Hacker News new | past | comments | ask | show | jobs | submit login
How to Find Hidden Cameras and Spy Gear (senteltechsecurity.com)
749 points by loteck on Jan 16, 2019 | hide | past | favorite | 182 comments

Doesn't mention the good old Nonlinear Junction Detector. (NLJD) [1] or The Broom as they call it. It can find any unshielded device containing semiconductors, no matter if the device is powered or not - which is pretty cool. It is possible to build one yourself which is even cooler. Although I have to say, while it is a WW II era device, DIY building is not a beginners project. The British documentary "The Spying Game - Walls Have Ears" has a good interview with its inventor that even includes a demo of the device by him in his wonderful old school lab[2].

[1] https://en.wikipedia.org/wiki/Nonlinear_junction_detector

[2] https://www.youtube.com/watch?v=4EWYI9zfF9Y#t=22m30s

Ha! So we may not be able to scan for "life forms" ala Star Trek, but apparently we have a somewhat universal scan for semiconductors. That's amazing!

Well, not life forms as we know them, anyway.


> It can find any unshielded device containing semiconductors, no matter if the device is powered or not - which is pretty cool.

From Wikipedia: “professional covert listening devices (bugs) of the Central Intelligence Agency were equipped from 1968 onwards with a so-called isolator.”

The pic of the bee in that Wikipedia article is amazing. From that linked article:

> A bumblebee with a transponder acting as a non-linear junction for tracking the animal by way of harmonic radar.

That looks like something out of a James Bond movie!

Can't a well build device mitigate this by just using up the energy provided by the NLJD before it is re-transmitted by the semiconductors as a harmonic of the original signal? As far as I my knowledge goes of these, it can detect the created harmonics of the original signal.

Using up all the energy would require a perfect impedance match, which would be very hard to achieve.

Even a 1 percent error would be easy to detect, since radio receivers can easily have 100 dB of dynamic range, and decibels is a log scale, so that's massive!

The linked wikipedia page describes a countermeasure a little like that described.

Probably doesn't mention it because it's not a function of the gadget they're advertising. NLJDs cost several grand, after all.

That is super interesting! I wonder if there is an FPGA version of this for the filtering part of the circuit so that it's easier to make.

One quick and cost-effective way to detect IR light is by using the front-facing camera on your phone.

Unlike the rear-facing camera, the front-facing camera does not have an IR filter and can easily pick up IR lights in the dark.

To try this at home, grab your TV remote, which uses IR light to send information to your TV and open the front-facing camera on your phone. Next, point the front end of the remote at the camera and press any of the remote buttons. The IR light that is normally not visible will be completely visible on your camera screen.

Well I’ll be darned. This works! (iPhone 7)

I don't remember seeing a rear-facing camera for which it wouldn't work. Are there extra IR filters installed on newest models, or is that an Apple thing?

Many phones are getting better IR filters because sunsets and fireplaces both have large amounts of IR in, and without the filters it's hard to get a decent picture. People rarely use the front facing camera for those things.

The newer iphones block 850nm almost completely. I was shining one at a half watt led just the other day and couldn't see anything. Can't remember the iPhone model.

I was also surprised. My old Galaxy S6 detected it fine (which is great when DIY-ing a TrackIR). I have to go home, plug it in and see if newer phones are any different.

My S7 handless this as well, and every Android phone I ever tried this on has a rear camera receptive to IR (I usually test it on TV remotes).

It's also a neat trick to check your remote's battery level.

Wonder why the front-facing camera doesn't have an IR filter but the rear one does.

IR is often used for facial recognition (invisible pattern projectors or to better illuminate skin texture). However in colour pictures you get a strong purple cast in some conditions, like bright sunlight, due to excess near infrared radiation. This is not desirable for photography, so most consumer cameras have IR cut filters for this reason. The filter looks like a transparent piece of glass or plastic, but it will shimmer red if you hold it at an angle. Not to be confused with the normal anti reflective coatings on lenses (these often look green/purple).

As the sibling says though, plenty of rear facing cameras are also IR sensitive. I imagine there's some onboard processing to correct the colour balance.

You can't really correct for the chromatic distortion (purple effect) as it is not simply a color correction, the IR light bends differently through the optical elements / lense. (The diffraction coefficient is different for different wavelenghts of light). Thus you have to filter the light out to get rid of the effect.

I suppose it depends on the bandpass of the filter. I have several older phones which can take (rear) images of IR leds - we used this as a sanity check at work several times. Images of normal things didn't look noticeably worse for having that sensitivity.

Many visible optical filters leak in the infrared, so perhaps a small amount gets through, but not enough to cause a noticeable colour cast in normal photography.

Vegetation in sunlight is a good test target, too. Leaves strongly reflect NIR.

You can correct it (Lightroom, Photoshop, Darktable, etc include tools for this), but it's a waste of processor power if you can fix it in hardware.

What kind of light does the FaceID system use? Or does it have a separate camera for the invisible lights?

IR but it has separate hardware. There's an IR dot projector, IR floodlight, and IR camera.

Oh, this is awesome: it works for both of my phone’s cameras! It’s a OnePlus 6 — I wonder how many other phones have this ability in both cameras.

