(Image credit: tripu/Flickr)
Researchers have demonstrated the ability to remotely hack into a MacBook webcam without triggering the indicator light, a capability which the FBI has reportedly had for several years.
In August, it was revealed that the National Security Agency (NSA) calls on its employees to physically remove the built-in webcam from Apple laptops for security reasons.
The findings of the researchers, first reported on by The Washington Post, are especially interesting because Apple laptops have the indicator LED hardwired to the camera.
This hardwiring is designed to activate the light whenever the camera is activated, a feature that should prevent the remote activation of the webcam without the user’s knowledge.
The researchers looked at 2008 MacBooks and MacBook Pros, so it is unclear if the results also apply to today’s Apple laptops.
The researchers from Johns Hopkins University told the Post that “similar techniques could work on more recent computers from a wide variety of vendors.”
“In other words, if a laptop has a built-in camera, it’s possible someone — whether the federal government or a malicious 19 year old — could access it to spy on the user at any time,” the Post reports.
Stephen Checkoway, a computer scientist at Johns Hopkins who co-authored the study, found a way to remotely reprogram the iSight camera’s micro-controller chip that is supposed to establish a hardware-level interlock between the camera and the indicator light, according to The Verge.
The researchers provided the Post with a copy of their proof-of-concept software, demonstrating how the camera can be remotely activated without turning on the indicator light.
“People are starting to think about what happens when you can reprogram each of those,” said Charlie Miller, a security expert working for Twitter, referring to micro-controllers like the one attached to the iSight camera.
Miller cited an attack that could rapidly discharge Apple batteries via the micro-controller, which could potentially lead to a fire or even an explosion.
Using a similar method, another researcher demonstrated how the built-in Apple keyboard could be turned into spyware.
While the paper only cites the earlier generation of Apple products, Miller contends that similar attacks could apply to new Apple systems.
“There’s no reason you can’t do it — it’s just a lot of work and resources but it depends on how well [Apple] secured the hardware,” Miller said to the Post.
Apple did not reply to the Post’s requests for comment, but what is more troubling is the response the researchers received from company representatives.
“Apple employees followed up several times but did not inform us of any possible mitigation plans,” the researchers wrote in the study.
While Apple supposedly has the indicator light hardwired to the camera, many others do not offer such a feature.
“Logitech cameras, for example, have a software-controlled LED,” Ars Technica reports. However, this is designed to work with a software feature that allows them to be used as motion-activated security cameras.
“Whether this design makes sense for most users, given the apparent abundance of surreptitious webcam-based spying, is less clear,” notes Peter Bright for Ars Technica.
On a positive note, secure designs for the indicator light are indeed possible but software-mediated hardware interlocks for indicator lights remain vulnerable.
Ars sums it up quite rightly in saying, “When it comes to protecting against webcam spying, you should ignore the technology and simply tape over the camera.”
