PDA

View Full Version : Webcam/Skype-type question



MarkEsq
05-23-2011, 09:44 PM
Can you chat with someone on webcam or Skype and prevent them making a recording?

I have an international criminal who wants to pop up now and again and taunt the detectives but doesn't want those conversations saved. Possible?

JayMan
05-23-2011, 09:51 PM
I'm not an expert, but I consider myself reasonably well-versed in computers.

I'm pretty sure it's flat-out impossible to prevent somebody on the other end from recording. And even if it were possible (which it's not), the detectives could just videotape the monitor with a regular old camera.

Perhaps it would also help if you could clarify what you're going for. Does the criminal not want his face seen? He could use a mask or not transmit video feed. Does he not want his voice recorded? He could use a program or device to disguise it. He should also use a dynamic IP address to make it very hard to trace where he's transmitting from.

But do you want the detectives to be unable to make a recording of the video because the criminal doesn't want any evidence that the conversations ever occurred? I don't think that's possible.

MarkEsq
05-23-2011, 10:11 PM
But do you want the detectives to be unable to make a recording of the video because the criminal doesn't want any evidence that the conversations ever occurred? I don't think that's possible.

This. I was thinking he could pop up and taunt officers, just for a few seconds, and then disappear, maybe even make one detective in particular look like he's lying because there's no trace of their quick chats.

JayMan
05-23-2011, 11:37 PM
In that case, it could very well be possible, if the detective wasn't expecting it and it was over real quick. Most people don't readily have the type of software needed to capture video from these types of conversations, so that would work in your (and your criminal's!) favor. Of course, I'm pretty sure the detective would have to accept the incoming call from the criminal before any communication could take place... just something to keep in mind.

MoLoLu
05-24-2011, 01:05 AM
While popping up is possible, isps tend to keep traffic logged. No expert but i would guess 24 hours. Further, the skype client loggs all activity unless otherwise configured. As for recording, it cant be prevented per se but starting a recording software tends to take a few seconds.

The harder part would be opening a call w.o. First being mutual contacts. Technically the idea's a bit shaky but:

All in all a very cool idea!

Buffysquirrel
05-24-2011, 02:23 PM
I think another problem would be that after he's done it once or twice, and the officer hasn't been believed, the latter would take steps to make sure there was some evidence captured.

defyalllogic
05-24-2011, 05:51 PM
he can steal someone else's account and use one of those random IP sites (you type in what website you want to go to and it makes it look like you're coming from a bunch of different IPs... Google it) and then the call looks like it's coming from Wife or Son and he answers and it's Criminal! quick chat and no more.

Also if the detective normally had a recorder on, he'd probably turn it off when Wife or Son called...?

JayMan
05-24-2011, 06:04 PM
Yeah, Buffysquirrel brings up a good point.

An idea I just got, however, might be to install some sort of malware or spyware on the detective's computer, a Trojan perhaps, that would allow a user to remotely gain control of the infected computer. I'm not a hacker and I don't know the first thing about writing code or writing scripts, but I'm pretty sure there is malware out there that could grant certain administrative privileges to a remote user.

Perhaps the malware could be activated by the criminal whenever the criminal wanted, and cause the video to pop up (scripts can be written to do all sorts of things). The malware could also include a script or command to delete all the files on the detective's computer that might leave traces of the video. The malware could include a script to make several copies of itself with random file names in random places so that it'd be harder to get rid of completely.

Also, ideally, the criminal would install the malware on the computer early and then wait a couple months to actually activate it... that way, the detective couldn't just use System Restore to send his computer back in time to before the malware had been installed (I think System Restore only goes back a month by default? Not sure).

Of course, this would also require the criminal to actually install the malware on the system, perhaps by convincing the detective to click a link to a site the criminal himself has created (the site could run a Java script that would infect the detective's computer without him even knowing... I got a pretty nasty infection this way, I clicked a link in Google Search results to visit a page. I didn't even click anything on the page, I just visited the page, and BOOM. Infected.)

Obviously, your criminal would have to be pretty computer savvy, or have an ally who is, to write the code for such a program and to write it such that it won't be easily picked up by antivirus programs, and to trick the detective into clicking/downloading it, but it's doable. Especially if the detective is like the average computer user--not dumb, but not extremely computer savvy either.


Anyway, these are just random ideas, but malware can be made to do just about anything, so it opens up a lot of avenues for your character.

Al Stevens
05-24-2011, 06:08 PM
The answer to the original question is "no." If you can send it to my computer, I can capture it for later. The ability to do that might not be built into the operating system, but...

It is technically possible to have software that maintains a running stream, recording whatever comes in, audio and video. Unless told otherwise, the software would loop over itself so it didn't consume an entire hard disk. Since this is fiction, you could make that software available from one of the vendors of surveillance tools. Or from the detective's gearhead geek nephew. (Everybody has one of them.) Keep the software running in the background and whenever the bad guy pops up, take a snapshot of sufficient length to preserve the video.

Good premise, by the way.

Al Stevens
05-24-2011, 06:12 PM
Also, unless your targeted readership is technically savvy, make it all simple and understandable without a lot of esoteric geek-speak or extensive detailed explanations.

jclarkdawe
05-24-2011, 06:23 PM
Wanting to go onto a computer and not leave a trace requires some mad computer skills. And next to impossible to do in real time. Let's take a look at who's tracking me as I type this. It logs on my computer, which is under my control and somewhat easy to deal with that log. But the company that is providing me with internet service is also logging this. Every time I upload and download is recorded. I have no ability to destroy that record without getting into their system. And the internet service provider (which can be different than who's providing the internet connection) also records this.

This is all part of how they catch pedophiles.

So if the message is sent in real time, you can back trace through those levels and you'll find traces. It's not very hard to do if you have the appropriate skills.

To get around this, because you can't destroy the tracks that are left, you have to make this complicated. And this is hard to do without seriously mad computer skills. (Hackers are very smart people.) Start thinking spyware and malware.

First you have to get a route into the computer you want to hack, let's call it Popeye's. Now Popeye isn't stupid, so every night he shuts off his computer. However, that's an easy problem for a hacker to solve. Either you turn the computer on remotely, or you wait for Popeye to wake up in the morning. In your case, waiting for Popeye to wake up is the better route.

Now hacker, at let's say three in the morning, sends a bundle of information to Popeye, probably using Popeye's email. Hacker routes it through multiple ISPs throughout the world, faking the computer's ID. In this bundle is the message from the hacker, as well as a couple of other things. This bundle just sits around waiting for Popeye to wake up.

Popeye wakes up, the bundle is sent, but hacker being really smart, has programed it to not activate for a while. Popeye may see an email advertising a bigger dick for him. The bundle sits around on Popeye's computer, until either a certain time or a certain action by Popeye.

Then the hacker's message pops up, claiming priority over all other programs presently running on Popeye's computer. Popeye sees the message (which can be a video recording). Message lasts for let's say twenty seconds. Now for the real fun part. The bundle contains a program that now destroys the message, and any trace of the message disappears. A really good hacker actually will have the program fill in the twenty seconds with another activity (downloading kiddie porn surfing would be a good touch).

Finding the bundle from the hacker is next to impossible, because of the time separation. The IT guy trying to trace this doesn't know where to begin.

And as I've said, mad computer skills are needed. A friend of mine had this happen to one of his clients. Took over a year and a half to find this and nearly ended in the client's divorce (the hacker was sending him emails from the client's alleged "girlfriend," including nude pictures of a woman, all designed to show up on the family's computer and be seen by the wife). Hacker felt that he'd been screwed in a contract by the client.

Best of luck,

Jim Clark-Dawe

idempotent1729
05-25-2011, 07:48 AM
There are self-destructing websites. The criminal could post the video there and have the website destroy itself after just a few seconds of video. He could also rig it so that when someone opens the video, it also opens an infected file that causes the computer to freeze a couple seconds after the video starts (similar to someone else's suggestion).

MarkEsq
05-25-2011, 04:59 PM
Wow, you guys are smart and awesome. I love the idea of doing this to my MC but I'll have to think long and hard, obviously, to make it believable.

Thanks everyone!

idempotent1729
05-25-2011, 05:38 PM
Wow, you guys are smart and awesome. I love the idea of doing this to my MC but I'll have to think long and hard, obviously, to make it believable.

Thanks everyone!

One thing that I think might make it work more easily is if the criminal changes his strategy a little each time he pops up. So for instance the first time, he could do a self-destructing website, which the detective doesn't know will self-destruct, so he saves the link, only to come back and find it gone the next minute. Then next time he could quickly try to save the video, but this time the bad guy either made it so a virus would also be saved with the video, or maybe the bad guy even has his own special type of video files which when the detective saves it, no player he can find is able to open and play the file. This means the bad guy has to have some kind of player embedded in his self-destructing website that is able to manage his own special file format, but I think he can probably do that.

KQ800
05-26-2011, 08:21 PM
This is a question that I feel qualified to answer. Now, I don't know your computer-nerditude, so if some of the following is not clear, send me an e-mailaddress and I will send you some powerpoint-presentations with diagrams.

What you describe can be done as long as five criteria are upheld.
1 The Bad Guy must have gotten to the MC:s computer in some way.
2 The MC must not get help from a computer forensics expert
3 The firewall in the system must accept outgoing connections. (like WWW, software updates, etc. This is fairly common)
4 Videotaping the screen with a separate camera is foolproof so if the MC does that, the BG is helpless.
5 If good security is upheld this is almost impossible and relies mostly on luck. Good security is very rare.

Point 1 above: BG can send a mail, a USB-drive, a CD or the like to the MC who proceeds to open a folder with pictures in it. BG could direct-hack the MC:s computer if BG is nearby and the MC uses a wireless keyboard (or sometimes just a mouse) or WIFI.

When the MC opens the folder or the BG hacks in, a program is installed on the MC:s computer.

This program will with some intervals, e. g. every 19 hours, try to connect to the internet and reach a specific computer.

This second computer is a 'bot. That is, a computer which someone has hacked and then sold access to for criminal purposes. the BG can then connect to the same 'bot and through this bot establish a connection with the MC-computer.

It is possible to use antitrace measures to make sure that no one will find either the bot or the BG:s computer. (See TOR-networks)

When the BG gets a connection, the attackprogram on the MC:s computer will open a chat window that looks like a normal skype window, and the chat begins.

If the MC checks his Skype logs it seems as all traces are gone, because Skype was not involved in the first place.

The attack program will erase all files and logs connected with the incident, but cannot do anything about the network logs. If forensics experts get involved, they will quickly find that an unknown process called out every time the chats occurred.

Finding the attack program associated with the process hiding in the hard drive version of deep Cambodian jungle will require the computer forensic equivalent of the upriver journey to find colonel Kurtz, but without the explosions and very, very, boring. They will eventually find it, though and might be able to find the first 'bot but that will probably be a dead end with a trail crossing nation borders making it impossible to trace beyond, "It's a computer in Estonia"

If you want more technical details, let me know, but I don't think normal readers will want more tech stuff than this.

KQ800
05-26-2011, 08:23 PM
" if some of the following is not clear, send me an e-mailaddress and I will send you some powerpoint-presentations with diagrams."

Why yes, I DO teach occasionally, how could you tell? *facepalm*