Actually, from a photography aspect, that's more of a bug than a feature because it's creating weird artifacts when photographing a strong IR source.

Nice! So, does this mean that an 'easy' way of defeating non-filtered cameras is to just have a few IR LEDs blasting out? I've no idea on costs or the optical physics here.

Yes: https://www.instructables.com/id/The-Invisible-Face-Mask-/

Many surveillance cameras use an IR cut-off filter for their "day" or color mode though, so this may not work then (or at least, not work as well, depending on the cut-off filter and LED wavelengths).

Well, heck, if that's not a product and market fit, I don't know what is?!

Worked for me as well, iPhone X. Very cool!

Here's a review of a hidden camera digital clock: https://www.youtube.com/watch?v=wMtG_fAL9aI

And someone using a FLIR infrared camera to find hidden cameras: https://www.youtube.com/watch?v=ndlhlBIG0SQ

I have a routine when entering a hotel room that involves scanning for devices similar to what the article mentions (but not as far as using specialized equipment). I'm not paranoid about being spied on, giving a proper once-over makes me feel more at ease when inside the room. You never find anything, which is always a relief, but a couple years ago when hotels started installing smart mirrors it sure made my heart beat faster when you shut off the bathroom light and look at the mirror with a light source. I've also recently started seeing hall effect switches on hotel room doors. I'm not sure how they are being used, but I usually pull the magnet out of the door and put it on the mini bar and no one comes running thinking the door has been left open. I'm not a fan of the hotel knowing when I come and go. I've seen a motion sensor once but I believe those are more for the room's HVAC.

Of course the hotel can track your face with lobby cameras, your room key when you authenticate with the elevator and door, and monitor your use of the Wi-Fi, so really they don't need a camera or hall effect sensor to know you are coming and going or get some idea of your preferences.

I would be genuinely surprised if hotels implemented facial recognition. I'm the one who doesn't touch hotel WiFi - cell tethering to the rescue. And yes, all these hotels use NFC keycards, which makes the placement of door sensors even more puzzling. You can't be invisible in a hotel but there is a level of knowledge on your whereabouts that they just don't need. Sadly the Las Vegas incident isn't helping as management is more paranoid than ever of a repeat.

They are already doing so. VIP recognition and check-in are two cases.

> who doesn’t touch hotel WiFi

Not even with a custom DNS or VPN?

i dont think the point is tracking your patterns [that is an issue of itself tho] i think the more proximate issue is that a criminal may photograph record or live stream our intimate moments that occur when there is a full expectation of privacy.

My understanding is that the hall-effect sensors usually work in tandem with other occupancy sensors to lower HVAC bills, like: http://axxind.com/hospitality/guestpresence/ .

I think the hall effect sensor functions as a "latch" to prevent the motion system from turning off the HVAC if you are in another room of a suite, out of view of the motion sensor, or asleep.

This is correct. In addition to working in a hotel for ten years, I was also there when it was gutted and renovated and the system installed. While some hotels may track this stuff beyond just a simple occupancy flag for HVAC (e.g., Las Vegas), the vast majority don’t have the interest or capability to.

> a couple years ago when hotels started installing smart mirrors

What do you mean by "smart mirrors" in this context? I can see various possibilities online, I'm just curious as to what it is that hotels have actually been installing and why. (Not having seen such a thing in a hotel myself)

They know when you come and go by your key card. I was in a hotel recently in which the elevator would only move if you swiped your key card _and_ chose your floor—no other floor, even the lobby.

sometimes i go to the suite at random intervals and swipe the card open the door then lock up and leave for another while, hoping it screws up any attempt to make a pattern.

There may be someone coming, seeing the door is closed, and just leaving a note for maintenance to fix it when you aren't around.

They may also be using those sensors to know if someone opens your door while you're out of the hotel and/or without an authorized keycard, which might mean a robbery attempt.

I'm interested that it doesn't mention the nonlinear junction detector, but I'm no spyhunter or anything and maybe that's an obsolete piece of equipment now. After all, there's certainly a lot more innocent transistors and diodes out in the world today than there were during the cold war. Also I'm not sure they're legal for just anybody to use since they vomit so much radio interference.

An interesting build:

Woah! The electronics info at this site seems interesting... but stuff gets pretty wild...

Oh god. Yeah there's a fair share of weird junk on that site, which probably goes hand-in-hand with having the necessary paranoia to build your own nonlinear junction detector.

I found the link on Hackaday way back when, I have no idea about the rest of this shady IP address. Should have probably been more careful about posting something like this, but the electronics builds are so well documented.

I pretty quickly stumbled upon a ton of antisemitism, racism and some gore from that site.

Did these 67.x links above kill anyone’s device cellular connection? Something dangerous going on there.

No, that seems more improbable than the linked ramblings.

this article is actually just an advertisement for this product. https://www.senteltechsecurity.com/lawmate-dd802-defender.ht...

This is such a cynical statement that I'm tired of seeing on HN.

Yes, the article mentions a product from the company, not in a sneaky way. The rest of it, some 2,800 words, is interesting and informative--to me, at least.

An article can be both informative and self-serving, and there's nothing wrong with that, provided there's no deception. Most of what you read online is self-serving, in some way.

>provided there's no deception.

First of all, your caveat does not hold. This article is deceptive in full. None of the advice presented here is good at all... "divide the room into quadrants and search each quadrant"? Why? Just search the entire room. The article fundamentally gives the impression that you will not actually be able to locate any spygear unless you have an RF detector and a camera beacon simply by not giving any good advice otherwise. "Check if the outlet covers have been changed?" right, because when I bug a house that I own, I also buy a new outlet cover.

No one trying to sell you something is going to tell you how you could effectively live your life without their product. This is fundamentally deceptive, and seems to have gone so far as to have fooled even you.

None of the advice presented here is good at all... "divide the room into quadrants and search each quadrant"? Why?

The article answers that:

Splitting the room into sections will help you to systematically and meticulously go through the room and clear each section without skipping over any of the fine details.

This strategy is generally known as “divide and conquer”.

no, the strategy of divide and conquer exclusively refers to situations in which the whole is greater than the sum of the parts, in this case they are exactly equal.

In military parlance, it means that you have a much greater advantage against 2 armies of half size separately than against them both simultaneously. This is known as Lanchester's law, and the whole point is that it's non-linear.

In algorithms, the idea is roughly that, given a method which solves a problem, it is often cheaper to split your input, solve each half, then merge them, than it is to run the algorithm on the entire input. Again, non-linear.

Dividing your room into quadrants provides NO advantage to searching your room. You still have to search each unit area methodically.

The suggestion is not about efficiency, it's about not forgetting anything.

I'm pretty sure most people have a pretty intuitive understanding of how to perform a methodical search of a room. The article promises clever tricks for finding bugs and cameras in a room without having to spend any money, and fails to deliver on that premise, deceptively, because it is solely an advertisement for a device that is FAR more expensive than it needs to be.

>I'm pretty sure most people have a pretty intuitive understanding of how to perform a methodical search of a room

And surgeons were pretty sure they'd never leave an implement inside a patient, but the stats still improved with the introduction of checklists. Like checklists, the quadrant method means there's less demand on your memory, which means less chance of forgetting things if something unexpected happens.

Thus, the article would be much better if it provided a checklist with concrete, actionable steps instead.

This is a difference between content marketing and actually caring about informing the reader.

The checklist can also be ordered such that the lowest-hanging fruit is covered first. Start with the vent covers, overhead lights, and smoke detectors, because those are the places where it's easiest for an unskilled spy to hide monitoring devices. Any hole cut into the sheetrock for a legit purpose could also have a peephole near it.

I bought a house that had a slight dimple in the heating duct of a ground-level bathroom, mostly concealed by the vent cover. I went down into the basement, and surely enough, from a certain spot, I had a clear view of the toilet and shower from below. I bent the duct back flush with the edge of the hole, and concluded that was probably one of the reasons that the sellers were getting divorced. So you might not find a camera. There might be an actual eyeball there sometimes. An electronic scanner isn't going to find that.

This is almost obviously untrue. This is a technique used for any task that requires thorough analysis of a space, like crime scenes and archaeological digs. Sometimes to a much more fine grained resolution than just quadrants. Saying that people can "just search the entire room" is like asking why can't you "just search the entire crime scene" or "just dig out the whole fossil". It trivializes the amount of effort needed to actually perform the task to the detail required, and dismisses the insight that a little bit of work division actually can improve performance for the exact same overall task despite the overhead it adds.

> I'm pretty sure most people have a pretty intuitive understanding of how to perform a methodical search of a room.

I'm pretty sure most us techies have a pretty intuitive understanding of how to methodically build software yet we still see great benefits in breaking down projects into smaller tasks.

My point is the bigger picture often looks easy from the outset but in practice most people do benefit from dividing jobs up into smaller tasks or quadrants and focusing on each of those individually.

Not forgetting anything is covered with "paint the room" advice. Extend that to "paint the floor", and you won't forget anything.

This whole business of dividing rooms into quadrants smells awfully lot like usual content marketing non-informative filler.

One caveat to your otherwise good set of examples: Lanchester's law applies mostly to modern forces equipped with firearms, for which the non-linear effects manifest.

The origin of the "divide and conquer" idea, the "divide and rule", is also about non-linear effects. At least two can be named here: thresholding (ensure your opponents into groups small enough you can take any individual on directly), and Metcalfe's law (effect of a group grows with the square of number of fully-involved participants).

The article is very shallow and it's just a wordy regurgiration of common sense stuff. Certainly not something of professional level it claims to describe.

It might be read as cynical - but in itself it is just a statement of fact. It is informative.

> An article can be both informative and self-serving, and there's nothing wrong with that, provided there's no deception. Most of what you read online is self-serving, in some way.

But can it be, really? Usually one of the two goals suffers badly.

The top 50% of this article reads like low-effort content marketing cookie-cutter nonsense, and I almost stop reading there. It got somewhat interesting towards the other half, true, but someone interested in informing people instead of pushing their product (and the need for their products) could easily shorten this article by 50+%.

If you think this is cynical, you don't understand modern advertising.

The point isn't that the article isn't an advertisement, it's that it isn't just an advertisement. If it provides value we shouldn't immediately dismiss it just for being an ad.

For "just an advertisement" it sure offers a lot of good advice that is still applicable even if you don't buy anything from them.

> Detects Camera Lens up to 45 feet

This is interesting. Is that red filter-looking thing part of the mechanism for detecting lenses?

The LEDs on the front flash a certain wavelength of red light in an attention-grabbing manner and the filter blocks a lot of other light sources so the flashing red glint is easier to spot. It's pretty ingeniously simple. Of course it'll detect lots of other curved, reflective objects--the user has to verify it's a camera through manual inspection.

I wonder if this still works if the camera is of the pin-hole type with no lens. i.e. camera obscura

These aren't looking for lenses as much as the reflection from the sensor. I imagine with a small enough aperture, things would be come difficult for you and the camera.

I have read before about a supposed fluorescence or perhaps reflection peak of the sensor itself, but I have never seen an actual scientific paper describing the setup, I suspect a simple filter and the naked eye would not suffice for this type of detection. The previous time I read a comment about such a system was by someone who worked (in-?)directly for a cinema, in order to detect people filming the movie.

To detect the reflection from the sensor in the case of a real lensless pinhole camera you would have to be on the line perpendicular to the sensor through the hole, else the reflecting ray would not return through the pinhole.

If someone knows more about the supposed systems that actually detect fluorescence or the antireflective coating spectrum of the light sensor itself please please reply!

I now recall that the claim was not that the image sensor itself fluoresced or raman scattered or whatever in a characteristic way, but that it was the IR blocking filter before the sensor...

this immediately makes the setup less usefull for surveillance cameras as they will typically not be optimized for color fidelity, but for light sensitivity, so without IR filter...

Nevertheless I would still be interested in more details or the exact mechanism or references...

That's a good point. The IR filter should light up like a beacon with most red LEDs that include a bunch of IR, such as the ones you see in a ring around most night-vision security cameras. I don't know if that would be detectable with just the naked eye and a filter, though. You'd have to have another camera capable of seeing the IR.

However it wouldn't detect those same night-vision cameras, since they are most often just standard webcam guts with that IR filter omitted as you say.. I really think this thing is just what it says--a lens detector, which catches specular glints off the glass lens and doesn't have much to do with the actual CCD or CMOS or whatever sensor is underneath. It could definitely be making use of the IR filter on most cameras to make those shine particularly bright.

yes I also for no second believe this cheapo led ring with filter is the hypothetical camera detector used in cinemas, but that instead it is based on reflections. A voyeur-run room could simply use lots of glass beads in an artistic way to decorate the room like glueed to the walls etc.

I'm not sure how the cinema version works though, or might the IR filter be a dielectric high-pass filter (similar to how anti-reflective coatings work), passing red but reflecting near IR?

Optically in the near IR that would be equivalent to a mirror between sensor and lense, for simplicity lets pretend the filter is nearly in the same plane as the sensor in the focal plane, then parallel rays focused at infinity would converge to a point on the mirror, which means the light should retroreflect, but the intensity of retroreflection should be highest at the optical axis, and quickly fall off away rom the axis... that makes for 4 DOF to "scan" direction to aim the beam of light, and 2-dimensional position with respect to aperture... so you need to be either lucky or have a very good idea of typical orientation and position of the camera, which would also explain the usage in cinema's you know the orientation of the camera so now only 2d of freedomm left...

> It's pretty ingeniously simple

I'll say! That's really cool. Thanks for explaining how it works.

Any alternative you would recommend then?


Probably way crappier, but for what these electronics entail the one sold by the website in the post is vastly overpriced. It's a very simple radio, a battery, some LEDs, and an optical filter of some kind. Likely just a red gel. Plus, how great of a bug detector do most people really need? The main features are all there and it's probably workable in most cases.

Disclaimer, I don't own this. It could be a mega-turd, don't buy it on my account.

No offense but your disclaimer kind of offers a reason why someone might buy their product.

That's not how you should buy tools, though. Unless you're a professional who is making a living with these tools, you don't walk straight up to the Snap-On truck and drop several grand on all the highest quality stuff. You go to Hazard Fraught and get the cheap ones, then you replace the ones that actually wear out or don't cut the mustard with something a few tiers up. Most of it will work just fine for a decade at a twentieth of the price.

The crowd here could probably build one of these out of whatever's in the junk drawer. Looks like it's the RX half of a cheap analogue walkie-talkie and some flashing lights. That's it. Two hundred bucks is egregious. Maybe if you were an actual LEO or a private eye, but for most people it makes absolutely no sense to buy the $200 version without first seeing if the $10 version does the job.

>That's not how you should buy tools, though.

Well this is certainly subjective and dependent on multiple factors. It may very well be that you could get a similar device for $10-$20 or scrap one together for as much, but its probably not going to come with a good warranty or much reassurance of it's actual performance. And also, just as the crowd here is more likely to be able to build one, the crowd here is also more likely to be able to drop $200 on something if they want it.

