Jul 10, 2020 Apple this month published a support document that warns customers against closing their Mac notebooks with a cover over the camera as it can lead to. Oct 13, 2011 Exact same issue here. Can see that the iSight is sending audio to the Mac by looking at the input in the pref pane, but no audio received on the other end of a FaceTime connection. MacPro 1,1 with iSight connected to a firewire port on a 21' Cinema.
If you’re super conscious about protecting your privacy, one thing you can do is cover up the camera on your laptop when it’s not being used — there are even commercial covers you can buy for this purpose. But beware: Apple is now warning that using a camera cover could permanently damage your MacBook display.
Back in 2016, Facebook founder Mark Zuckerberg made headlines after sharing a photo of himself in which a taped-up MacBook could be seen on his desk.
The idea is that if the webcam (and/or microphone) on your laptop is taken over by a hacker or an overreaching app, physically blocking them ensures that you can’t be secretly recorded without your knowledge.
But it seems that MacBooks are designed in such a way that placing extra thickness between your display and keyboard could cause the screen to crack.
“Closing your Mac notebook with a camera cover on it might damage your display,” Apple warns in a new support note spotted by MacRumors. “If you close your Mac notebook with a camera cover installed, you might damage your display because the clearance between the display and keyboard is designed to very tight tolerances.”
Blocking the camera can also mess up the MacBook’s ambient light sensor and cause issues with features like automatic brightness adjustment and True Tone.
A Redditor named koolbe found this out the hard way. After buying an upgraded 16-inch MacBook Pro, koolbe put a commercial cover over the camera and put the laptop in a padded backpack for transport. When the laptop was opened up later, there was a vertical crack under the webcam and the display was unusable — it takes minutes for the screen to be updated when it changes.
Instead of physically covering your camera, Apple recommends that you pay attention to the indicator light and the camera’s privacy settings instead.
“The camera is engineered so that it can’t activate without the camera indicator light also turning on,” Apple says. “This is how you can tell if your camera is on.”
But if your work requires you to cover your camera, Apple says you should use a cover that’s no thicker than standard printer paper (about 0.1mm).
Security researchers have confirmed that MacBook webcams can spy on their users without the warning light being activated.
Apple computers have a “hardware interlock” between the camera and the light that is supposed to ensure the camera can't be activated without alerting the user by lighting a tell-tale LED above the screen.
However Stephen Checkoway, a computer science professor at Johns Hopkins University and graduate student Matthew Brocker were able to circumvent this security feature by reprogramming the micro-controller chip inside the camera.
Normally, any program running on a MacBook’s central processing unit that takes images through Apple's iSight camera would turn on the tell-tale light. Brocker and Checkoway's reprogramming tactic allows the camera and it light to be activated independently, so that the camera can be running while the light is switched off.
The researchers have released proof-of-concept software to demonstrate the trick, including a paper , entitled iSeeYou: Disabling the MacBook Webcam Indicator LED. The study provides the first public confirmation that a sophisticated hacker tactic long suspected to be part of the playbook of intelligence agencies, feds and others is not only possible but relatively straightforward.
The same technique that allows us to disable the LED, namely reprogramming the firmware that runs on the iSight, enables a virtual machine escape whereby malware running inside a virtual machine reprograms the camera to act as a USB Human Interface Device (HID) keyboard which executes code in the host operating system. We build two proofs-of-concept: (1) an OS X application, iSeeYou, which demonstrates capturing video with the LED disabled; and (2) a virtual machine escape that launches Terminal.app and runs shell commands. To defend against these and related threats, we build an OS X kernel extension, iSightDefender, which prohibits the modification of the iSight’s firmware from user space.
The research focused on MacBook and iMac computers released before 2008 (iMac G5 and early Intel-based iMacs, MacBooks, and MacBook Pros) but other security researchers reckon the same tactics would work on more recent models from multiple vendors, not just Apple. This means that any laptop with a built-in camera could be used by a skilled hacker to spy on its users without giving the game away. It's unclear whether or not Apple or other manufacturers are developing any mitigation plans.
Apple Isight Camera
Attacks on micro-controllers, particularly on Mac machines, are becoming an increasingly fruitful area of security research. For example, security researcher Charlie Miller demonstrated a hack on systems that control Apple batteries, causing the battery to discharge rapidly and potentially leading to explosive consequences. Other attacks target Apple's keyboard controllers.
The spying on people without turning on warning lights issue is far from an academic concern. A tell-tale flickering light was central feature of a notorious case involving school-supplied laptops in Pennsylvania back in 2008.
Administrators at Lower Merion High School near Philadelphia reportedly captured 56,000 images of students by using a trojan installed on school-issued laptops. 'Students reported seeing a ‘creepy’ green flicker that indicated that the camera was in use. That helped to alert students to the issue, eventually leading to a lawsuit,' the Washington Post reported.
More sophisticated hackers have developed the apparent ability to suppress any warning light. This may be a feature of commercial spyware packages, such as FinSpy from FinFisher, which marketing documents covertly leaked through WikiLeaks claim can be “covertly deployed on target systems” to allow “live surveillance through webcam and microphone.”
What Is Isight Camera
A surveillance program called Ghostnet, reckoned to be a Chinese spying operation against prominent Tibetans including the Dalai Lama, involved “web cameras [which are] silently triggered, and audio inputs surreptitiously activated,” according to a 2009 report into the snooping by the University of Toronto.
Marcus Thomas, a former assistant director of the FBI’s Operational Technology Division, recently told the Washington Post that the FBI has long been able to covertly activate a computer’s camera, without triggering any 'recording in progress' warning light.
Privacy conscious users have one ready means to protect themselves from spying. “The safest thing to do is to put a piece of tape on your camera,” Miller told the Washington Post. ®
Mac Isight Camera
Camnote
A video demonstrating how the iSight camera can be turned on without activating the small-green LED light on older Macs can be found here.