The iSight camera on our Mac has a small green light that lets us know at all times whether it’s working or not. This is a security measure that should be infallible when mounting the LED on the same power cable as the webcam, so if you turn one on, the light should also come on.
At least that’s the theory, but research conducted by Johns Hopkins University has uncovered a technique used by hackers to bypass this hardware protection by reprogramming the camera’s microcontroller to ignore the LED, leaving us with the perpetual uncertainty of whether we are being spied on or not .
This is what happens when you let a layer of software control something that should be simple and inescapable, making us suspicious in passing if behind this excess engineering you don’t choose back doors to allow others to officially spy on us with a warrant (or worse, without it as in the whole murky case of NSA wiretapping).
The two Johns Hopkins students detail their findings in a 13-page document explaining how to replicate the hack, but as there is nothing better than a practical example, they also accompany it with a proof of concept, an app called iSeeYou capable of running in our user space without the need for administrator permissions and which can capture the video from the webcam without any visual indicator.
Committed computers include the iMac G5 and its first Intel processor models , as well as the MacBook and MacBook Pro through 2008 . Researchers have not tested the latest Apple models or webcams from manufacturers such as Logitech because each would require intensive work using different combinations of sensors and drivers, but in principle we lack guarantees to ensure that others have not already done this work successfully.
The solution is to sue Apple and other manufacturers for more robust solutions. Meanwhile, I will have to surrender to the evidence and give the reason to those who do not do too much I reproached (in a cordial tone with a glass of wine in front) for covering the camera of their precious last generation laptops with a dirty post-it . Low-tech solutions they call them and they work.