Use cases matter. Someone worried about voyeurs should think like voyeurs. They're driven by impulse and most of the time are probably not going to be super organized or resourceful. There's no need to waste your money on RF detectors or camera lens detectors if you are dealing with the kind of hidden surveillance equipment you'd see on Amazon; it's not that sneaky and you can just examine objects like clocks, smoke alarms, door hooks, and phone chargers for obvious cameras. These kind of surveillance devices are really only hidden to people who aren't looking for them.

OTOH if it matters enough to want a camera lens or RF detector I'd definitely at least want a good piece of tool. Doesn't have to be the one in the article, but it'd certainly be worth considering. This is especially true in cases of potential corporate espionage and other situations of similar importance.

Not at all saying there isn't a market for a cheaper device or a DIY replacement, but to be honest I think a lot of people are better off with buying nothing, if you ask me.

"The best way to check for a two-way mirror is by using your fingertip. On most mirrors, if you place your fingertip on the mirror, the reflection of it will not touch. Instead, it will leave a quarter inch gap or so"

Went to check all mirrors at home, and placed my fingertip on them. In all, the reflection of my finger touches my finger.

I'm gonna need to have a serious conversation with my wife now.

I’ve done the same and had the exact same experience. What is the reason for that?

I assume it has to do with which side the reflective coating is on? If it's on the room-facing face there is no gap. If it's on the backing (wall-side face) there is a gap as thick as the glass.

The reflective coating (silver or alumin(i)um) of a glass mirror is usually on its back.

Gap should be twice the glass thickness because the light travels the distance twice.

Is unplugging the power of the router in an AirBNB a good basic security step?

Presumably some cameras depend on flash storage rather than Internet connection but many cameras do use Internet connection to function?

I just cut the power to the house when I arrive.

"Today engineers will succeed in restoring water and power to your area, leaving you with hours of hard sledgehammer work to get it back the way you like it." --The Onion

I burn it down and camp on the ashes.

Nuke it from orbit. It’s the only way to be sure.

I've seen other commenters mentioning that they now consider at least scanning the network to be a mandatory step in their check-in process. Personally I try to avoid connecting my devices to others' WiFi on principal - especially if they're... less than tech savvy.

Assuming you don't accept bad certs, don't ssh if there's an issue with the host key, don't use http, relent and other plaintext protocols, why?

Because there are dozens of processes in the background doing that for me.

This is the correct answer. You'd be surprised how many programs rely on the remote server redirecting them to a secure server.

Most major banks in Sweden had http landing pages and did not use HSTS last time I checked (in 2017).

Right gue CAs and a lack of cert pinning?

And how would a rogue CA cert get into your cert store?

The only issue with random access points when using properly secured connections is the metadata leak - DNS queries, etc. They will now whom you are connecting to, basically. That's it.

Exactly. And even that, you could use a VPN. In fact anything an airbnb host can do, your ISP at home can do it to, and is far more likely to be doing analytics on it, or be subpoenaed for it. So if it is a concern, you're probably already using a VPN.

The most powerful advice in the linked post seems to be infrared scanning for heat. Presuming most cameras generate some sort of heat this would be a good way to locate them.

Microphones can be hidden completely out of sight. A long enough lens barrel can put the heat generating electronics far enough from any visible surfaces that the heat signature may become unnoticeable. Also the heat camera is the most expensive method.

How do you know you're not unplugging a decoy router, with the secure surveillance router concealed somewhere you wouldn't think to look?

This seems highly unlikely, but like all security, this is just one layer of defense.

It could be very inconvenient to unplug the router. The real issue is what level of threat you hope to counter. An unexpected extra clock or an extra coffee machine in the room, as mentioned in the article, would not represent a very high-level surveillance tactic. I mean, to try something as blatant as that would be very unimaginative, or at best, evidence of working with very limited options. Is there really a two-bit Airbnb surveillance problem?

I doubt that a sleazy airbnb host would be sophisticated enough to place a decoy router, and if they were, there's probably nothing I could do to stop them.

My threat model would be the host trying to blackmail me and/or get their kicks from watching me.

A corporate or national actor isn't part of this model, because: - I'm a low-priority target - Prevent highly sophisticated attacks borders on impossible/maddening - The likelihood of the creep is probably 10,000x more

I'm not sure unplugging the router would help, but I probably wouldn't find it very inconvenient either (depending on location).

Overall it's probably worth a quick try to locate and unplug it - if you can't find it, hedge your bets and try some other opsec techniques. Just my own approach.

I keep a small (and cheap) separate router for my IoT devices. If I wanted to spy on someone, I'd definitely use one of those, with a USB powerbank acting as a UPS.

Check your smartphone while you unplug the router (or you block 99% of its signal by 1) wrapping it in aluminum foil or 2) taping a metal box or mylar sheet over it).

If one of the wifi presences discovered by your phone disappears thereafter, then the router you blocked was live and very unlikely to be a decoy. (I can't believe most casual spies would install a live decoy router in the room.)

Since all of the spy devices in the room almost certainly operate via that wifi router, disabling or blocking it is probably the most effective single act you can do to disable all of the room's surveillance devices.

