Turning devices on and off
Adversaries can try to gain access with trojans - invisibly-installed malware that gives the adversary administrative control over targeted computers, including, the ability to remotely control devices. Depending on your location and context, you may want to turn devices off and later on again.
Some devices can be turned on and off by software, others need blacklisting. Kernel modules are pieces of code that can be loaded and unloaded into the kernel upon demand. They extend the functionality of the kernel without the need to reboot the system. And modules can be blacklisted.
Turn on/off camera/webcam
Tape the camera. It may even be possible to turn it off in BIOS (depending on your version).
Better yet, if you know what driver module is controlling the webcam, you can disable and enable the driver with a single command on the commandline.
$ lsmod | grep "uvc"
If stuff like this appears, your webcam device uses an uvc driver:
uvcvideo 79005 0 videobuf2_vmalloc 12816 1 uvcvideo videobuf2_core 47787 1 uvcvideo videodev 126451 3 uvcvideo,v4l2_common,videobuf2_core media 18305 2 uvcvideo,videodev usbcore 195340 7 uvcvideo,ums_realtek,usb_storage,ehci_hcd,ehci_pci,usbhid,xhci_hcd
To disable the cam:
$ sudo modprobe -r uvcvideo
To enable the cam:
$ sudo modprobe uvcvideo
If not an uvcvideo driver, try
$ sudo lsmod | grep "media" and use the
modinfo command to find out more about the
modules listed behind it to locate your webcam driver module:
$ sudo modinfo [modulename]
Then replace the
uvcvideo in the above
modprobe command with the name of your driver module.
Completely turn it off
To disable the webcam at boot (if file not exists, create it, use your preferred editor):
$ sudo geany /etc/modprobe.d/blacklist.conf
At bottom of the file add this line:
blacklist uvcvideo (or the name of your driver instead of uvcvideo).
Save the file and reboot. Your webcam is no longer functioning.
Turn on/off microphone
Use the alsa control panel for muting the microphone:
$ sudo alsamixer
You can also use the same modprobe enabling/disabling method as used for webcam above. The ALSA modules page may be helpful for finding your driver module.
Blacklist firewire and thunderbolt
A direct memory access (DMA) attack is a type of side channel attack in which an adversary penetrates a device by
exploiting the presence of high-speed expansion ports that permit Direct Memory Access. Firewire, thunderbolt and
ExpressCard allow (by design) any connecting device full direct memory access to your system. They can be disabled
/etc/modprobe.d/blacklist-dma.conf (in debian):
blacklist firewire-core blacklist thunderbolt
The modules will be blacklisted upon reboot.