Paranoid about the National Security Agency spying on you via your webcam? Don’t be. It’s safe to webchat again. Well, at least if you’re Keith Alexander, former director of the National Security Agency. That is, unless he’s watching you.
Alexander was spotted on Tuesday on a train from Washington to New York by the principal technologist of the American Civil Liberties Union (ACLU), Chris Soghoian. The four-star general turned top paid security consultant was working away on his Apple Macbook with the webcam uncovered.
Ex-NSA Director Keith Alexander is on my train. He uses a macbook, and doesn't have a sticker over his webcam.
— Christopher Soghoian (@csoghoian) February 3, 2015
According to documents leaked by NSA whistleblower Edward Snowden, the spying agency can easily hack webcams. Partnering with the UK’s GCHQ, the NSA collected millions of images from webcams through Yahoo accounts under a program called Optic Nerve. The agencies were disheartened to learn that a large percentage of the images contained “undesirable nudity”.
It’s not just the NSA that has surreptitious access to webcams. Cyber criminals and governments including China and Russia also have malware, or malevolent software, aimed at hijacking webcams.
The revelations have led many to cover the webcams on their devices in order to stop spying.
Alexander was apparently fully clothed while using his laptop, but he did leave it unattended for 20 minutes while three colleagues sat at his table aboard an Amtrak train, according to Soghoian.
Soghoian’s train-ride tweet caused an immediate backlash from privacy watchers on Twitter: “What on earth makes you think the contents of the laptop are classified?” asked Benjamin Wittes, a senior fellow in governance studies at the Brookings Institution, who pointed out that the laptop remained with colleagues when Alexander left the table. “Moreover, I hardly think that leaving a non-classified laptop in the hands of trusted subordinates is a breach of COMSEC [communications security],” he wrote.
“Whether or not General Alexander left his laptop unattended isn’t news,” Soghoian told the Guardian. “But there is obvious interest in the communications security of ex-government officials. They are a lot more aware of the vulnerabilities we face than we are,” said Soghoian.
The general approached Soghoian after someone alerted Alexander to his tweet and he pointed out that he had left his laptop with his colleagues. “I said something along the lines of operational security being important,” said Soghoian, who admitted to being somewhat star-struck. “He is my first star spot on the train,” he said. “I’m glad I took that first-class upgrade today or I wouldn’t have seen him.”
Alexander now heads the consultancy IronNet Cybersecurity, which reportedly charges $600,000 to $1m a month to protect its clients from hackers.
Alexander appeared uninterested in answering questions about the webcam scandal after a Senate armed services committee hearing on surveillance in February 2014.
Confronted by a reporter, he muttered: “Hmm, webcam. That’s a good question,” while walking away.
