Slashdot Mirror
How a MacBook Camera Can Spy Without Lighting Up
New submitter ttyler writes "It turns out a MacBook's built-in camera can be activated without turning on the green LED. An earlier report suggested the FBI could activate a device's camera without having the light turn on, and there was a case in the news where a woman had nude pictures taken of her without her knowledge. The new research out of Johns Hopkins University confirms both situations are possible. All it takes are a few tweaks to the camera's firmware."
It's pretty simple: if you have a device with a camera, just cover the camera with a little black tape and tada, no more spying
Hmm... I stuck a piece of black electrical tape over mine when I got the MacBook.
Drive a sharp nail into the mic port should solve one of your problems.
---- Booth was a patriot ----
I was pretty convinced that I didn't have to put a post-it over my MacBook camera. Guess I'll go ahead and do it after all.
A lens cover would not be compatible with the Apple Aesthetic (TM)
Surely firmware can not be updated/modified without user knowledge, am I wrong?
Since built in mics have been around much longer than built in webcams, no doubt they were hacked a long time ago. They have no way of alerting the users if they are active or not. Im sure many laptops, tablets, phones, game systems, cars electronics (like onstar & bluetooth) and even smart tv's have government spyware to record/monitor conversations and looking for keywords. Besides attaching a psychical switch yourself to a mic, not much you can do, a piece of tape wont help much.
I see nothing in the article to indicate that later models are any more secure. This particular software may not work with them, but I have no confidence that they can't be hacked the same way.
Weren't people claiming macbook camera light indicator was on the same power source as the camera itself and that it was thus impossible to turn on the camera without turning on the light indicator? That's obviously not the case. Glad I stuck a postit in front of the lens. And people were calling me paranoid.
A lens cover would not be compatible with the Apple Aesthetic (TM)
I have an external iSight from way back, it actually does have a close-able lens
"goodbye and hello, as always" ~Prince Corwin, from Zelazny's Amber series
that if you change the software that controls the light you can change the behavior! Shocking!
The Kruger Dunning explains most post on
Remember, the family that is spied on together, stays together in Stasi Germany ... uh, Soviet Amerikkka ...
Seriously, this spying on Americans stuff is getting way out of hand.
-- Tigger warning: This post may contain tiggers! --
I worked for Apple, their education department had an uproar when one school district was found to spying on the students via the iSight, the light never went on.
The school admitted they set it up that way.
They were spying on them at home, I wonder how many little kids got undressed in front of their iSights while someone watched.
http://en.wikipedia.org/wiki/Robbins_v._Lower_Merion_School_District
"If any question why we died, Tell them because our fathers lied."
There are a lot things you can do with "small tweaks to firmware".
Handheld digital cameras make a shutter noise, mandated by law, last I heard. In the case of webcams, the LED *should* be hardwired to the power supply for the camera. What happens when it goes on without notice and starts capturing nude photos of people, potentially minors? Yes, this IS the "think of the children" argument--but if it's going to be used, it might as well be used to the benefit of everyone (except those engaging in illegal surveillance).
It is a conspiracy, to make your laptop cheaper by getting rid fo rarely used doo dads (like mic switches)
The only other thing I would add is if you're not clever enough to figured out how to disable then you aren't doing anything the NSA cares about.
"If any question why we died, Tell them because our fathers lied."
The big companies do as they are told. They are either owned by extremely evil sociopaths (like Bill Gates), who believe that they are fundamentally more 'elite' than powerful politicians, bankers, generals, religious leaders, etc, or they are owned by people who know the cost of doing business at such a level means 'playing ball' with those that hold real power and influence.
In an age when Bill Gates spent TENS OF BILLIONS buying the state-of-the-art depth sensor companies that eventually gave Microsoft the ability to design and build the military grade 'time-of-flight' sensor used in the Kinect 2, all at the behest of NSA full surveillance ambitions, fiddling the software and hardware so the LED that accompanies the CCD camera is controlled in a completely independent way seems like comparing the achievement of an air-craft carrier with a pea-shooter.
However, it is all a never ending program of attacks against us, the general population. You are a serious sex criminal if you put a 'hidden' camera in the room used by your 'au pair', but when the government itself specifically distributes laptops at a high-school, so spyware can video your children in their own bedrooms, NO CRIME has been committed. They push to see how far they can go, and mainstream media outlets like Slashdot encourage you to offer no resistance, no matter how horrible their abuses become.