I assume that the decoy router is the active router. So you'll know you've turned it off by e.g. the absence of the Netflix service you were planning to enjoy while staying in the AirBnB apartment.

How do you know that one of the remaining WiFi networks that you can detect (after unplugging the visible one) isn't providing connectivity for surveillance devices? I can't think of any easy way to do this. There could be a surveillance server+router in a crawl space or an attic, but you have to find it.

Better to treat whatever you say and do in the AirBnB apartment as compromised, if you are inclined to worry about this.

I'm not actually that curious to hear what 'compromised' implies in the typical AirBnB surveillance scenario. Is it just the possibility of creepy observation, or identity theft, blackmail, worse?

It's easy to come up with potential horror stories. The higher the stakes, the more incentive for the surveillance to be undetectable (where detectability would impair the attack).

Why does a completely static blogpost have a loading animation? Some really bad engineering decisions have been made here.

If only there were readily-available tools to find hidden website bloat. /s (directed at them, not you)

9,70 MB / 7,93 MB transferred; many 100+ and 500+KB images, two over 1MB; one 800KB (minimised!) stylesheet.

Pretty crazy. Took over 1 minute to load on my 2Mb/s connection.

You could also roll your own (at your own risk) :) [1]

[1] - https://github.com/JulianOliver/dropkick.sh

Would be nice as an app or a portable device like a button (kind of like the universal remote to shutdown TVs[1]).

[1]: https://www.amazon.com/TV-B-Gone-Universal-TV-Control-Keycha...

Wouldn't be too difficult to run it on a Raspberry Pi

This is a real problem for females in Korea, where spy cameras are a real thing. So much so, there's a Korean word for, it "molka," and a Kickstarter for a handheld device that can find even pinhole cameras based on reflected visible light from an array of LEDs.


This is an excellent follow-up to the AirBNB story posted here earlier.

Tl;dr AirBNB ruled that a host's photo with an easily-glanced-over single camera tucked in a corner was sufficient evidence and documentation of the fact that they had multiple cameras inside - i.e. that the guest should've been aware that there was no expectation of privacy. The article mentioned unplugging said equipment, other comments mentioned guests having found cameras in alarm clocks in AirBnBs, etc.

Typical airBNB customer care.

How is it they recommend unplugging the cameras, if they say seeing one camera is the same as acknowledging there are other hidden ones?

How do you unplug that which you cannot see?!

If it’s an IP camera, you can solve the problem by carrying a little switch and patch cable. The switch plugged into an Ethernet port, then the jumper cable plugged across two of the ports in the switch. If the camera is on the same network no appreciable amount of data will be getting from that camera back to where it is supposed to be recording

Why is that? Wouldn't it just double the data volume, or does it do something else?

It'll make the switch gum the network up with broadcast and multicast packets forever looping around the switch.

Back in my high school days, looping two Ethernet ports with a patchcord was a trick you could use to take down the entire school network. I was under impression that modern hardware has safeguards against that, though.

This safeguard is called STP (spanning tree protocol). I've seen it only in managed swithes and most SOHO swithes are unmanaged. It is easy to detect usage of STP using tcpdump.


There's also a research paper on this subject. Some of the information in it might no longer be relevant in today's world though.


So spend 250+ and carry all that extra gear with me while traveling to hotels?

I could see this being a thing in Airbnb though unfortunately.

You can get an RF scanner with a laser lens scanner for $10, and your phone camera is good enough for detecting IR LEDs. The only expensive part is the FLIR camera, but still 3 out of 4 for $10 is not bad.

FLIR Camera has many good uses. I bet in a hot or cold climate you can quickly win it back in heating/cooling costs by optimizing insulation.

Fair point. Might just get the rf scanner for giggles anyway

Small price to pay in today’s society. These surveillance devices and storage are only going to get less expensive, and easier to conceal.

Cameras are easy to find. You use red glasses (laser safety ppe) and a red light source. The type of polymer they coat lenses in is highly reflective in the red spectrum. With out getting into too many details you just shine the light around looking for strong pin pricks of red light. I've got experience doing this for over 20 years and this is by far the most effective approach 100% of the time.

It's funny how in spy movies a sniper or observer has a big ol lens pointed at a target.

Govt buildings have lens detectors.

And I'd hope high value targets teams do too

> Govt buildings have lens detectors.

Care to explain? If I point a camera at my local Fed building while walking on the nearby sidewalk, are you telling me that's detected somewhere?

I have heard stories of feds coming out to stop people taking pictures of federal buildings. Always assumed it was security policy, but would be funny if it was just,

"Damnit that guy is making this alarm go off non-stop, Dave, go get him to move along"

Not a technical explanation but a story about a similar thing:


I remember this article as the first time I learned that photo-taking can actually be detected. Given that it was written in 2009, I imagine that the general camera-detecting technology has been mostly figured out by now.

So when it detects a lens, it shoots light to destroy the photo.

If the detection is not ideal, it could detect eyeglasses and shoot light into people's eyes

I'm surprised it works outdoors, I would think the red light would be impossible to pick out of a high resolution image even with a fine filter.

