fbpx
Connect with us

The Daily Sheeple

Researchers show MacBook webcams can be hijacked without turning on indicator light

“In other words, if a laptop has a built-in camera, it’s possible someone — whether the federal government or a malicious 19 year old — could access it to spy on the user at any time,”

Crime/Police State

Researchers show MacBook webcams can be hijacked without turning on indicator light



older-MacBook-pro-300x225

Researchers have demonstrated the ability to remotely hack into a MacBook webcam without triggering the indicator light, a capability which the FBI has reportedly had for several years.

In August, it was revealed that the National Security Agency (NSA) calls on its employees to physically remove the built-in webcamfrom Apple laptops for security reasons.

The findings of the researchers, first reported on by The Washington Post, are especially interesting because Apple laptops have the indicator LED hardwired to the camera.

This hardwiring is designed to activate the light whenever the camera is activated, a feature that should prevent the remote activation of the webcam without the user’s knowledge.

The researchers looked at 2008 MacBooks and MacBook Pros, so it is unclear if the results also apply to today’s Apple laptops.

The researchers from Johns Hopkins University told the Post that “similar techniques could work on more recent computers from a wide variety of vendors.”

“In other words, if a laptop has a built-in camera, it’s possible someone — whether the federal government or a malicious 19 year old — could access it to spy on the user at any time,” the Post reports.

Stephen Checkoway, a computer scientist at Johns Hopkins who co-authored the study, found a way to remotely reprogram the iSight camera’s micro-controller chip that is supposed to establish a hardware-level interlock between the camera and the indicator light, according to The Verge.

The researchers provided the Post with a copy of their proof-of-concept software, demonstrating how the camera can be remotely activated without turning on the indicator light.

“People are starting to think about what happens when you can reprogram each of those,” said Charlie Miller, a security expert working for Twitter, referring to micro-controllers like the one attached to the iSight camera.

Miller cited an attack that could rapidly discharge Apple batteries via the micro-controller, which could potentially lead to a fire or even an explosion.

Using a similar method, another researcher demonstrated how the built-in Apple keyboard could be turned into spyware.

While the paper only cites the earlier generation of Apple products, Miller contends that similar attacks could apply to new Apple systems.

“There’s no reason you can’t do it — it’s just a lot of work and resources but it depends on how well [Apple] secured the hardware,” Miller said to the Post.

Apple did not reply to the Post’s requests for comment, but what is more troubling is the response the researchers received from company representatives.

“Apple employees followed up several times but did not inform us of any possible mitigation plans,” the researchers wrote in the study.

While Apple supposedly has the indicator light hardwired to the camera, many others do not offer such a feature.

“Logitech cameras, for example, have a software-controlled LED,” Ars Technica reports. However, this is designed to work with a software feature that allows them to be used as motion-activated security cameras.

“Whether this design makes sense for most users, given the apparent abundance of surreptitious webcam-based spying, is less clear,” notes Peter Bright for Ars Technica.

On a positive note, secure designs for the indicator light are indeed possible but software-mediated hardware interlocks for indicator lights remain vulnerable.

Ars sums it up quite rightly in saying, “When it comes to protecting against webcam spying, you should ignore the technology and simply tape over the camera.”

Delivered by The Daily Sheeple

We encourage you to share and republish our reports, analyses, breaking news and videos (Click for details).


Contributed by End The Lie of End the Lie.

End the Lie was founded in 2011 with the goal of publishing the latest in alternative news from a wide variety of perspectives on events in the United States and around the world. For more information, find End the Lie on Twitter and Facebook or check out our homepage.

End the Lie was founded in 2011 with the goal of publishing the latest in alternative news from a wide variety of perspectives on events in the United States and around the world. For more information, find End the Lie on Twitter and Facebook or check out our homepage.

Click to comment

More in Crime/Police State

Advertisement
Top Tier Gear USA
To Top