Feeds

back to article Macbook webcams CAN spy on you - and you simply CAN'T TELL

Security researchers have confirmed that MacBook webcams can spy on their users without the warning light being activated. Apple computers have a “hardware interlock” between the camera and the light that is supposed to ensure the camera can't be activated without alerting the user by lighting a tell-tale LED above the screen. …

COMMENTS

This topic is closed for new posts.

Page:

Anonymous Coward

So?

Can this bypass that key bit of black tape that most people I know stick over the cameras built into their devices?

If not then this is purely an exercise for those who really have nothing better to do.

4
9
Silver badge
Thumb Down

Re: So?

HERPERS DERPERS! YOU A GENIUS!

3
1
Anonymous Coward

Re: So?

Yes because the cameras are secretly able to operate in infrared which can penetrate the tape.

Then there's the matter of the built-in microphones (including any hidden ones) with no indicators at all capable of recording even through the case: hole or no hole.

3
1
Silver badge

Re: So?

To be honest, if someone has pwned your system enough to be able to reprogram your webcam's firmware then the fact that they can see you gurning at the monitor is probably the least of your worries.

6
1
Silver badge

Re: So?

It's not particularly secret that digital cameras can see infrared, is it? That's why you can use your phone to test whether the batteries have run out in your remote control.

1
0
Silver badge

Re: So?

It isn't as if a researcher isn't quoted in the article as saying "“The safest thing to do is to put a piece of tape on your camera,” is it? Oh, wait ...

Read the whole article before running to your keyboard.

1
0
Joke

>Macbook webcams CAN spy on you - and you simply CAN'T TELL

Ah ok - I'm not saying a word to anyone....

8
0
Bronze badge

There's a trick for that

Duct tape to the rescue. Again.

1
1
Bronze badge

Re: There's a trick for that

What???

All this time I've been using post-it notes and nobody told me!

0
0
Anonymous Coward

Re: There's a trick for that

> All this time I've been using post-it notes and nobody told me!

The trouble with using post-it notes is that the camera can then read the password written on the back!

1
0
Bronze badge

Nothing beats a physical shutter

So, as usual, if there is programmable logic involved, all bets are off. This is something my Asus 1225B mini laptop gets right: Next to the built-in camera there is a all-mechanical slider, which puts an opaque shutter in front of the lens. The user-facing side of the shutter is light-colored so I can immediately see its state. Hack that!

Apple owners can emulate this advanced security feature with a piece of duct tape.

6
0
Silver badge
Coat

Re: Nothing beats a physical shutter

For the Apple owners we could suggest some Tippex ( white-out)

2
0
Silver badge

Re: Nothing beats a physical shutter

No need to be that drastic, your friends at 3M now offer electrical tape in over 30 designer colors that aid in the identification of wires and look great with any decor and when applied to consumer electronics. Visit your local home improvement store or find them online at 3M.com.

'3M, protecting your privacy with residue free surveillance management products for over 50 years'.

11
0

Re: Nothing beats a physical shutter

Electrical tape? But that will run down my battery!

:)

1
0
Silver badge
Pint

Re: Nothing beats a physical shutter

Why not simply wire an LED (including the appropriate resistor) in parallel with the camera's power supply? No stupid fancy logic; just a friggen wire.

This assumes that the computer turns off the camera's power supply when not in use. Which should be SOP anyway.

1
0
Silver badge
Happy

Re: Nothing beats a physical shutter

You've identified for yourself why they aren't done like that at the factory. Manufacturing costs don't calculate straightforward, at all. A part that costs $.04 might end up costing $.65 cents by the time it's installed especially if it's wired up (the wiring will probably be done manually, it's really hard to route wire by machine). That doesn't sound like much until you consider the tens of millions that will be produced every year. Reducing parts count by just one or two $.04 components equals many millions of dollars saved per year.

If you want to do it yourself go for it. It won't be hard unless you're wanting to offer it as a service for a few million of your friends :)

0
0
g e
Silver badge

Yeah but it's a Mac

So unless you can find really expensive super trendy tape no-one's going to do THAT to their prized look at me gadget. Plus you have to then answer people saying 'what's that stuck on your 'puter?

