Older Mac webcams can spy on you, but don't tape yours over until you read this

Older MacBook webcams can spy on you, but don't tape yours over until you read this

Two researchers at Johns Hopkins University published a paper that has recently been widely reported throughout the Mac blogosphere. They claim to have been able to hack the webcam on older MacBook and iMac computers so the camera worked without activating the green LED. Don't tape over your webcam yet, though. I've had a look over the paper, and it's not as bad as you might think.

First some background: Normally the indicator LED and the camera are mated together using a hardware interlock, so whenever the camera is on, the LED is activated. Matthew Brocker and Stephen Checkoway say they figured out a way to circumvent that interlock by reprogramming a microcontroller built into the iSight camera's circuitry. What's more, they've also developed an OS X kernel extension which fixes the exploit.

It's important to understand, first of all, that the exploit as described is specific to the circuitry of older Macs. According to the researchers, it can be found in "previous generation Apple products including the iMac G5 and early Intel-based iMacs, MacBooks, and MacBook Pros until roughly 2008."

The researchers have developed a proof of concept that shows how it can work, but they're quick to admit that it's not easy to get an unsuspecting user to install it. And Apple's decision to "sandbox" applications in recent versions of OS X provides an additional layer of security. Checkoway has published the source code for a fix.

Brocker and Checkoway say they contacted Apple about the exploit in mid-July; they've heard back from Apple employees but haven't been told of any specific plans to fix it.

In reporting on Brocker and Checkoway's exploit, the Washington Post quotes security researcher Charlie Miller who suggests that later Macs may be subject to an exploit as well. But Miller offered no proof whatsoever that any newer Macs have been compromised, just a vague suggestion that it could be done depending on "how well [Apple] secured the hardware."

If you don't know where an app is from or what it does, for goodness' sake, don't install it.

To that end, Apple's Gatekeeper software, built into recent versions of OS X, offers some level of protection for you - ordinarily it'll only allow software that's been downloaded from the Mac App Store or from a developer who's registered a certificate with Apple. You'd have to change your Security & Privacy system preference settings to "Allow apps downloaded from anywhere" to install it. And if you've installed software on your Mac before, you're probably familiar with the dialog box that requires you to enter an administrator password to make changes - another stumbling block against casual installation.

If you're using an older machine and you are worried that someone is spying on you, well, a piece of masking or electrical tape over the iSight camera will work too.

Bottom line: Use common sense when installing software you've downloaded from the Internet and you should be okay.

Peter Cohen

Managing Editor of iMore, Mac and gaming specialist and all-around technologist. Follow him on Twitter @flargh

More Posts

 

17
loading...
52
loading...
84
loading...
0
loading...

← Previously

AirServer update lets you record, save video from your iOS device

Next up →

Check WeatherPro from your lockscreen, integrate "personal weather stations"

Reader comments

Older Mac webcams can spy on you, but don't tape yours over until you read this

16 Comments
Sort by Rating

The NSA could be watching us right now (Like the Chinese government is suspected to have been spying on the Tibetans). Everybody! Put your clothes back on!
xP

Oh noes! The NSA just watched me take a sip of my Dr. Pepper. Joke's on them - it was actually in a Pepsi cup. Oh no, I've said too much! Aaaaahhh!

The camera is also used as a light sensor to control the brightness of your screen so covering it will prevent automatic screen brightness adjustments.

...and if Charlie Miller were to offer specifics, he'd be justly pilloried here for enabling breaches. Instead, his statement is minimized, if not outright dismissed. The man is no fear mongerer; he has a proven track record of finding and demonstrating vulnerabilities in hardware and software, and not just in OSX. His suggestions deserve better than a scoffing dismissal.

Sent from the iMore App

Except, because Apple purposely obsoletes their computers, none of those older computers can run anything past 10.6. 10.6 doesn't have sandboxing.

My vintage 2008 24" iMac is currently running Mavericks 10.9.1 just fine. It's a bit slow compared to the newer Macs, of course, but it has no problem running it. I don't know about Macs that are older than mine, tho.

@toddtmw
What a load of rubbish! Apple has very high life-expectency products - among the leaders in the computer industry. My MacPro (2008) has Mavericks and still runs more than decently. But even without Mavericks it would by no means be obsolete.

I have an original white Intel Core Duo iMac and a 15" Intel Core 2 Duo Macbook Pro that are unable to run the latest OS.

The white iMac lost when Apple decided that Core 2 Duo was required for 10.7.

The MBP lost when Apple dropped 32-bit processor support in 10.8.

Both of these machines are very usable otherwise, but cannot use the latest updates from Apple.
[Edit: Added "in 10.8" to the MBP Lost sentence]

Few..... I can take the tape off now. So glad you guys dig deep and get the real story. Some stories can be so blown out of portion. Thanks for the details!

Sent from the iMore App

Just want to add something --
Bottom Line: Use common sense when installing software you've downloaded from the Internet "especially when surfing for !0&#" and you should be okay. =P