayPal.

>>blackb+K4
You need to incorporate the big picture into the promotion incentives. Safety not # of FBI cases, health not # of hospital procedures, security not DOD wars.

>>superu+hX
This is a very interesting topic to me.

On one hand, you want to (in my world) empower developers and let them take ownership of ... whatever. On the other hand, you want to learn, as a group how to do better. On the gripping hand, you want to be able to tell the customers (and investors) what to expect and when.

It seems as if you can do the combination of #1 & #3, somehow, without tracking what you are doing and how you are doing it, but that #2 requires us to baseline what we are doing and try to brainstorm about what we can try in an attempt to, as a functional group, do better.

In your world, measurement is "bad" for an individual's autonomy. And it may well be. How does an organization accomplish goal #2 (and #3) along with #1?

Anecdotally, I found that the self-directed process improvement (PSP - https://en.wikipedia.org/wiki/Personal_software_process) helped a great deal. I didn't go overboard with formalism, just jotted myself some notes along the way during the week that I spent 20 minutes compiling on Friday, but I found that I had to record what I was doing to even know what I was doing. And that's just me. Maybe I'm an idiot, but I really didn't know. And my own estimates of what I was doing were ... surprisingly off.

>>krick+bR
So true. The original constitution is pretty clear on inalienable rights and such, but truthfull, the current government operates a bit more like an HR department, talking about helping you, but really merely trying to maintain a status quo.

>>ci5er+NH1
You aren't alone in your realization. I did the PSP for a while and found the same.

We are about one month into a three-month experiment where we are asking people to track time on their activities (mix of IT and developers). For some, it is a struggle with all the complaints when you try to make a small group "corporate". For others, they are having huge revelations of where their time is going that (I think) has been valuable.

What I've been trying to communicate is that the time tracking data has nothing to do with the individual, and is not being used as a measure of performance (it really isn't, and it isn't on anyones performance plans). What it IS being used for is a way for us to communicate with senior leadership to better demonstrate our value to the organization (in terms they are more familiar with). Basically, the "IT needs to better speak to the business" conversation that's been going on for ~15 years or so now. I suppose you could also tie it into the topic of when a startup grows beyond x people, with x in the range of 30-50 people.

>>diego_+SK
My point still remains. Even if you have good encryption, pure reliance on that puts you at risk in so many other ways in which information can be accessed. Any time you see information, access your bank accounts, create an email, etc., your information is at risk, and that has nothing to do with the amount of encryption you're using, because encryption will only work during the data transfer/storage stages.

>>grkvlt+DM
How do you feel about sharing it with everyone else at the coffee shop you frequent or the 14 year old "network administrator" at your friend's house? Encryption protects against these threats also.

>>rdl+D3
I removed the mic and speaker from my phone and now make calls using a bluetooth enabled headset that is usually turned off. This "hack" took about 15 minutes and is not too inconvenient for my lifestyle.

>>ci5er+NH1
> In your world, measurement is "bad" for an individual's autonomy.

It isn't actually the measurement itself. It's when the metrics end up tied to rewards and penalties that people start to game them. [1]

What you could do is measure things and then, when unit 15 is above average and unit 9 is below average, figure out why and let everybody know what works and what doesn't.

Which also has the side benefit of improving your metrics. Because if you see that unit 15 has the best numbers and you treat this as an undifferentiated "unit 15 is better and we don't know why but let's reward them" metric, you can miss things like, unit 15's district has a higher population density and they're actually below average after you take that into account.

Investigating the sources of success and failure without assigning personal consequences to them allows people to be honest about why they succeeded or failed. And then if anybody has actually found the secret to success you can share it with everyone else.

[1] Although you do have to be careful not to make "collecting metrics" a thing that eats half of each employee's work time.

>>molecu+(OP)
At 25:20 Comey cites "liberty and security" as American founding values, rather than "liberty and justice"

>>Anthon+d92
> Which also has the side benefit of improving your metrics.

That's key. You never get them right the first time, so improving your tracker is even more important than improving the tracked.

>>vinceg+7s
I totally agree with what you're saying here.. That's why I sand "good spec" laptop. ;-)

But yes the question is whether or not that actually exists.

>>krylon+cd
If you buy the business version of my webcam you get a plastic cover for $2 over the cost of the consumer variant. One day I might spend $15 for a cover: http://www.amazon.com/dp/B00I005TPS

>>sbarre+Tg3
If there was then System76 would be using that provider. Actually, if there was, then everybody else's laptops wouldn't be so horrible, either.

>>unders+WO3
On the one hand, for a price difference of $2, I would go for the version with the plastic cover.

On the other hand, with an external webcam, I can simply disconnect it. If you have a laptop built into a laptop that is not so easy to do. At least, you have to trust the laptop's manufacturer to do that, while a builtin plastic cover is so simple one does need to "trust" it; at the same time, you can't retrofit it on a laptop... :(