Webcam hacking is typically the domain of cable TV, where NSA-like cyberwizards slap a few keys to tap into any camera in the world. In reality, we figure, it isn't anything like that at all--hackers probably need physical access to the computer to easily install spy software, and what are the chances of our webcam getting hacked, anyway? In fiction and in reality, we still expect a warning sign. On Macs, it's that little green light next to the webcam that proclaims 'I'm on.' But what if that gets hacked, too?
That's exactly what's happened with a range of old Macs, making the concept of webcam happening a little bit creepier. Researchers from John Hopkins University published their findings in a paper simply titled 'iSeeYou: Disabling the MacBook Webcam Indicator LED.' The opening abstract states 'This enables video to be captured without any visual indication to the user and can be accomplished entirely in user space by an unprivileged (non-root) application.' If you have a new-ish Mac, don't panic--this hack is for older iSight cameras, although it's possible that newer Mac cameras have their own vulnerabilities.
Many assumed that the LED 'on' lights on Mac and MacBook webcams were hardwired to the camera, meaning there's a cut-and-dry on-off relationship between the two. When the camera's imaging chip is on, the LED gets power. When it's set to standby, it doesn't. And that is how it works--except there's a layer of software controlling the whole thing.
Dec 18, 2013 When your Mac’s iSight camera is running, a tiny green light lets you know that it’s turned on. Or at least it’s supposed to. New research from Johns Hopkins University shows how hackers can. Jul 14, 2020 The Mac version of the Lumix Tether application is also compatible with the same list of Lumix cameras as the Windows one: the DC-S1H, DC-S1R, DC-S1, DC-GH5S, DC-GH5, and DC-G9 models.
Ars Technica explains: 'When the driver for the webcam is loaded, the host PC uploads a small program to the USB controller (it has no permanent firmware storage of its own, so it has to be uploaded each time the camera driver is loaded). This small program in turn configures the imaging chip. The imaging chip doesn't have too many configurable properties, but one thing that it does have is whether it pays any attention to the standby input.
'Apple's own drivers set a configuration where standby is respected. But other configurations are possible—such as one where the chip ignores standby entirely and always produces image data.'
The researchers wrote software that told the webcam something different. It told the software to ignore the standby input, while making sure the standby line in the circuitry was always active. That way, the LED was permanently disabled--the proper connection was made to keep it powered off--and the camera still functioned normally.
iMac G5s, early Intel Macs, and MacBook Pros used the iSight camera until about 2008. If you're using one of those computers, there is a silver lining: the researchers also made a kernel extension to prevent their hack. It's called iSightDefender, and you can download it from github for free. You can also use a sticker.
Isight Camera Replacement Program
When your Mac’s iSight camera is running, a tiny green light lets you know that it’s turned on. Or at least it’s supposed to. New research from Johns Hopkins University shows how hackers can remotely control the iSight camera in certain Macs without turning on the accompanying LED indicator light.
Apple designed the iSight camera and green light to turn on and off simultaneously as not only a helpful indicator for the user, but a privacy feature. A young man recently pleaded guilty in court to extortion after he performed a remote hack on Miss Teen USA’s webcam to secretly collect nude photos. She had no idea she was hacked as it was happening because her green light never came on.
New Macs Isight Camera Cannot Be Hacked Photos
Two students from Johns Hopkins created a proof-of-concept app called “iSeeYou” to show how the process works. You can read the full report, which includes steps to replicate the hack, by viewing this linked PDF.
To commandeer iSight, the two researchers were able to reprogram the camera’s micro-controller, a dedicated chip that basically acts as the hardware’s own CPU. From there, the camera was told to turn on separately from the light.
The software used to remotely control iSight was Remote Administration Tool (RAT), which is used by IT departments and educational institutions to administer large numbers of computers. The Wikipedia page for RAT details all of the ways it can also be used nefariously through malware.
The documented hack affects “Apple internal iSight webcams found in earlier-generation Apple products, including the iMac G5 and early Intel-based iMacs, MacBooks, and MacBook Pros until roughly 2008.” Renowned security researcher Charlie Miller told The Washington Post that the hack could work on newer Macs as well, but it would require a “lot of work and resources.”
Apple Isight Camera
Source: cultofmac.com