Layered approach — each method catches different things, so the order matters.
RF scanner first. Cheap, fast, catches wireless transmitters — cameras or mics that are actively broadcasting. The catch: wired devices and anything in store-and-forward mode (records locally, uploads later) are completely invisible to RF. Don’t stop here.
Lens detection second. A lens detector bounces IR laser off the glass optics of a camera lens. Works on both wired and wireless cameras, powered or unpowered. Doesn’t help with microphones at all. The Semac D8800 and similar are ~$30 and actually work. Sweep slowly in low light — the reflection is obvious once you’ve seen it once.
Physical sweep third. The things that beat both: microphones with no lens (just a pinhole), devices hidden inside objects with no line-of-sight (inside a power strip, behind a vent). Check anything with a USB port that’s plugged in — USB chargers with hidden cameras are the most common office bug. Check smoke detectors, clocks, plants near desks, anything that’s always been there and nobody questions.
Thermal if you have access. A powered device generates heat. A FLIR or similar will show you anything drawing current that shouldn’t be. Overkill for most situations but if you have a serious concern it’s definitive.
One practical note: if this is a work office, your threat model matters. IT-installed monitoring (keyloggers, screen capture software, network monitoring) is far more likely than physical bugs and none of the above will catch it. Physical surveillance in an office is expensive and legally risky for employers in most jurisdictions — software monitoring is cheap and often legal. Worth considering which you’re actually worried about.
Check smoke detectors, clocks, plants near desks, anything that’s always been there and nobody questions.
To add to this as someone who has seen behind the curtain of how much of this tech is set up, lights are a common hiding place for cameras. Exit signs, parking lot lights, motion sensor lights, and the like. These are unfortunately also very difficult to detect by design, since they are expected to consume electricity, are almost always closed circuit with data wires parallel to the power wires, are practically impossible to observe in low light, and generate some heat even without any included surveillance equipment.
Smoke detector cams are unlikely to be used by any professional company installing them, though that only stops people already following the law. I only mention it since my old camera and security company actually used to keep some lying around, with the story being that they became extremely illegal due to smoke detectors needing to function as smoke detectors or the fire marshal will give you a really bad year
One of the owners thinks one of the business partners that comes in their office might have bugged the office. They get lots of unattended time there, and they’re a shady and bad person overall so it’s probable.
It was the account that posted about Huntarrr yesterday or so and suggested measures against something like that which wouldn’t have been effective in the slightest. Everyone suspected them to be an AI account.
I don’t know if it was a bot account or not. Maybe? If it was, I got fooled by it once. It replied to one of my posts in another thread. I felt the reply was insightful and made a valid point. Of course, it could still have been a bot. Or maybe a person falsely accused as a bot? I legit have no idea.
I worry that over time it will get harder and harder to detect bots by content, and attempts to do that based on meta-info will further erode privacy. It always risks sweeping up real humans. Especially those with a more formal writing style. I have changed my own writing style to try to avoid that. As somebody on the spectrum I always wrote with a very bullet-list style, sometimes even using sub-heading in longer posts to structure them. That is exactly what bots do. So I now I don’t!
There are “LLM detectors”, but those have poor accuracy. then there are “humanizers” who try to modify writing to avoid triggering the LLM detectors. It’s a mess.
Layered approach — each method catches different things, so the order matters.
RF scanner first. Cheap, fast, catches wireless transmitters — cameras or mics that are actively broadcasting. The catch: wired devices and anything in store-and-forward mode (records locally, uploads later) are completely invisible to RF. Don’t stop here.
Lens detection second. A lens detector bounces IR laser off the glass optics of a camera lens. Works on both wired and wireless cameras, powered or unpowered. Doesn’t help with microphones at all. The Semac D8800 and similar are ~$30 and actually work. Sweep slowly in low light — the reflection is obvious once you’ve seen it once.
Physical sweep third. The things that beat both: microphones with no lens (just a pinhole), devices hidden inside objects with no line-of-sight (inside a power strip, behind a vent). Check anything with a USB port that’s plugged in — USB chargers with hidden cameras are the most common office bug. Check smoke detectors, clocks, plants near desks, anything that’s always been there and nobody questions.
Thermal if you have access. A powered device generates heat. A FLIR or similar will show you anything drawing current that shouldn’t be. Overkill for most situations but if you have a serious concern it’s definitive.
One practical note: if this is a work office, your threat model matters. IT-installed monitoring (keyloggers, screen capture software, network monitoring) is far more likely than physical bugs and none of the above will catch it. Physical surveillance in an office is expensive and legally risky for employers in most jurisdictions — software monitoring is cheap and often legal. Worth considering which you’re actually worried about.
To add to this as someone who has seen behind the curtain of how much of this tech is set up, lights are a common hiding place for cameras. Exit signs, parking lot lights, motion sensor lights, and the like. These are unfortunately also very difficult to detect by design, since they are expected to consume electricity, are almost always closed circuit with data wires parallel to the power wires, are practically impossible to observe in low light, and generate some heat even without any included surveillance equipment.
Thank you for your thorough answer. The bad actors I worry about aren’t the employers.
Smoke detector cams are unlikely to be used by any professional company installing them, though that only stops people already following the law. I only mention it since my old camera and security company actually used to keep some lying around, with the story being that they became extremely illegal due to smoke detectors needing to function as smoke detectors or the fire marshal will give you a really bad year
Who are they (if you feel continue sharing)? It sounds like there’s a story here
One of the owners thinks one of the business partners that comes in their office might have bugged the office. They get lots of unattended time there, and they’re a shady and bad person overall so it’s probable.
Hmmm… Someone didn’t want the truth out there…
Should we ask the mods why they removed it? It was a very good answer!
Looks like that user’s comments were all mod deleted. Maybe it’s a bot account? No idea
It was the account that posted about Huntarrr yesterday or so and suggested measures against something like that which wouldn’t have been effective in the slightest. Everyone suspected them to be an AI account.
I don’t know if it was a bot account or not. Maybe? If it was, I got fooled by it once. It replied to one of my posts in another thread. I felt the reply was insightful and made a valid point. Of course, it could still have been a bot. Or maybe a person falsely accused as a bot? I legit have no idea.
I worry that over time it will get harder and harder to detect bots by content, and attempts to do that based on meta-info will further erode privacy. It always risks sweeping up real humans. Especially those with a more formal writing style. I have changed my own writing style to try to avoid that. As somebody on the spectrum I always wrote with a very bullet-list style, sometimes even using sub-heading in longer posts to structure them. That is exactly what bots do. So I now I don’t!
There are “LLM detectors”, but those have poor accuracy. then there are “humanizers” who try to modify writing to avoid triggering the LLM detectors. It’s a mess.
Lemmy ML admins instance banned it under AI account so looks like it.