Macbook webcams CAN spy on you - and you simply CAN'T TELL Security researchers have confirmed that MacBook webcams can spy on their users without the warning light being activated. Apple computers have a “hardware interlock” between the camera and the light that is supposed to ensure the camera can't be activated without alerting the user by lighting a tell-tale LED above the screen …
So, as usual, if there is programmable logic involved, all bets are off. This is something my Asus 1225B mini laptop gets right: Next to the built-in camera there is a all-mechanical slider, which puts an opaque shutter in front of the lens. The user-facing side of the shutter is light-colored so I can immediately see its state. Hack that!
Apple owners can emulate this advanced security feature with a piece of duct tape.
No need to be that drastic, your friends at 3M now offer electrical tape in over 30 designer colors that aid in the identification of wires and look great with any decor and when applied to consumer electronics. Visit your local home improvement store or find them online at 3M.com.
'3M, protecting your privacy with residue free surveillance management products for over 50 years'.
Why not simply wire an LED (including the appropriate resistor) in parallel with the camera's power supply? No stupid fancy logic; just a friggen wire.
This assumes that the computer turns off the camera's power supply when not in use. Which should be SOP anyway.
You've identified for yourself why they aren't done like that at the factory. Manufacturing costs don't calculate straightforward, at all. A part that costs $.04 might end up costing $.65 cents by the time it's installed especially if it's wired up (the wiring will probably be done manually, it's really hard to route wire by machine). That doesn't sound like much until you consider the tens of millions that will be produced every year. Reducing parts count by just one or two $.04 components equals many millions of dollars saved per year.
If you want to do it yourself go for it. It won't be hard unless you're wanting to offer it as a service for a few million of your friends :)
Some of them work in studios, so a scalpel, some tin foil and a wee touch of SprayMount will provide a very neat (though semi-permanent) solution.
Otherwise, this stuff http://www.maplin.co.uk/p/3-multi-purpose-magnetic-tape-19mm-x-5m-n77gb makes it very easy to make a opaque sliding mechanism.
"To defend against these and related threats, we build an OS X kernel extension, iSightDefender, which prohibits the modification of the iSight’s firmware from user space."
Whoa, you can reprogram the iSight firmware from userspace, that's a bit mad, I assume the next security update from Apple will plug that.
If I would expect to become a target of such shenanigans, frankly I'd be WAY more concerned about the built-in mic laptops tend to have these days - as noted, any cover takes care of the webcam, but there's no such guarantee about the mic, and that one doesn't even come with a warning light in the first place! Unless you expect to capture people constructing bombs in plain sight or counting suitcase-loads of money or evidence of some "adult action" or something, I'd think images won't do you all that much good. Listening to conversations, on the other hand...
I have discovered a 3.5mm jack plug inserted in the appropriate orifice disables the built in mike. Of course, it is pointless if you have a mike connected to the aforementioned 3.5mm jack. Personally I use aluminium foil over the webcam and an empty plug in the socket. Unobtrusive and aesthetic is the fruity orchard way.
Quite possibly. Mechanical switching for a microphone socket is just like that used for an earpiece - the tip of the plug displaces a contact in the socket to physically disconnect the onboard device. PC motherboards tend to do it with logic though - it's not so easy mechanically switching a 5.1 output using only the front panel jack. :-)
"...your sarcasm tag is ineffective because there is no opening one."
The point was a thing called humour. Maybe you should do a little research.
And I was not trying to write code that would parse in a compiler. I was saving it as a punchline to a joke. Punchlines are normally made at the end, not at the start.
Or are you claiming you typed <sarcasm> once in a post and still haven't turned it off yet?
can anyone shed light on why they'd design the LED to be programmable like that ?
I mean, sure the basic way you'd engineer a power LED, is to connect it in line with the power (in this case to the webcam). webcam gets power, led on. job done.
why on earth would you both to design electronics to make the two independent of each other UNLESS you wanted to be able to do such a thing ?
I can't say why it was designed that way but the generic reasoning would be to give more capabilities, and more flexible options, than a simple LED across the camera power supply gives.
For example the LED can be PWM controlled allowing it to be dimmed or brightened depending on ambient light levels, it can be flashed to indicate status, such as drawing attention to it if a physical shutter were closed and you were trying to use it. If taking still shots, the camera can be kept on and the LED flashed as each shot is taken.
Should the LED be on when the power is on or on only when the camera is in use? We can argue that all day long and not have a universal consensus. Arguably the best solution is that which allows either and that's likely what the designer decided to do.
Done this way the manufacturer or designer of the camera part doesn't have to worry about how the system integrator wants to use it or what they chose to use; they have all options available to them. If they want it to behave differently it's simply a firmware mod not a hardware redesign. In fact it allows old product to be upgraded to new functionality simply by uploading firmware to it. This would usually be seen as an advantage though in this case it also creates a problem.
All true. In that case... 2 LEDs, one programmable and one linked physically, in different colours? Surely that's not going to be a big cost overrun? Even in terms of styling/visibility, you could have one 'pinhole' with the 2 LEDs behind it so aesthetically it looks like 1 LED, but functionally you get the best of both security and convenience.
"I mean, sure the basic way you'd engineer a power LED, is to connect it in line with the power (in this case to the webcam). webcam gets power, led on. job done.
why on earth would you both to design electronics to make the two independent of each other UNLESS you wanted to be able to do such a thing ?"
Apple colluded with the NSA!
> why on earth would you both to design electronics to make the two independent of each other UNLESS you wanted to be able to do such a thing ?
Good answer from Jason above, but there's an even simpler answer: supply chain and manufacturing flexibility.
A combined LED & camera unit has to be custom manufactured to Apple's design so that the LED can be placed at the right distance from the camera. This makes the camera unit more specialised and less likely to be re-usable in another product, therefore more expensive.
Separate components can be sourced independently and are standard, off the shelf, therefore cheaper.
Supply chain was my reaction too. They sourced a camera. They sourced a LED. They sourced an MCU to link them together, job done.
What people seem to be glossing over here is that reprogramming the firmware is possible from USER SPACE. In any operating system this is a *massive* fail and is exactly the sort of system-wide damage that running in user space is designed to prevent. I would expect an OS patch to be forthcoming post haste.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
