- December 5, 2018
- Posted by: Kerry Tomlinson, Archer News
- Categories: Archer News, Ask Archer, Cyber Crime, Cyberattack, Posts with image, Privacy, Ransomware
You ask security questions, we answer!
During our live Ask Archer Facebook show, Casey asked about live streaming — is there any sort of protection or security he can put into place to keep his live streaming safe?
We turn to Patrick Miller of Archer International — Archer News network’s parent company — for answers.
“Great question, but there’s not a lot directly you can do from a streaming source perspective,” he said. “So far, there haven’t been a lot of exploits that have been shown in that space.”
Of course, you want to have a unique, long password for your streaming account and keep your devices updated.
But attackers, it seems, have not yet found a way to jump into your stream and infect others.
“I don’t want to say it’s impossible,” he added. “But at least so far, there have not been proven techniques to inject malware into a video stream as it’s streaming.”
But there are still some security risks.
There are some security risks to live streaming, according to Patrick Miller of Archer International. Image: Candelario Gomez Lopez
The biggest security issue right now, according to Miller, would be malvertising.
That’s where attackers put malware into ads that show up on your computer.
The malware can infect your system and spy on you, steal passwords, install ransomware or cause other problems.
“If your streaming site — if it’s a website, for example — has advertisements on it, that’s probably the biggest vector for malware,” he explained.
“If you don’t know who the channel partners are for your advertisements or you’re not manually screening them yourself, the people visiting your stream — if there are ads presented — they may end up being victims of malvertising,” he said.
Streamers don’t necessarily have a lot of control over the ads shown on their sites.
Would Miller recommend streamers manually review their own ads?
“That’s very time consuming,” he answered. “Sure, if you want to be ultra-secure, then you would control the ads that are run through your service or on your site. And you could have those ads screened in advance.”
Check the Ads
Some ads may run a file, like a flash file or a video file.
“You can feed those into the antivirus engines, Virus Total and some others, that will actually scan it for you and see if there’s any issues,” Miller said.
You could do that if you wanted to maintain the highest possible security.
“A lot of folks don’t do that because they either pay or use a free streaming service,” he said. “And they’re kind of at the mercy of whatever that service is doing in terms of screening for malvertising.”
For many streamers, just getting to the point where they can have advertising is a a symbol of legitimacy.
“I finally got some street cred!” Miller echoed.
But that could be their biggest security weakness, he reiterated.
“That’s one of the biggest issues, is that malvertising,” he said.
Example of a phone camera and laptop. Image credit: Kelsey Vere
Security company PSafe suggests you take some privacy precautions when live streaming.
They include turning off your GPS, avoid giving out personal info, and not shooting the live stream in front of your home, company or school.
If you are live-streaming for a private audience, you will want to make sure that you control who can see the feed.
For example, with YouTube, you can choose your audience setting: public, private or unlisted.
‘Public’ allows anyone to see it, and ‘private’ restricts it to people you invite — the most secure choice.
In theory, ‘Unlisted’ keeps the video out of search results.
You then send the link to people you want to see the video.
However, those people can send the link to others.
And PSafe says you can search up some unlisted videos online, including through a site called Unlisted Videos.
See other #AskArcher questions: