Cross-posted to: https://sh.itjust.works/post/15859195
From other conversations that I’ve read through, people usually say “Yes, because it’s easy on Windows”, or “Yes, because they simply don’t trust the webcam”. But neither of these arguments are enough for me. The former I feel is irrelevent when one is talking about Linux, and the latter is just doing something for the sake of doing it which is not exactly a rational argument.
Specifically for Linux (although, I suppose this partially also depends on the distro, and, of course, vulnerabilites in whatever software that you might be using), how vulnerable is the device to having its webcam exploited? If you trust the software that you have running on your computer, and you utilize firewalls (application layer, network layer, etc.), you should be resistant to such types of exploits, no? A parallel question would also be: How vulnerable is a Linux device if you don’t take extra precautions like firewalls.
If this is the case, what makes Windows so much more vulnerable?
One of the key tenets of keeping something computerised secure is ‘Defence in Depth’ - i.e. having multiple layers of defence, so that even if one layer is breached, the next layer (which you thought was redundant and unnecessary) prevents the attack.
Running a fully patched kernel and services / applications should protect you unless someone has a 0-day (i.e. not disclosed) exploit. Reducing the surface area by minimising what services / applications are running, using software (firejail etc…) and firewalls to limit permissions of applications / services to what is needed, etc… serves as another layer of defence. Disconnecting or physically blocking peripherals that might allow for spying is another layer; it serves its purpose if all the other layers are breached.