Normally, society works by EQUILIBRIUM. They push. We push. At some point, both forces are equal. Since the time of Tony Blair, all this has changed. Now so-called civilised nations in the West are supposed to INCREASE the amount they push each and every year, and each and every year we are supposed to walk backwards another mile. Notice the Blairite propaganda for the need for ever more laws, and the need for ever greater punishments for existing laws.
Tony Blair (the 'Putin of the UK, but far more powerful and influential than Putin) travels the world, calling for more state surveillance, more censorship, more laws, more severe punishments, far more organised religion in the lives of ordinary people, and far more military actions. Blair is 'god' for Gates, Obama, and other happy members of the actual far-Right, and the pseudo-liberal far-right.
To Team Blair, we are literal CATTLE, to be controlled, manipulated and used in whatever ways best suit the needs of those that call themselves the 'elite'. Does a farmer hesitate to practice full surveillance methods over his livestock when useful? Of course not.
The combined influence of the British and Americans over the rest of the planet is terrifying. If the British and Americans put on a united front, and say to the world "spy on your sheeple as far as your funds and technology allows, and gain and lasting better control over them in this way", not one nation will stand up and say "no, this is fundamentally evil". If, in the 19th century, Britain and the US had stood together in favour of slavery, Human slavery would be more widespread today than at any previous moment in Human History.
Blair knows how far the legacy of Britain's impact on recent Human events across these last centuries goes. He knows that as I type, all across Asia, Africa, the Middle East and East Europe, despotic regimes are saying "we can get away with this, because they do the same things today in the UK and USA".
Social engineering is now happening on a scale unthinkable even a decade back. Your children are subject to waves of abusive propaganda that would have made Winston Smith think he lived in a paradise of freedom by comparison. You are now told that it is fundamentally WRONG to allow people with non-state-approved opinions to be heard in public forums. The current front page of Digg is BOASTING how science forums on Reddit only allow Tony Blair approved opinions on matters of scientific 'fact'. And yet science, by definition, is the one area where the truth needs no sociological protection, so long as individual scientific voices are not suppressed. The scientific method requires debat
Why can't I buy a webcam with a lens cover and no microphone, or a physical on/off switch for the microphone anymore?
I wouldn't trust the switch to actually turn off the microphone any more than I trust the switch that supposedly turns off the WiFi and Bluetooth to actually do so (rather than tell the software to not use them - for the normal stack.)
Even if it DID physically turn off the Microphone, remember that the speakers built into a typical laptop can also act as microphones. If the chip driving them is designed appropriately it can have a stealth listen-through-the-speakers mode.
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
Nope, because stupid people incapable of fully understanding technology never do anything that would get them in trouble, even if it were morally/ethically correct (see whistleblowers). And also, the NSA would only *ever* spy on people were Terrorists and Child Molesters. They'd never collect information on every American citizen they could.
My HP doesn't have a built in camera. My mics are filled with caulking. When I need either, I plug in external.
But that's only the mics you know about. One of those things that looks like a capacitor on your motherboard is actually a secret NSA microphone. It's wired in with one of the inside-layer traces on the motherboard so no one has detected it yet.
My HP doesn't have a built in camera. My mics are filled with caulking. When I need either, I plug in external.
But that's only the mics you know about. One of those things that looks like a capacitor on your motherboard is actually a secret NSA microphone. It's wired in with one of the inside-layer traces on the motherboard so no one has detected it yet.
...and then there's the ultrasonic emitter built right into the SoC with the baked-in communications and execution firmware....
That's OK. You know that filling you had replaced last year?
Faster! Faster! Faster would be better!
Why go with that when you can embed a cell modem into the CPU?
You should uninstall the camera's drivers/kernel modules.....
Same thing for USB and FireWire....
http://www.nsa.gov/ia/mitigation_guidance/security_configuration_guides/operating_systems.shtml
https://ssl.apple.com/support/security/guides/docs/SnowLeopard_Security_Config_v10.6.pdf
To remove kernel extensions for video hardware: /System/Library/Extensions folder. /Contents/PlugIns/ folder. /System/Library/Extensions /System/Library/Extensions /System/Library/) are deleted and rebuilt by Snow Leopard.
1 Open the
2 To remove support for the external iSight camera, drag the following file to the Trash:
Apple_iSight.kext
3 To remove support for the built-in iSight camera, Control-click IOUSBFamily.kext and
select Show Package Contents.
