Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Software Allows Hackers to Activate MacBook Webcams Without Green Warning Light
- Thread starter MacRumors
- Start date
- Sort by reaction score
Care to back that up, MR?
Prior to 2009 this feature was firmware controlled, that is what the researchers have messed with and how they got it to work. The models after 2008 do not use firmware anymore and the LED sits directly on top of the power feed to the camera. There is no switch to control the LED anymore, it's on when the power is on.
If the construction was changed so radically on models after 2008 and the part containing the vulnerability that this hack uses doesn't exist anymore (no firmware control anymore), how is it "likely that similar hacks exist for newer machines."? So far I have only found hardware hacks which involve opening up the camera unit and removing the LED.
It is hard-wired, but it turns out there's a way to enable the camera while not lighting up that LED. The camera module has an input called 'standby' to which the LED is also connected. So normally if you put the cam in standby, the LED is off and if you take it out of standby then it's on. This is hardware and you can't use software to control that.
However the camera module, using an alternative firmware on the webcam's controller chip, can be told to disregard the state of that standby input and be controlled by a different input instead. Then, you can keep the standby input such that the LED stays off, while still using the camera module.
----------
The LED isn't "firmware-controlled" in the pre-2008 MacBooks either. It's just that these guys found a way to work around it.
It depends on the specifics of the circuitry if this can still be done with a newer model. If the LED is tied directly to the camera module's power line (instead of a different one that only controls it like in the pre-2008 models) then there is absolutely no way to disable it short of physically removing the LED. That is how I expect it to be done now btw but since I'm not willing to open up my macbook pro's display assembly, I'm unable to verify.
A security expert interviewed on Fox said NOT to use tape because the adhesive can mess up the lens. Cut and fold a sticky note or something and cover it. That way, when you actually want to use the camera, you can simply take it off.
On a Mac?
Apps and even websites can turn the camera on. For example, if you have iTunes vouchers, instead of typing in the code, you can click on a button on Apple's website, the green light on your camera comes on, you hold your voucher close to the camera, and it reads the voucher code. FaceTime can obviously turn the camera on, that's the whole point of it.
BTW. If they were laughing, call the authorities on them. Hacking into your computer is a crime. They'll stop laughing when the police knocks on their door.
----------
I know it's all fashionable to be paranoid
But it took people five years to figure this out. And the same people figuring it out also provide software for free that makes this hack impossible (unless someone completely takes over your machine, to the degree that they have complete control and complete access to anything).
Aren't Macs what the article was about and the exploit is published for?
Just because it was published now doesn't meant folks in the "black" (NSA) or black hat community didn't have the capability a lot sooner.
B
No more video chatting for me.
Do you realise how stupid this comment is?
The problem is that someone managed to turn on the WebCam _without the green warning light_. This doesn't affect video chatting in any way. You _know_ that the camera is on, because that's the whole point of a video chat.
To be in danger, you must (1) download and run software that disables the green warning light. (2) not notice it - if you do a video chat and there is no green warning light, then your video chat is 100% safe, but you know the warning light is not working. And (3) make you run an app or go to a website that turns on your camera, and you won't notice.
The article and the exploit, yes. But are you seriously suggesting that nobody, ever, posted anything that has nothing to do with the discussion thread?
That's why I asked if this happened on a Mac.
And it doesn't seem that anybody knew about this being possible on a Mac.
Again, I don't think that's in evidence. There are plenty of things that go on on the internet's dark underbelly that the general population isn't aware of.
It's fine to ask if hleewell's incident happened on a Mac, but it's clear at this point that it can be done at least for older Macs and older OSes.
B
It has nothing to do with the OS, it has to do with that specific hardware. A slightly different hardware design would have made this hack impossible. Talking about "Internet's dark underbelly" is just pandering to paranoia. On the other hand, I have no idea what's going on with hardware and software on Windows PCs in that area, which are obviously a ten time bigger target, except the article mentions one manufacturer where it is actually a (rather idiotic) _feature_ of the camera that the light can be turned off.
Actually, versions of OS X with Gatekeeper provide an extra layer of protection against this kind of vector. (As long as it hasn't been turned off).
You clearly have no experience with either the intelligence community and/or the black hat/white hat communities. I've, unfortunately, experienced both.
B
I take it none of you all have watched Person of Interest? I have already accepted that anything with a camera or microphone in it is being recorded at all times and stored somewhere for use by the government. The telephone companies also work hand and hand with several agencies and give your calls over no questions asked. Not to mention your phone can be cloned within seconds. There are cameras in places you wouldn't even begin to suspect. It is part of life these days, you are being watched without your consent whether you like it or not. Don't do anything bad and you'll be okay.
I have a friend with a Silhouette machine for cutting vinyl. I had her make me a bunch of low tac vinyl stickers to cover all my cameras. When i need to use them I just peel the sticker off. Otherwise no camera, period.
Just go ahead there and "close the lid" on your iMac with iSight... Oh, and click your fingers to mute the mic while you're at it.
I'm a huge advocate for keeping a small piece colored tape over my webcam unless I'm actually using it. I've even done this with my cell phones camera (Front) too.
Guess I'm paranoid?
Guess I'm paranoid?