'Oh, errr, people can spy on you using your Macbook camera'

3
4
Silver badge

Re: Yeah but it's a Mac

I suggest you look up the iPatch (no, I'm not kidding). There are about a quintillion equivalent products as far as I can tell. So duct tape not necessary unless you aim specifically for ghetto aesthetics...

0
0
Silver badge

Re: Yeah but it's a Mac

Some of them work in studios, so a scalpel, some tin foil and a wee touch of SprayMount will provide a very neat (though semi-permanent) solution.

Otherwise, this stuff http://www.maplin.co.uk/p/3-multi-purpose-magnetic-tape-19mm-x-5m-n77gb makes it very easy to make a opaque sliding mechanism.

1
0
Bronze badge

Re: Otherwise, this stuff

I think this might be better for muffling the microphone.

0
0
Anonymous Coward

If you have to reprogram the firmware then it's not exactly a trivial hack is it?

5
9
Anonymous Coward

Oh it is for the majority of l337s that lurk here apparently...

3
5
Silver badge

It's fairly trivial if you can reflash the iSight camera's firmware in userspace. Give me a week and even I could probably figure out a way to do that.

1
0
WTF?

Did you miss this bit:

"To defend against these and related threats, we build an OS X kernel extension, iSightDefender, which prohibits the modification of the iSight’s firmware from user space."

Whoa, you can reprogram the iSight firmware from userspace, that's a bit mad, I assume the next security update from Apple will plug that.

1
0

Hey here's a new one.

Y'know that camera and speaker on your phone? The only thing between them and the internetwebs in North Korea is a shaky piece of software.

We're all doomed.

4
0
Silver badge

There's only so much surveillance you can get down the country's solitary V90 modem....Not too worried.

3
0

So

who's surprised ?

0
0
Anonymous Coward

FireWire iSight

The old FireWire iSight never had this problem.

1
0
Anonymous Coward

i spy

You're the Apple of their i

4
0
Silver badge

If I would expect to become a target of such shenanigans, frankly I'd be WAY more concerned about the built-in mic laptops tend to have these days - as noted, any cover takes care of the webcam, but there's no such guarantee about the mic, and that one doesn't even come with a warning light in the first place! Unless you expect to capture people constructing bombs in plain sight or counting suitcase-loads of money or evidence of some "adult action" or something, I'd think images won't do you all that much good. Listening to conversations, on the other hand...

7
0

I have discovered a 3.5mm jack plug inserted in the appropriate orifice disables the built in mike. Of course, it is pointless if you have a mike connected to the aforementioned 3.5mm jack. Personally I use aluminium foil over the webcam and an empty plug in the socket. Unobtrusive and aesthetic is the fruity orchard way.

2
0
142

re: I have discovered a 3.5mm jack plug inserted in the appropriate...

Is this a hardware function or a firmware/software function, though? I suspect it's the latter.

2
0
Bronze badge

Re: Is this a hardware function

Quite possibly. Mechanical switching for a microphone socket is just like that used for an earpiece - the tip of the plug displaces a contact in the socket to physically disconnect the onboard device. PC motherboards tend to do it with logic though - it's not so easy mechanically switching a 5.1 output using only the front panel jack. :-)

0
0
Happy

so, older hyardware need not apply.

I'm glad I have a laptop with no user facing camera. And no, not even on my phone. I can plug one in. That's much better

And, yes, I'm feeling smug

2
3

But it is a Mac

Everyone knows that Macs are bullet proof to the point of not needing any Antivirus.

</sarcasm>

4
2
Anonymous Coward

Re: But it is a Mac

You posted to the wrong forum/topic and your sarcasm tag is ineffective because there is no opening one.

Also my Windows 7 has been running just fine without AV for years now so what is your point ?

2
4
Linux

Re: But it is a Mac

The point is sarcasm! Did you miss it?

2
0

Re: But it is a Mac

"...your sarcasm tag is ineffective because there is no opening one."

The point was a thing called humour. Maybe you should do a little research.

