MacBook Webcams Can Be Hacked to Spy on Users

MacBook users may be disturbed to learn that their laptop webcams can be hacked and used for covert spying. Researchers at Johns Hopkins University have revealed how it works in a paper entitled “iSeeYou: Disabling the MacBook Webcam Indicator LED.”

MacBooks have been specifically designed to prevent activation of its iSight camera without turning on the LED to alert users that their image is being captured.  Stephen Checkoway and Matthew Brocker explain, however, that even though careful precautions were taken by Apple, Inc., the system is not foolproof.

Checkoway and Brocker say that this ability to hack in and activate a MacBook webcam to spy on users stems from the fact that a the laptop has three chips: one in the battery, one in the keyboard and one in the webcam.  This allows the chip, or micro-controller, in the iSight camera to be reprogrammed to allow independent activation of the iSight camera and the LED by those who have the technical skills to do so.

Checkoway and Brocker’s research focused on MacBook and iMac models produced prior to 2008, but say that they see no reason to believe that the same techniques couldn’t be used on newer iterations of those devices and others. Proof of the ability to activate a webcam without also turning on the LED in newer and varied computers has not yet been demonstrated. Essentially, though, users should be aware that the potential exists for any laptop with a built-in webcam to exhibit similar vulnerability to misuse.

The FBI has purportedly been using this surveillance technique for years. Checkoway and Brocker’s paper, however, represents the first public confirmation and proof-of-concept demonstration that it is possible for a webcam’s micro-controller to be independently manipulated to turn on without also turning on the LED to let users know that they may be being watched. Their paper is being considered for presentation at an upcoming academic security conference.

Apple officials have yet to publicly present any plans to mitigate this issue in their products and have thus far declined public comment on the issue.

These types of attacks on micro-controllers appear to be becoming more prevalent and are generating a whole new avenue of research, particularly when it comes to Macs, which have long touted their superior security as an advantage over the PC.

There has been at least one public case of observation through a webcam occurring without illumination that has led to an extortion conviction. A man named Jared Abrahams was apparently able to install software known as a Remote Activation Tool (RAT) onto a former high school classmates computer and capture images of her, including some in which she was unclothed. The victim was ultimately identified as Miss Teen USA, Cassidy Wolf.

Similar software was also used by Lower Merion High School adminstrators in a well-publicized case back in 2008. In that case, however, the RAT was not able to completely disable the LED, and a “flickering light” on school-issued MacBooks alerted students to the fact that they were under observation. Adminstrators at the school outside Philadelphia, Pennsylvania reportedly captured more than 56,000 images of students resulting ultimately in a costly lawsuit to address the issue.

Hope is not lost, however, for those with MacBooks who may be concerned about their webcams being hacked and used for spying. Experts offer a highly technical solution to the problem: put a piece of tape over the camera to block observation.

By Michele Wessel


Washington Post