4 Open the
5 Drag the following file to the Trash:
AppleUSBVideoSupport.kext
6 Open Terminal and enter the following command:
$ sudo touch
The touch command changes the modified date of the
folder. When the folder has a new modified date, the Extension cache files
(located in
7 Choose Finder > Secure Empty Trash to delete the file
8 Reboot
*I'ts not like you could hang the LED off of the sensor's power line.*
You could if the silicon was designed to allow it (ie: like in old webcams)
I've got better things to do tonight than die.
Yeah, but you can't hear boobies. Useless hack.
Is it just my observation, or are there way too many stupid people in the world?
Stupid people should be caught is the message I'm sending.
"If any question why we died, Tell them because our fathers lied."
I can't really think of a time when I would want to be naked in front of my PC. While that doesn't excuse the invasion of privacy, it does suggest that some people are lacking in common sense. People generally wouldn't walk naked in front of a window with the blinds drawn, why do it in front of a powered-on PC?
Damn_registrars has no butt-hole. Damn_registrars has no use for a butt-hole.
Should be? Why should a whistleblower be caught (this implies punishment) if they make a mistake? I wish I'd made my comment without the word "stupid" in it. In fact, read it again, without that word.
Duct. Tape.
And also: "and there was a case in the news where a woman had nude pictures taken of her without her knowledge". Heh heh. Those zany FBI analysts...
Oliver's law of assumed responsibility: If you're seen fixing it, you will be blamed for breaking it.
My previous laptop had an actual hardware killswitch that physically broke the connection between the camera and the USB bus, and a similar one for the wifi. My current one doesn't, it just has a key combination that disables the camera, presumably in software. This is stupid.
I'm actually wondering why this (a physical kill switch) isn't a required thing by businesses such as, oh, gyms, and companies concerned about corporate espionage. Awhile back there was a push in some companies to only issue company phones without cameras, but that seems to have fallen by the wayside.
Oliver's law of assumed responsibility: If you're seen fixing it, you will be blamed for breaking it.
"Nope, because people incapable of fully understanding technology never do anything that would get them in trouble, even if it were morally/ethically correct (see whistleblowers). And also, the NSA would only *ever* spy on people were Terrorists and Child Molesters. They'd never collect information on every American citizen they could."
Well there's still that part about "incapable of fully understanding"
So...
""Nope, because people never do anything that would get them in trouble, even if it were morally/ethically correct (see whistleblowers). And also, the NSA would only *ever* spy on people were Terrorists and Child Molesters. They'd never collect information on every American citizen they could.""
And now it just seems silly and a waste of time.
"If any question why we died, Tell them because our fathers lied."
We need a Godwin equivalent for when people use the "Think of the children" argument in an online discussion.
Do you fully understand the ramification of every component, in every piece of technology you use? You may, but can you guarantee that everyone else does? Do you hire Chipworks to dissect every chip you intend to use?
Why not just modify the code to return goatsx instead of blocking the ability to turn on the camera?
I'm a consultant - I convert gibberish into cash-flow.
Pics or it didn't happen.
Let us consider that for a moment. Some dude wants to bomb a target. He is approached by one or more unknown persons, who question him about bombs, question his desire to bomb the target, offer to supply the bomb(s), offer to supply the vehicle, offer training in setting the bomb(s) off, and offer assistance in getting away after the bomb is set. When he drives the vehicle with the faux bombs to the target, he is arrested by those unknown persons, and fifty other FBI, ATF, and local police officials.
Clever? I don't think so.
"Windows is like the faint smell of piss in a subway: it's there, and there's nothing you can do about it." - Charlie Br
Your's is an annoying attitude for a couple reasons. First, if a person is going to have a really deep technological sophistication, it will be limited to a very narrow area -- each discrete component in a computer probably requires intense all consuming years long study -- that's why you end up with people who focus on one single thing and the person who is fully expert on video drivers may be really inept regarding hard drive technology. Honestly, I think anyone who believes they fully understand every aspect of a laptop is just setting himself up to get totally hosed.
Secondly, it is not a sign if being unintelligent for a person to have a vague understanding of computers. If everyone had a deep understanding of computers, nobody would have the time to become dentists, mechanics, veterinarians, etc. etc. Seriously, pick some random difficult topic about which you know nothing -- does your lack of knowledge in that area make you stupid? Of course not. Because it is not possible to know everything there is to know.
