Detect spying - all options [closed]
There are some similar questions, but none of them comprehensively address all the possibilities of spying as I will try to.
I'm fairly sure my spouse has arranged some method of spying mainly on my internet usage (yes, obviously in incognito mode), probably with the help of IT professionals. I sterngthened my suspicions by testing by doing something I knew my spouse wouldn't approve of, and noticed a strong reaction although they haven't said anything. I'm trying to fully investigate this and looking at the different ways how this can be done in order to try to detect it. They will have had full physical access to my house, router and devices when I was out, and the administrator account on the laptop and tablet aren't password protected, the network and router passwords are known to them. I use Windows 7 and android, Chrome, the network is wireless.
Square brackets are what I did to consider each option, which I think rules out all the options.
ROUTER OPTIONS
1) by changing the router DNS IP Address to some service eg OpenDNS which logs all traffic through the router [I checked and the DNS IP Address is set to "Obtain from ISP"].
2) by looking at the router traffic logs every so often [I have an ee brightbox router which doesn't seem to keep logs of traffic. The only log I can find on the router page is "SYSTEM LOG - This page shows various system events like administrator login/logout, broadband connection status", nothing with traffic. This was confirmed by some user in this forum from 2013 http://forums.thinkbroadband.com/freeserve/4240433-view-send-logs-from-ee-brightbox.html ]
3) Putting another router (router 2) somewhere in the house, making its wireless network name similar to my old router (router 1), setting my devices to auto connect to router 2, and then using one of the above methods - crafty [I compared the network name I'm connected to to router 1's name, its identical, and there are no other networks with similar names. Also router 1's Status page shows my devices are connected to it]
4) Installing some hardware between my router and the microfilter? or the phone socket? (not sure if thats a possibility) [nope nothing there, although I stopped short of opening the phone socket, or opening the router to see if something had been soldered inside...]
DEVICE OPTIONS
5) Installing a keylogger on the laptop [used Keylogger Detector, http://download.cnet.com/Keylogger-Detector/3000-2162_4-75744701.html - found nothing. Neither did MS Security Essentials, or malwarebytes free (trial expired), would imagine these should detect keyloggers].
6) Installing some other software on laptop and android tablet which logs websites visited, possibly also software run and media played. I saw something online about sniffers like dsniff, although I'm not clear what they are they sound relevant. [There's nothing obvious eg in Taskbar Notification area, or in Task Manager, or windows firewall. MS Security Essentials ad malwarebytes free (trial expired) found nothing, would imagine these should detect this at least if its doing it covertly]
7) Installing some other software on laptop and android tablet which saves/transmits a video capture of the screen and/or audio [don't think so, as above no. 6]
8) Similar to 1), but using the device options instead of the router options to change the DNS address to OpenDNS or similar, as detailed here https://www.opendns.com/setupguide/#familyshield [nope, set to "Obtain automatically" on both devices]
OTHER OPTIONS
9) installing a spy camera overlooking where I sit with the laptop (same spot always) [can't find anything].
THE QUESTION, FINALLY
Being rather fed up of being worried about this, it would be most appreciated if anyone could point out any other options I haven't thought of, with ways to check; or, if my ways of ruling out any of the options I did think of aren't good enough.
Obviously this IT firm I'm thinking of knows much more than me about this and can probably do something undetectable to most users. They specialise in this type of thing. But it seems that this type of thing is really wrong so there must be some way of safeguarding against it...
Solution 1:
You list some good points, so here are my thoughts...
ROUTER OPTIONS
It's possible the router firmware has some sort of unpatched exploit available or has been otherwise compromised.
You may wish to ensure your firmware is fully up to date. This does not guarantee the device cannot be exploited again, even with the latest firmware updates, but it lessens the likelihood.
Regarding firmware, a more extreme option is replacing the factory firmware with something like DD-WRT (which may or may not be available for your router). Again, this may not fully prevent future exploits, but could negate any current exploit in place.
As a final solution, you could consider something more drastic such as buying a small mobile router (perhaps even through a cellular service) and attempting to keep it safe (not leaving it unattended).
DEVICE OPTIONS
Unfortunately, if there is a technical firm assisting your spouse, they may have access to spying software that doesn't register with traditional detection programs.
Programs to detect malicious software usually use known technical data or behavior patterns to determine threats. If this technical data is missing (because the detection software is unfamiliar with it e.g. it is a new or custom-made program) or a program does not display particular behavior, it might go unnoticed.
There are also programs that can potentially hide in the parts necessary for a computer to boot which requires special scanning for detection.
Your options here for safety are some combination of:
-
Doing a scan of the Master Boot Record (MBR) or the EFI/GPT system in the laptop (you would need to research the proper utilities for this).
-
Reinstall any possibly compromised OS.
-
Replace the hardware (this might be especially true for the tablet since they are traditionally harder to work with than a laptop).
If you did replace the hardware (buying new devices), a similar caveat to the router would be in order in that you would need to keep any new devices safe to prevent future compromise.
Another suggestion (especially for a new computer) would be using a Linux Live CD. Linux is an alternative operating system to Windows and live CDs run that system from a CD/DVD ROM. This would potentially stop most malicious software on a device from running (though malicious software that relies on the boot mechanisms of the device might still be an issue).
HARDWARE SPYING
You mentioned spy cameras. Modern spy cameras can be extremely well hidden. Perhaps you should take a second look.
You also mentioned hardware attached to the router or behind the socket. This is entirely possible. It is also possible to attach similar devices in a laptop (and a tablet as well I imagine).
Some sophisticated spying hardware can also be embedded in USB connectors (say for input devices such as a mouse or keyboard) or in devices such as keyboards themselves.
BOTTOM LINE
They will have had full physical access to my house, router and devices when I was out, and the administrator account on the laptop and tablet aren't password protected, the network and router passwords are known to them.
[...]
[T]here must be some way of safeguarding against [this kind of spying]...
You are in a bad position.
Anyone with full access to a device or devices similar to what you describe can do just about anything with them. Even if you do detect an intrusion and takes steps to prevent or mitigate it, you may be compromised in the future.
Unfortunately, this means there likely is no true safeguard other than vigilance and keeping new, uncompromised equipment away from whomever is doing the spying.