Slashdot Mirror
How a MacBook Camera Can Spy Without Lighting Up
New submitter ttyler writes "It turns out a MacBook's built-in camera can be activated without turning on the green LED. An earlier report suggested the FBI could activate a device's camera without having the light turn on, and there was a case in the news where a woman had nude pictures taken of her without her knowledge. The new research out of Johns Hopkins University confirms both situations are possible. All it takes are a few tweaks to the camera's firmware."
It's pretty simple: if you have a device with a camera, just cover the camera with a little black tape and tada, no more spying
Hmm... I stuck a piece of black electrical tape over mine when I got the MacBook.
Why can't I buy a webcam with a lens cover and no microphone, or a physical on/off switch for the microphone anymore? It's a conspiracy!
I was pretty convinced that I didn't have to put a post-it over my MacBook camera. Guess I'll go ahead and do it after all.
Because those are the ones they found the exploit with.
Surely firmware can not be updated/modified without user knowledge, am I wrong?
Since built in mics have been around much longer than built in webcams, no doubt they were hacked a long time ago. They have no way of alerting the users if they are active or not. Im sure many laptops, tablets, phones, game systems, cars electronics (like onstar & bluetooth) and even smart tv's have government spyware to record/monitor conversations and looking for keywords. Besides attaching a psychical switch yourself to a mic, not much you can do, a piece of tape wont help much.
Weren't people claiming macbook camera light indicator was on the same power source as the camera itself and that it was thus impossible to turn on the camera without turning on the light indicator? That's obviously not the case. Glad I stuck a postit in front of the lens. And people were calling me paranoid.
A lens cover would not be compatible with the Apple Aesthetic (TM)
I have an external iSight from way back, it actually does have a close-able lens
"goodbye and hello, as always" ~Prince Corwin, from Zelazny's Amber series
People sure are quick to blame apple for this. The camera is a just generic COTS module you can buy anywhere. You can literally buy them in bulk from thousands of vendors in china, some for less than a buck a piece. They're in everything from tablets to phones to laptops to TVs.
Is it really surprising someone figured out how to hack the firmware one one of them? The LED is probably just hanging off of a GPIO pin on whatever micro-controller drives the thing.
It probably would not be a bad idea to build the things to the light can't be programatically controlled independent of the camera sensor but that's probably not as easy as you'd think. These things are built to be as cheap as possible. That means the sensor, controller, and all other logic outside of power circuitry are integrated on to one silicon package. I'ts not like you could hang the LED off of the sensor's power line.
My HP doesn't have a built in camera. My mics are filled with caulking. When I need either, I plug in external.
that if you change the software that controls the light you can change the behavior! Shocking!
The Kruger Dunning explains most post on
Remember, the family that is spied on together, stays together in Stasi Germany ... uh, Soviet Amerikkka ...
Seriously, this spying on Americans stuff is getting way out of hand.
-- Tigger warning: This post may contain tiggers! --
Nude pictures? Where? Plse link.
I worked for Apple, their education department had an uproar when one school district was found to spying on the students via the iSight, the light never went on.
The school admitted they set it up that way.
They were spying on them at home, I wonder how many little kids got undressed in front of their iSights while someone watched.
http://en.wikipedia.org/wiki/Robbins_v._Lower_Merion_School_District
"If any question why we died, Tell them because our fathers lied."
There are a lot things you can do with "small tweaks to firmware".
Handheld digital cameras make a shutter noise, mandated by law, last I heard. In the case of webcams, the LED *should* be hardwired to the power supply for the camera. What happens when it goes on without notice and starts capturing nude photos of people, potentially minors? Yes, this IS the "think of the children" argument--but if it's going to be used, it might as well be used to the benefit of everyone (except those engaging in illegal surveillance).
The big companies do as they are told. They are either owned by extremely evil sociopaths (like Bill Gates), who believe that they are fundamentally more 'elite' than powerful politicians, bankers, generals, religious leaders, etc, or they are owned by people who know the cost of doing business at such a level means 'playing ball' with those that hold real power and influence.
In an age when Bill Gates spent TENS OF BILLIONS buying the state-of-the-art depth sensor companies that eventually gave Microsoft the ability to design and build the military grade 'time-of-flight' sensor used in the Kinect 2, all at the behest of NSA full surveillance ambitions, fiddling the software and hardware so the LED that accompanies the CCD camera is controlled in a completely independent way seems like comparing the achievement of an air-craft carrier with a pea-shooter.
However, it is all a never ending program of attacks against us, the general population. You are a serious sex criminal if you put a 'hidden' camera in the room used by your 'au pair', but when the government itself specifically distributes laptops at a high-school, so spyware can video your children in their own bedrooms, NO CRIME has been committed. They push to see how far they can go, and mainstream media outlets like Slashdot encourage you to offer no resistance, no matter how horrible their abuses become.
Normally, society works by EQUILIBRIUM. They push. We push. At some point, both forces are equal. Since the time of Tony Blair, all this has changed. Now so-called civilised nations in the West are supposed to INCREASE the amount they push each and every year, and each and every year we are supposed to walk backwards another mile. Notice the Blairite propaganda for the need for ever more laws, and the need for ever greater punishments for existing laws.
Tony Blair (the 'Putin of the UK, but far more powerful and influential than Putin) travels the world, calling for more state surveillance, more censorship, more laws, more severe punishments, far more organised religion in the lives of ordinary people, and far more military actions. Blair is 'god' for Gates, Obama, and other happy members of the actual far-Right, and the pseudo-liberal far-right.
To Team Blair, we are literal CATTLE, to be controlled, manipulated and used in whatever ways best suit the needs of those that call themselves the 'elite'. Does a farmer hesitate to practice full surveillance methods over his livestock when useful? Of course not.
The combined influence of the British and Americans over the rest of the planet is terrifying. If the British and Americans put on a united front, and say to the world "spy on your sheeple as far as your funds and technology allows, and gain and lasting better control over them in this way", not one nation will stand up and say "no, this is fundamentally evil". If, in the 19th century, Britain and the US had stood together in favour of slavery, Human slavery would be more widespread today than at any previous moment in Human History.
Blair knows how far the legacy of Britain's impact on recent Human events across these last centuries goes. He knows that as I type, all across Asia, Africa, the Middle East and East Europe, despotic regimes are saying "we can get away with this, because they do the same things today in the UK and USA".
Social engineering is now happening on a scale unthinkable even a decade back. Your children are subject to waves of abusive propaganda that would have made Winston Smith think he lived in a paradise of freedom by comparison. You are now told that it is fundamentally WRONG to allow people with non-state-approved opinions to be heard in public forums. The current front page of Digg is BOASTING how science forums on Reddit only allow Tony Blair approved opinions on matters of scientific 'fact'. And yet science, by definition, is the one area where the truth needs no sociological protection, so long as individual scientific voices are not suppressed. The scientific method requires debat
My previous laptop had an actual hardware killswitch that physically broke the connection between the camera and the USB bus, and a similar one for the wifi. My current one doesn't, it just has a key combination that disables the camera, presumably in software. This is stupid.
there was a case in the news where a woman had nude pictures taken of her without her knowledge
Pics or it didn't happen.
You should uninstall the camera's drivers/kernel modules.....
Same thing for USB and FireWire....
http://www.nsa.gov/ia/mitigation_guidance/security_configuration_guides/operating_systems.shtml
https://ssl.apple.com/support/security/guides/docs/SnowLeopard_Security_Config_v10.6.pdf
To remove kernel extensions for video hardware: /System/Library/Extensions folder. /Contents/PlugIns/ folder. /System/Library/Extensions /System/Library/Extensions /System/Library/) are deleted and rebuilt by Snow Leopard.
1 Open the
2 To remove support for the external iSight camera, drag the following file to the Trash:
Apple_iSight.kext
3 To remove support for the built-in iSight camera, Control-click IOUSBFamily.kext and
select Show Package Contents.
4 Open the
5 Drag the following file to the Trash:
AppleUSBVideoSupport.kext
6 Open Terminal and enter the following command:
$ sudo touch
The touch command changes the modified date of the
folder. When the folder has a new modified date, the Extension cache files
(located in
7 Choose Finder > Secure Empty Trash to delete the file
8 Reboot
Yeah, but you can't hear boobies. Useless hack.
Is it just my observation, or are there way too many stupid people in the world?
I can't really think of a time when I would want to be naked in front of my PC. While that doesn't excuse the invasion of privacy, it does suggest that some people are lacking in common sense. People generally wouldn't walk naked in front of a window with the blinds drawn, why do it in front of a powered-on PC?
Damn_registrars has no butt-hole. Damn_registrars has no use for a butt-hole.
Duct. Tape.
And also: "and there was a case in the news where a woman had nude pictures taken of her without her knowledge". Heh heh. Those zany FBI analysts...
Oliver's law of assumed responsibility: If you're seen fixing it, you will be blamed for breaking it.
We need a Godwin equivalent for when people use the "Think of the children" argument in an online discussion.
Why not just modify the code to return goatsx instead of blocking the ability to turn on the camera?
I'm a consultant - I convert gibberish into cash-flow.
Pics or it didn't happen.
with a little round bandage, like a nasty zit.
XB1 means the first xbox. X-Bone is the XB3.
Many IR receivers and transmitters, such as on remote controls, are covered by opaque black plastic. That black plastic is opaque to visible light, but transparent in infrared. CMOS cameras are very good at seeing in infrared. Therefore, a factory installed cover could APPEAR opaque but actually be transparent for spying purposes.
When I was a licensed private investigator I may have taken advantage of that fact.
Does it have to be black tape? I have a roll of grey tape, and some blue tape too, will these suffice?
So pretty much like owning any Apple device or device with a camera/microphone that has proprietary firmware or using a cell phone. Funny how all this privacy FUD returns when Microsoft does something, all that was old is new again.
It is almost as though people are completely ignorant of the fact that all of these conspiracy theories are already founded in well established products and in many cases have the additional component of tracking your movements! This is all simply perpetrated by console fanboys that use smartphones anyway. This isnt a defense of the practices just a point about the hypocrisy and ignorance the console fanboys exhibit in an effort to justify their decision to buy whatever console they bought or their decision not to buy one at all.
Becasue XBone sounds a bit rude, like boner. Or if you bone someone you fuck them over. so even though XBone itself doesn't mean anything bad on it's own, if you take it as "X" "Bone" instead of "XB" " One" it sort of implies some negative association (I guess).
Back in the mid 90's SGI's Indycam had a sliding cover over the camera sensor.
Let me demonstrate why you don't run an LED in-line with a sensor.
Now that *WAS* a pure clean audio signal before the LED was introduced. Notice the distortion? You're about to get something like that for your sensor. I've got rectification on the other side before it hits the speaker.
Anyone saying it would probably be more cost-effective and easier to do by hardwiring led and sensor to work at the same time (implying running in series) should go right ahead and try it. I hope you didn't pay much for your sensor.
I've got several different laptop webcams right here. Every LED has its own dedicated circuitry. Two from Macbooks, two from HPs, and a Toshiba.
Bet you 10:1 this has already been tried. If it worked, it would be the norm by now just for the extra bottom line.
Still waiting on Serviscope_minor to wake up to fucking reality and realize that Jessica Price isn't going to fuck him.
I think whoever makes a holographic Goatse lense cover will make a fortune.
Excuse me, but please get off my Pennisetum Clandestinum, eh!
...when I put a piece of black electrical tape over the webcam on my laptop and tablet. Ok, maybe I was being paranoid, but as we've all seen now: "Just because we're paranoid doesn't mean they're not out to get us." Sometimes I hate being right.
The whole point of calling something firmware is that the user shouldn't even know it's there and it's actually a piece of software and not hardwired electronics.
So how should the user have knowledge that something he shouldn't have knowledge of is being modified?
You really think you are important people don't you?
That anyone would love to "spy" on you...
Get over yourselves...
Is this about some hardware glitch, or about IT companies screwing their clients over privacy? (just a wild theory this last one, of course).
https://supporters.eff.org/shop/laptop-camera-cover-set
I have always felt like someone should create a Privacy stamp of approval or a way to certify that a product adheres to certain hardware specs regarding privacy.
Being approved by this group would allot you to stamp your product was found secure by a 3rd party group like this.
A product would have to use a mini relay or something like that to physically disconnect the connections from the camera and microphone of any device when its not in use, and when in use show that the connections are made with a LED light that is hard wired to the same relay, with no way to bypass in software.
You may use a physical shutter for the camera and some way to disconnect only the microphone, but have a 3rd party certify this would go a long way to have open security cameras in a room in my house etc, something I would never do with a security company able to watch you 24/7, but if when they watched a red light lit up very bright and could not be bypassed might work.
The first Apple webcam did feature a mechanical obturator, that closed the diaphragm in a very visible way (also shutting off the LED).
That was at the time cams were external and big (even though Apple's was twice smaller than the rest).
Now, Apple's way of doing is close to the tablets way: the cam just should not even be visible, and not bother me.
And I agree with that.
I'm not paranoid about the cam light being shut; I even sincerly think anyone spending time about this is wasting a time that would better be used to think about open source and linux alternatives to Apple.
Tell me about Mint vs Ubuntu, not about minuscule cam-LED features, I'll follow you more carefully...
Herve S.
Remember that DRM is for controlling people, not protecting them.
tomorrow who's gonna fuss
Thinkpad's have one for the wireless radios, why not put another one for the camera/mic. And while we are at it, put another switch for toggling between read-only and read-and-write for the BIOS.