What changed under Obama? Nothing Good
We need a new mod, +1 Paranoid. ;) (Yes, I know you're joking, but someone modded your comment underrated, rather than funny.)
Many IR receivers and transmitters, such as on remote controls, are covered by opaque black plastic. That black plastic is opaque to visible light, but transparent in infrared. CMOS cameras are very good at seeing in infrared. Therefore, a factory installed cover could APPEAR opaque but actually be transparent for spying purposes.
When I was a licensed private investigator I may have taken advantage of that fact.
Does it have to be black tape? I have a roll of grey tape, and some blue tape too, will these suffice?
Becasue XBone sounds a bit rude, like boner. Or if you bone someone you fuck them over. so even though XBone itself doesn't mean anything bad on it's own, if you take it as "X" "Bone" instead of "XB" " One" it sort of implies some negative association (I guess).
Let me demonstrate why you don't run an LED in-line with a sensor.
Now that *WAS* a pure clean audio signal before the LED was introduced. Notice the distortion? You're about to get something like that for your sensor. I've got rectification on the other side before it hits the speaker.
Anyone saying it would probably be more cost-effective and easier to do by hardwiring led and sensor to work at the same time (implying running in series) should go right ahead and try it. I hope you didn't pay much for your sensor.
I've got several different laptop webcams right here. Every LED has its own dedicated circuitry. Two from Macbooks, two from HPs, and a Toshiba.
Bet you 10:1 this has already been tried. If it worked, it would be the norm by now just for the extra bottom line.
Still waiting on Serviscope_minor to wake up to fucking reality and realize that Jessica Price isn't going to fuck him.
I think whoever makes a holographic Goatse lense cover will make a fortune.
Excuse me, but please get off my Pennisetum Clandestinum, eh!
It's that stupid raised piece, or notch to allow someone to move it with a finger or thumbnail. Logitech has the pattent on one, Radio Shack the other, or perhaps it's Acacia and Tessera, or... No Prenda was copyrights... and Apple refuses to license either. So Apple calls them ugly.
You never know...
...when I put a piece of black electrical tape over the webcam on my laptop and tablet. Ok, maybe I was being paranoid, but as we've all seen now: "Just because we're paranoid doesn't mean they're not out to get us." Sometimes I hate being right.
The whole point of calling something firmware is that the user shouldn't even know it's there and it's actually a piece of software and not hardwired electronics.
So how should the user have knowledge that something he shouldn't have knowledge of is being modified?
https://supporters.eff.org/shop/laptop-camera-cover-set
I have always felt like someone should create a Privacy stamp of approval or a way to certify that a product adheres to certain hardware specs regarding privacy.
Being approved by this group would allot you to stamp your product was found secure by a 3rd party group like this.
A product would have to use a mini relay or something like that to physically disconnect the connections from the camera and microphone of any device when its not in use, and when in use show that the connections are made with a LED light that is hard wired to the same relay, with no way to bypass in software.
You may use a physical shutter for the camera and some way to disconnect only the microphone, but have a 3rd party certify this would go a long way to have open security cameras in a room in my house etc, something I would never do with a security company able to watch you 24/7, but if when they watched a red light lit up very bright and could not be bypassed might work.
The first Apple webcam did feature a mechanical obturator, that closed the diaphragm in a very visible way (also shutting off the LED).
That was at the time cams were external and big (even though Apple's was twice smaller than the rest).
Now, Apple's way of doing is close to the tablets way: the cam just should not even be visible, and not bother me.
And I agree with that.
I'm not paranoid about the cam light being shut; I even sincerly think anyone spending time about this is wasting a time that would better be used to think about open source and linux alternatives to Apple.
Tell me about Mint vs Ubuntu, not about minuscule cam-LED features, I'll follow you more carefully...
Herve S.
Remember that DRM is for controlling people, not protecting them.
tomorrow who's gonna fuss
If you point an IR light source, such as a remote control, at the camera from a few inches away it'll be visible DESPITE the IR filter. By analogy, dark sunglasses might filter out 80% of visible light, but that doesn't make the a flashlight invisible through sunglasses.
Every digital camera I've ever checked has an IR filter coating. Often, a cotton swab dipped in acetone can be used to wipe away the coating.
I'm not an electronics engineer, but I dunno. That seems a little harsh on apple; the camera and led could have different power sources for any one of many innocuous reasons. That said, if you're paranoid (like me), a nail and jeweler's hammer will make quick work of the camera, and then power sources don't matter much. If you don't want to damage it permanently, some electrical tape works great too.
