Using free software widely available on the Internet, and the internal microphone installed by the manufacturer in a laptop computer, or an externally attached microphone, it is possible to record hours of conversations on a computer or laptop to the available free hard drive space. This provides a means to surreptitiously record and compromise discussions.

The risk of a miniature tape recorder in a briefcase or pocket being secreted into a meeting or facility has long been known. Now, however, mitigation measures must also be applied to the audio recording threat posed by laptop and personal computers.

These audio recording programs have capabilities which take advantage of your built-in or remote microphone and use all available space open your hard drive to store to recorded file. As an example, 100 MB of hard disk space will yield about 8 hours of high quality audio recording. It is not usual to have over 1 GB of hard disk space in today's PC or laptop. One such software package can record over 20 hours of audio conversation to 500 MG's of free disk space.

The ISRC has tested several software applications and have found them to function as described. Three programs were tested on Windows 95 and Macintosh operating systems. All were determined to accurately capture audio conversations occurring within the range of the computer microphone. Some of the programs can be hidden from an unwitting user. Most can be automatically launched by placing them in a startup folder, unknown to the user, or by a simple operating system macro.

Increasingly, as vulnerabilities are discovered, risks must be reevaluated. Risk acceptance or mitigation must be addressed to ensure a protected environment wherein business can be conducted securely.

New information technology, especially computer software, must continually be evaluated to ascertain if security vulnerabilities or risks exist.

Security and Privacy Notice
To contact send email to ISRC
Last Updated October 2001