Two switches that would cost nothing, but change the world of computing for the better.
If you point an IR light source, such as a remote control, at the camera from a few inches away it'll be visible DESPITE the IR filter. By analogy, dark sunglasses might filter out 80% of visible light, but that doesn't make the a flashlight invisible through sunglasses.
Every digital camera I've ever checked has an IR filter coating. Often, a cotton swab dipped in acetone can be used to wipe away the coating.
I'm not an electronics engineer, but I dunno. That seems a little harsh on apple; the camera and led could have different power sources for any one of many innocuous reasons. That said, if you're paranoid (like me), a nail and jeweler's hammer will make quick work of the camera, and then power sources don't matter much. If you don't want to damage it permanently, some electrical tape works great too.
Deja Moo: The distinct feeling that you've heard this bull before.
This is old news. If you were not aware that a camera could be turned on without the indicator light saying it is on then you are not as big of a geek, nerd or whatever you thought you were. For example the Logitech sdk has had the ability to control the indicator light for at least 13 years Check the doc here This does not really meet the newsworthy standard to me... although it proves that many don't know or have forgotten.
do you notice how dim the IR remote looks on the camera? you do realize that that ir remote is blasting a LOT of light so it is the same as if you can take a 3Watt flashlight and blast your face with sunglasses and see a dim light. they block 90-98% of the light. Go ahead, get a piece of Unexposed but developed 35mm film in front of your webcam and show me how it can see clearly, it cant not without a LOT of light in the room or you remote the IR filter.
Do not look at laser with remaining good eye.
I remember a few laptops having cameras with a feature like this. The camera had little clip which could slide a cover across the camera lense, similar to the closed lense on a digital camera.
I just tested more with my iPhone 5S. With the back camera, literally as close to the lens as I could get, I see nothing. With the front camera, the lights are visible from over a meter away. (Phone in one hand, remote in the other.)
My first digital camera was a 1.3MP unit in 1997. The last point-and-shoot I got was an 8MP one about 4 years ago. Those, and all in between, showed IR light as I describe. As did all iPhones before the 4S.
So all digital cameras might have *some* IR filtering, but some much more than others. To me, "IR filter" means does it filter out just enough to make pics look good in natural light, or do they also filter out strong IR beams.
Anyway, the OP's point was, plastic that "looks" black to humans can, in fact, let IR light through. (It's the stuff they mold onto the ends of remotes to make them look nice -- they've been doing that for over 20 years.) And many digital cameras can pick up that light. THAT is what we are discussing here.
Dear Slashdot: next time you want to mess with the site, add a rich-text editor for comments.
Especially considering that the firmware is loaded via a driver whenever the camera is activated (like many wireless chipsets), is this really news to anybody?
Your suggestions were the ones that dishonoured the dead and whichever branch of the US government you think murdered all of those people and planted aircraft wreckage on the site.
From the TFS' last link --> camera.pdf at the end of the abstract.
The LED driver could be altered so that it is driven through a buffer from the strobe line on the data bus. (not shown in block diagram) The buffer then is AC coupled to the LED. When the data strobe is toggling (data is being transferred) the LED lights up. When data is not being transferred the LED goes dark. Add a small parallel capacitor and the output drive of the buffer will easily keep the LED lit at 100% even if the strobe has a very low duty-cycle in it's active state.
This approach cannot be defeated since the data strobe (often referred to as dclk in the camera controller documentation) is a required active signal while the camera is active, and is static(not toggling) when no data is being transferred.
A similar trick can be used to indicate that the internal mic is active. Internal mics have a simple form of phantom power that is turned off when the mic is not in use. A simple transistor can be used to detect the presence of the mic power, and light an LED. Typically mic power is turned off in the hardware audio CODEC when the mic is not set as the source for input. Not doing so wastes power, and creates an undesirable source of noise at the input multiplexer of the audio CODEC.
This kind of security flaw is a consequence of the product engineer(s) not considering security at all when looking at the implementation. The project lead also didn't take a careful look at how STANDBY was implemented in the camera controller to see that it COULD be bypassed, as the camera controller device was designed to allow a free-running mode that ignores STANDBY.
Pics or it didn't happen
That's interesting that the two cams on the same device would be so different. One, a very effective IR filter and little to no filter on the other.
"Generality of results. We stress that our main result— disabling the iSight LED — only applies to the first generation internal iSight webcams and we make no claims of security or insecurity of later models, including the most recent (renamed) FaceTime cameras."
That is not a solution.
Simply reject privative software by defect and such things would not happen (without our knowledge).
You also can stick a cable between + and - symbol in the battery connector.
Any privacy issue would not appear again xD