As far as I understand, these laser scanners work outdoors in daylight:


> Lasers sweep the surroundings and when they detect a CCD, they fire a bolt of light right at the camera to obliterate any photograph

Color me skeptical. Does it detect the lens in the eye too? And then? Does it obliterate my retina when I look at his yacht?

If you've got a CCD in your eye then ya, I'd be concerned about that.

I'm not going to pretend to understand the physics at play, but is there perhaps lens coatings or materials that reduce the chance of detection?

yes thats what the red "ruby" lens coating is about, it buffers reflection from the lens surface.


I've proposed a talk at CircleCityCon that includes this area... except the software stack I'm using makes sounds and then rapidly watches a large swath of spectrum to find FM bugs.

I can also pick up 802.11* bugs too with standard wireless hacking toolset that we're all familiar with.

I can't pick up video with it (5.8GHz FPV modules), but that shouldn't be too hard to add at a later date.

I also can't pick up "record to SD" style of bugs. There's nothing to pick up radio widse, and their tempest emissions are too miniscule to detect.

Didnt Hilton pay large sum of money to an ESPN reporter to settle a voyeur cam issue ? This is why I choose Hilton -- they know spying on me or enabling spying on me is going to be expensive for them.

For people using AirBnB -- the best you can hope for is your pictures don't end up on a fetish site.

Bookmarking this for when we need to sweep the white house in a couple years.

Why does he have 2 clocks, a bed, a toilet and a bathtub in the same room?

Camera inside alarm clock will pass all these tests.

Curious why they aren't using public key encryption when writing to the SD card if they went to that much trouble hiding it.

Power consumption I would assume

As a pervert/voyeur I can recommend these tips for spotting 19 out of 20 such pervs. The thermal being most effective.

You can do basic detection via mobile app itself and they are surprisingly good. I know they can't replace dedicated gadgets but for most it should be enough and convenient.

On android i use Ultimate EMF Detector PRO and Hidden Camera(PRO version). These should help you to detect electro magnetic field emanating from devices and infrared camera. Be very careful while selecting the app since there are lot of similar apps in the market from shady looking companies.

Who are the developers of those two apps? In the app store that's the distinguishing feature between the Hidden Camera apps at least.

My hidden bullshit detector says it's an advertising article playing on fears, and having fake comments below it.

This ia paranoid as hell. If you really needed to worry about it, you wouldn't be reading this article.

It's not that paranoid if you use AirBnB a lot. I have caught one owner spying on me with video, and so have some of my friends who use AirBnB as much as I do. It's easy for the owner to mentally justify the invasion of privacy with the excuse of protecting their property. When it happened to me I was on my way to a friend's wedding so I didn't want to get the police involved, but in hindsight I wish I had.

I guess I'm lucky that I'm not important enough for anyone to bug me, besides taking amazing video of me going at it with my hot wife going at it in a hotel. Now that I think about it, someone would hit the jackpot if they got us on film.

using IR devices or buy RF detector from amazon to avoid hidden camera

Also, as any pretty girl in a DongGuan city's Sauna will teach you, put all portable objects inside the room's wardrobe and cover everything you can, including mirrors, with towels, bedsheets, or whatever piece of cloth you can find. Put all flasks of Shampoo or body soap in the wardrobe aswell. Scan the long curtains of the room's window with your eyes and hands. They are really professionals there.

Covering the mirrors, as the oldschool fingernail test is not sufficient to detect all kinds of two way mirrors


Sorry I didn't understand well your comment, if you are saying that the pretty girls cover the mirror to detect two way mirrors, that is not the reason they cover the mirror for.

I mean they cover the mirrors because detecting two way mirrors isnt as simple as putting your finger on it and looking for the reflection.

If you look at the picture


You see the difference between glas two way and standard mirror. That was recommended for a long time as a tip for girls to figure out if they have to worry about a cam being behind a mirror.

That however is not sufficient, which gets you from trying to detect a cam to taking precautions as if there are cams you just havent found yet.

Why do they cover the mirrors then ?

Same reason people draw the curtains - if it is a two-way mirror, then covering it prevents it from being a window.

Exactly, but the person I replied to said:

"if you are saying that the pretty girls cover the mirror to detect two way mirrors, that is not the reason they cover the mirror for."

Thus my question. If it's not to cover up a two way mirror, then what ?

Detecting something and protecting from something are different things, as Cf498 said in his comment, they just go directly to the protect step and ignore the detect step. They don't have time for Detect step. Its just that in the way he phrased his first comment, it was unclear, but I didn't assume that he was actually confusing the 2 steps, that's why I used "if" and said that I didn't understand clearly. Actually he didn't needed the info in that answer, but some others readers could get confused, as it seems to be my case. Now if you ask me how could I possibly think that cover a mirror is a way to detect a two way mirror, then I have to say I don't know, but maybe I imagined that if its day time, and the curtains don't provide enough darkness, you could cover the mirror with your head inside the cover to provide enough obscurity for your eyes to see trough the two way mirror. So maybe my imagination went too far, but yeah.

Why DongGuan? Wouldn't this be good advice anywhere around the world? Or is this some kind of in-joke I don't get?

Your Google is not my Google apparently.

The filter bubble is real.

i guess it's play on English meaning of dong, while at same time Dongguan it's sex capital of China due to high ratio of women:men, this would of course apply same to Pattaya in Thailand or Clark in Philippines

Just to make a fun comment, in a humorous way, not criticizing your comment by any chance, just that I thought it was fun: Actually, They are sex capitals not due to high ratio of women:men, It's the opposite way: They have a high ratio of woman:men due to they being sex capitals. Donguan at it's Golden Age had probably 100 woman for each man, but if you go there today, unfortunately, it brings tears to one's eyes to see the sad state of less then 3 to 1 ratio. Or much less. In a certain winter, of heavy snow, someone was trapped for days in a train blocked by the snow, and this was time when workers go back to their hometowns for the chinese new year. This train was coming from DongGuan, and the ratio of women men inside that train was marvelous, not far from a Thousand girls to each man. This is all over now. Even the snow in China does't fall as much anymore...

except in Dongguan that ratio was not because of prostitution, but because of manufacturing unlike other sex destinations

So what explains that the ratio has absurdly dropped after the Police crackdown? Manufacturing is still going on here, actually, manufacturing there is growing stronger as ever, with the workforce Surplus, now, salaries of factory girl workers went down a lot, because we don't have other things to do now besides work in the factories now, so manufacturing has nothing to do with this, and even if it had, a city doesn't become a sex capital because of high-ratio women:men, would be overly simplistic reasoning, and that's what I was replying to,

If this was true, please mind, BaoAn district that belongs to Shenzhen (and where you cannot find a single male boy among thousands of pretty girls if you go to try to get a table at a cheap worker's restaurant at lunch time in a big factory's gate), and every other labor-intense manufacturing hub all over Asia would be Sex capitals, what is not true. The district of BaoAn, in the border between Dongguan and Shenzhen, actually geographically located much more close to Dongguan, but belongs to Shenzhen, and because it belongs to Shenzhen, and not to Dongguan, Sex business is "forbidden", or at least nowhere as freely allowed as Dongguan(was), you can't compare. What get us to the reason a city becomes a Sex Capital in a country where prostitution is forbidden by the law(!)

The reason is that the Gov of that country thinks prostitution is a necessary evil that helps to prevent violence and rape and other things, so this Gov indicates a place where this can happen, for the sake of Society's Harmony(SheHuiHeXie). Almost Every city in China has a street, a neighbourhood, or an area where the Police pretends to crack but let it happen, at least until people start to abuse the relative freedom, because humans cannot have nice things without abusing it, then they will indicate another place to start from scratch.

Vietnam too.




:adding some historical context: It is said that when the Old Wise Man, and this was a Wise one, mind you, Lao Deng (Old deng Xiao Pin) Decide that the few thousand people small fisher's village named Shenzhen was meant to become the 10 million people's Heart of Pearl River's Delta(the biggest Industrial Manufacturing Hub Ever built by hummanity, probably) Lao Deng decided to aloow the creation of what was called back then ErNaiLou( in a literal translation word by word: Second Milk Building(not clear)), but this was a building full of small rooms for the factory workers to get SocietyHarmonized( In the good meaning of this verb, it has a bad meaning too, related to execution of death penalty)

> put all portable objects inside the room's wardrobe

I'm sorry, but how does this help?

Could contain a battery powered camera

Oh, the things in the room. I thought the comment was talking about putting your own portable devices in the wardrobe.

Yes, but they will ask you to put your own portables devices in the wardrobe too, including watches and glasses, even when the glasses have almost no frame to speak of. This is, or was, in the golden times, coincidentally, or not, the industrial hub with more relative freedom for production variety. The state-of-art of the spycamera-ware produced over there back then would make any old shop owner in Shenzhen's eletronic market simply jaw-dropped. Off course, if the guys in Shenzhen weren't afraid of jail, they would have the same stuff at some point. Is a pity people messed up doing too much GSM stuff. You can't have nice things. Same goes for the other industry mentioned. Just Nostalgy left. A lot of legal stuff could be mass-miniaturized by removal of case and tape cover. Long time retired now, don't know last progresses, but probably best stuff available for simple mortals still in Romenia. Best available for simple mortals in the other industry probably still in the same country. Never go near device starting with a J, may become guest of enhanced interview facility. The old memories...

Has anyone considered these pieces of equipment?


They are very hard to spot. you have to inspect the area of concern for tack holes or raised features in the wallpaper. As far as price is concerned, there is a fair bit of profit that will be realized short term from the disgusting type of porn that could be generated. Im sure there is some gaurded position regarding sales of these devices, if not there should be.

Depth of field is measured in millimeters for everything they list. I wonder if that's a requirement of the hardware or something that can be overcome.

They are designed for close up work, almost microscope like as you can see in the demo video. I wonder how well they work for a living-room sized scene.

depth of field issues are non existent if you use an aperature disk. if you can afford a fibre optic device you can create the pinhole lens system with aperatures, no glass required. if you want to go to these lengths then you probably work with or for some alphabet soup federal agency.

Very cool. Found one on eBay for $5700 so luckily out of reach for the casual snoop. That would be virtually undetectable.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact