In a startling discovery, it appears that the webcams on Apple’s iMac desktops and MacBook laptops could be remotely activated without the knowledge of the user. To assuage privacy concerns, many notebook manufacturers–including Apple–place a recording indicator light next to the camera lens to alert users that the webcam is activated.
However, despite these efforts, the Washington Post is now reporting that hackers could bypass the activation of the LED indicator light by taking control of the firmware on the camera’s microcontroller so that the LED would not activate while the camera is on.
This type of hack doesn’t require the hacker to have physical possession of the laptop nor does it require administrator privileges.
Fortunately, though this hack is limited to older Macs at this time according to researchers Matthew Brocker and Stephen Checkoway, who published the research paper iSeeYou: Disabling the MacBook Webcam Indicator LED. According to the Post, this hack works on Mac models released prior to 2008, though some new models may be vulnerable as well.
According to the paper originating out of Johns Hopkins University, a computer is made up of many smaller computers inside one package running multiple chips. Although Apple had designed its computers so that apps running on the main CPU, or processor, must activate the LED light when the camera was turned on, the small chip on the camera module, or micro-controller, could be hijacked and re-programmed so that the camera and LED light could be activated independently.
Webcam hacking gained the attention of the public eye earlier this year when Miss Teen USA Cassidy Wolf became victim to a hacker. At that time, FBI investigators came out and said that it had the capability of disarming the LED indicator light for recording and has had the capabilities for several years.
At this time, though there are more complicated measures to counteract this hack, including sandboxing applications, a more simpler way to stop unauthorized recording using your Mac’s webcam is to simply place a piece of black tape over the camera. You can always remove the tape if you need to do a video call through Skype, Google Hangouts, or Apple’s FaceTime service, but this simple hack will keep your privacy safe.
In addition to cameras, another security concern would be the microphone. According to the Post, the Chinese government had been using surveillance to activate cameras and audio inputs.