Following various reports claiming laptop webcams can be turned on remotely without the user's knowledge, a new research from Johns Hopkins University in Baltimore, Md., used Apple’s (NASDAQ:AAPL) MacBook and iMac computers to confirm that their webcams can indeed be accessed without authorization, and used to spy on the machines' users at any time.
The researchers showed that the iSight cameras in the MacBook and iMac models can be compromised to capture images without turning on the camera's accompanying LED light -- an important privacy feature that is supposed to let users know when the camera is in use. While the new research focused on MacBook and iMac computers released before 2008, the researchers said that similar techniques could be used on more recent computers from other manufacturers as well.
“Apple went to some amount of effort to make sure that the LED would turn on whenever the camera was taking images,” Stephen Checkoway, a computer science professor at Johns Hopkins and a co-author of the study, told The Washington Post, adding that the 2008 models of MacBook and iMac had a “hardware interlock” between the camera and the light to ensure that the owner of the device is alerted every time the camera is turned on.
According to the paper, titled “iSeeYou: Disabling the MacBook Webcam Indicator LED,” the light is connected directly to the standby pin on the camera sensor, so whenever the camera comes out of standby mode, the LED automatically turns on.
However, Checkoway and his co-author, Matthew Brocker, managed to figure out a workaround that targets the firmware inside the iSight camera's chip. They reprogrammed the firmware to ignore standby signals sent by the USB interface, which is used by the camera to communicate with the rest of the computer. As a result, the LED remains turned off even though the camera sensor is in use.
The researchers said that the vulnerability affects “Apple internal iSight webcams found in earlier-generation Apple products, including the iMac G5 and early Intel-based iMacs, MacBooks, and MacBook Pros until roughly 2008.”
According to the researchers, there are at least two methods of mitigating the vulnerability that can be implemented on existing hardware. While Apple’s Gatekeeper application sandbox could be updated to deny unlawful access to the camera, another strategy involves tweaking the OS X's kernel to reject specific instructions from being sent to the camera, Apple Insider reported.
Meanwhile, the researchers have informed Apple about their findings, but the company is yet to announce “any possible mitigation plans,” according to the researchers.
Check out the video here: