You might want to always smile for the camera, just in case: a report from researchers at Johns Hopkins University explains a new method to covertly activate a Mac's built-in camera without any external visual indication.
Apple designed its cameras with a hardware interlock — building its circuit so if the sensor were active, the indicator light would be, too.
But researchers Matthew Brocker and Stephen Checkoway proved that the circuit was in fact controlled by software. Its behavior could be changed by reprogramming the camera's microcontroller — part of the circuit board directly connected to the camera.
The duo demonstrated the workaround to The Washington Post with a piece of software called iSeeYou, which automated the whole process and captured video from the computer’s built-in camera — without a telltale light.
Covert webcam spying made headlines earlier this month when the FBI used a similar technique to gather information on a suspect in a bomb threat case. (Via Digital Trends)
And while this latest investigation is focused on Mac models from before 2008, security researchers told The Washington Post it could apply to newer cameras or different computer makes, with a sufficient application of resources.
Ars Technica says, bottom line, "if your hardware interlock is software mediated, it's not a hardware interlock any more. When it comes to protecting against webcam spying, you should ignore the technology and simply tape over the camera."
Apple, meanwhile, hasn't said anything about the security vulnerability. Brocker and Checkoway say they explained the vulnerability as part of their report. "Apple employees followed up several times but did not inform us of any possible mitigation plans." (Via AppleInsider)