Deja Moo: The distinct feeling that you've heard this bull before.
This is old news. If you were not aware that a camera could be turned on without the indicator light saying it is on then you are not as big of a geek, nerd or whatever you thought you were. For example the Logitech sdk has had the ability to control the indicator light for at least 13 years Check the doc here This does not really meet the newsworthy standard to me... although it proves that many don't know or have forgotten.
do you notice how dim the IR remote looks on the camera? you do realize that that ir remote is blasting a LOT of light so it is the same as if you can take a 3Watt flashlight and blast your face with sunglasses and see a dim light. they block 90-98% of the light. Go ahead, get a piece of Unexposed but developed 35mm film in front of your webcam and show me how it can see clearly, it cant not without a LOT of light in the room or you remote the IR filter.
Do not look at laser with remaining good eye.
I remember a few laptops having cameras with a feature like this. The camera had little clip which could slide a cover across the camera lense, similar to the closed lense on a digital camera.
I just tested more with my iPhone 5S. With the back camera, literally as close to the lens as I could get, I see nothing. With the front camera, the lights are visible from over a meter away. (Phone in one hand, remote in the other.)
My first digital camera was a 1.3MP unit in 1997. The last point-and-shoot I got was an 8MP one about 4 years ago. Those, and all in between, showed IR light as I describe. As did all iPhones before the 4S.
So all digital cameras might have *some* IR filtering, but some much more than others. To me, "IR filter" means does it filter out just enough to make pics look good in natural light, or do they also filter out strong IR beams.
Anyway, the OP's point was, plastic that "looks" black to humans can, in fact, let IR light through. (It's the stuff they mold onto the ends of remotes to make them look nice -- they've been doing that for over 20 years.) And many digital cameras can pick up that light. THAT is what we are discussing here.
Dear Slashdot: next time you want to mess with the site, add a rich-text editor for comments.
Your suggestions were the ones that dishonoured the dead and whichever branch of the US government you think murdered all of those people and planted aircraft wreckage on the site.
From the TFS' last link --> camera.pdf at the end of the abstract.
The LED driver could be altered so that it is driven through a buffer from the strobe line on the data bus. (not shown in block diagram) The buffer then is AC coupled to the LED. When the data strobe is toggling (data is being transferred) the LED lights up. When data is not being transferred the LED goes dark. Add a small parallel capacitor and the output drive of the buffer will easily keep the LED lit at 100% even if the strobe has a very low duty-cycle in it's active state.
This approach cannot be defeated since the data strobe (often referred to as dclk in the camera controller documentation) is a required active signal while the camera is active, and is static(not toggling) when no data is being transferred.
A similar trick can be used to indicate that the internal mic is active. Internal mics have a simple form of phantom power that is turned off when the mic is not in use. A simple transistor can be used to detect the presence of the mic power, and light an LED. Typically mic power is turned off in the hardware audio CODEC when the mic is not set as the source for input. Not doing so wastes power, and creates an undesirable source of noise at the input multiplexer of the audio CODEC.
This kind of security flaw is a consequence of the product engineer(s) not considering security at all when looking at the implementation. The project lead also didn't take a careful look at how STANDBY was implemented in the camera controller to see that it COULD be bypassed, as the camera controller device was designed to allow a free-running mode that ignores STANDBY.
Pics or it didn't happen
That's interesting that the two cams on the same device would be so different. One, a very effective IR filter and little to no filter on the other.
These "switch" devices that you talk of are too complex for Apple users.
Birds are not dinosaur descendants;birds are dinosaurs, for all useful meanings of "birds", "are" and "dinosaurs"
Let us consider that for a moment. Some dude wants to bomb a target. He is approached by one or more unknown persons, who question him about bombs, question his desire to bomb the target, offer to supply the bomb(s), offer to supply the vehicle, offer training in setting the bomb(s) off, and offer assistance in getting away after the bomb is set. When he drives the vehicle with the faux bombs to the target, he is arrested by those unknown persons, and fifty other FBI, ATF, and local police officials.
Clever? I don't think so.
Funny how that turns out, eh? Even stranger, I read someplace that the only reason cells of the Communist Party in the US survived the 50's was because of the paid informers that infiltrated it were the ones paying dues to keep it running. Obviously, so they'd have something to report. NFI how true that is. Cool rumor, though...
Understanding the scope of the problem is the first step on the path to true panic.