Physical security is an inherent part of information security. If an attacker can achieve physical access to your devices, you are already behind the power curve. Maintaining physical control of your devices is maybe the most important step you can take to protect your data-at-rest. However, there are some occasions when maintaining physical control is not possible or practical. One of these occasions is during hotel stays. Hotel rooms – and even their safes – are incredibly insecure (I’ll talk more about this in an upcoming post). They are usually the best alternative to lugging your laptop around to dinner, out of drinks, or for a day at a local attraction. Rather than leave my laptop (and other stuff) totally undefended, I use a video surveillance app called Sighthound to keep an eye on things when I’m away.
Sighthound Video Surveillance
Sighthound is a freemium program for Windows and Mac computers. The free version allows you to record video in The app also lets you select zones to monitor, and allows you to monitor for people, “any object”, or “unknown objects”. Recording can be initiated when an object or person is entering, leaving, inside, outside, or on top of the selected area, or crossing a boundary. You can choose to ignore objects that are smaller than a certain number of pixels to avoid false-positive recordings.
The major benefit of Sighthound is that it lets you record video locally, rather than uploading it to a server. Sighthound allows you to choose where to store the video files. You can also choose a maximum limit of storage space, and to delete video that does not meet a rule definition after a certain number of hours. These features allow you to limit the amount of storage space used for video, while still retaining video that may have value.
To download the free version of Sighthound you must create an account. You will be given access to premium features but these will expire in 14 days. The only personal information required to create an account is an email address (I recommend a Blur address). The Basic License ($60) offers some additional featuers. These include high-resolution video, remote access, and the ability to arm the camera with a delay (to let you get out of the room before it begins recording). Remote access allows you to view your camera’s feed from your Android or iOS device. Sighthound can also send you an email or play a tone when a recording is initiated.
How I Use Sighthound
I travel frequently and I love Sighthound for its ability to let me keep an eye on my hotel room. When I leave my room I am hesitant to leave my computer locked but running and unencrypted. Instead, I created a bootable OS X USB drive using a 32 GB SanDisk Cruzer Fit.When I leave the room I shut the computer down, boot from the USB drive, and start Sighthound. I place the computer in a position that will allow it to observe as much of the room as possible without being obvious it is recording. I also cover the webcam light with black tape.
OS Setup: I set this USB operating system up using normal best practices. It is full-disk encrypted and the the user account is protected with a good, strong password. I also created a new Apple ID for this account. Since this OS is running and more vulnerable to compromise I do not want to grant it access to my real Apple account.
Of course Sighthound doesn’t replace full-disk encryption. You should full disk encrypt your devices if they are ever out of your physical control. I have written about the importance of FDE before, and will continue to do so (I will talk about it a lot in October). Of course I recommend using a camera cover when Sighthound is not in use. It would also probably be worth using a laptop cable lock. However, I have not yet found one that I am satisfied recommending. I would like one that would allow me to use my own padlock rather than the provided 4-wheel combination lock. If you are aware of one, please let me know.
If you enjoyed this article and would like exclusive content, sign up for the Operational-Security Newsletter.