And I was not trying to write code that would parse in a compiler. I was saving it as a punchline to a joke. Punchlines are normally made at the end, not at the start.

Or are you claiming you typed <sarcasm> once in a post and still haven't turned it off yet?

0
0
Silver badge
Black Helicopters

Pretty sure the next thing will be motherboards with various "pressure sensors" needed during "testing" that someone "forgot" to remove during the production run. And which just happen to be queryable from WebGL libraries.

Yeah.

0
0
Devil

So, it can be done....

...but you have to be a frickin genius to do this

0
3
Silver badge

Re: So, it can be done....

These days: Genius == Able to do more with a computer than read Facebouque

4
0
Bronze badge

weird design decision

can anyone shed light on why they'd design the LED to be programmable like that ?

I mean, sure the basic way you'd engineer a power LED, is to connect it in line with the power (in this case to the webcam). webcam gets power, led on. job done.

why on earth would you both to design electronics to make the two independent of each other UNLESS you wanted to be able to do such a thing ?

13
1
Bronze badge

Re: weird design decision

I can't say why it was designed that way but the generic reasoning would be to give more capabilities, and more flexible options, than a simple LED across the camera power supply gives.

For example the LED can be PWM controlled allowing it to be dimmed or brightened depending on ambient light levels, it can be flashed to indicate status, such as drawing attention to it if a physical shutter were closed and you were trying to use it. If taking still shots, the camera can be kept on and the LED flashed as each shot is taken.

Should the LED be on when the power is on or on only when the camera is in use? We can argue that all day long and not have a universal consensus. Arguably the best solution is that which allows either and that's likely what the designer decided to do.

Done this way the manufacturer or designer of the camera part doesn't have to worry about how the system integrator wants to use it or what they chose to use; they have all options available to them. If they want it to behave differently it's simply a firmware mod not a hardware redesign. In fact it allows old product to be upgraded to new functionality simply by uploading firmware to it. This would usually be seen as an advantage though in this case it also creates a problem.

3
0
Silver badge

Re: weird design decision

All true. In that case... 2 LEDs, one programmable and one linked physically, in different colours? Surely that's not going to be a big cost overrun? Even in terms of styling/visibility, you could have one 'pinhole' with the 2 LEDs behind it so aesthetically it looks like 1 LED, but functionally you get the best of both security and convenience.

2
1
Anonymous Coward

Re: weird design decision

"I mean, sure the basic way you'd engineer a power LED, is to connect it in line with the power (in this case to the webcam). webcam gets power, led on. job done.

why on earth would you both to design electronics to make the two independent of each other UNLESS you wanted to be able to do such a thing ?"

Apple colluded with the NSA!

3
2
Anonymous Coward

Re: weird design decision

"This would usually be seen as an advantage though in this case it also creates a problem."

A Rather huge one too!

1
0
Bronze badge

Re: weird design decision

"you could have one 'pinhole' with the 2 LEDs behind it so aesthetically it looks like 1 LED"

..or you could just use bi-color (or even rgb) LED and wire one colour across the power and remaining under firmware control.

2
0
Anonymous Coward

Re: weird design decision

> why on earth would you both to design electronics to make the two independent of each other UNLESS you wanted to be able to do such a thing ?

Good answer from Jason above, but there's an even simpler answer: supply chain and manufacturing flexibility.

A combined LED & camera unit has to be custom manufactured to Apple's design so that the LED can be placed at the right distance from the camera. This makes the camera unit more specialised and less likely to be re-usable in another product, therefore more expensive.

Separate components can be sourced independently and are standard, off the shelf, therefore cheaper.

0
0
FAIL

Re: weird design decision

Supply chain was my reaction too. They sourced a camera. They sourced a LED. They sourced an MCU to link them together, job done.

What people seem to be glossing over here is that reprogramming the firmware is possible from USER SPACE. In any operating system this is a *massive* fail and is exactly the sort of system-wide damage that running in user space is designed to prevent. I would expect an OS patch to be forthcoming post haste.

0
0
Bronze badge
Joke

iSheild?

Available from my website....?

P>

0
0

Page:

This topic is closed for new posts.