A recently resolved criminal case shows how a man was able to hack a high school classmate's laptop in order to take nude photographs with her computer's camera without her knowledge, before attempting to use the images to extort her, reports The Washington Post.
Though Apple's FaceTime camera is designed to always illuminate the adjacent green light at the top of the screen, software has been written to separate the camera and light hardware, allowing both illegal -- and legal, the FBI has used similar software in criminal investigations -- ways.
A pair of students at Johns Hopkins examined Apple's webcam indicator [PDF] and discovered both how to disable the LED indicator, and a way to modify OS X's kernel to keep nefarious users from taking control of the LED. The vulnerability they described does not work on Macs built after 2008, but it is likely that similar hacks exist for newer machines.
In the older vulnerability described in the Johns Hopkins study, the software bypasses a hardware interlock that the camera uses in an attempt to ensure the indicator light illuminates whenever the camera is active. It is not known precisely which software package the defendant in the case used to compromise his classmate's computer, but the Hopkins study is the first public confirmation that Apple's camera system can be compromised.
The easiest way for users to protect themselves -- aside from standard security protocols like not downloading strange applications, or allowing untrusted people access to the computer -- is to put a small piece of tape across the camera.
Article Link: Software Allows Hackers to Activate MacBook Webcams Without Green Warning Light
