14 Replies Latest reply: Jul 17, 2009 5:49 AM by EZ Jim
Blameitonthemacbook Level 1 Level 1 (0 points)
Hello everyone, I am very curious to know if someone can hack my MacBook Pro's webcam without the green light being on ? And can someone hack it at all ?

(2.6GHz 17" MacBook Pro 320GB HD ), Mac OS X (10.5.7), 17" PowerBook G4, Black 2.4 GHz MacBook , iPhone 8GB, iTouch 16GB, iPod Nano 4GB
  • neuroanatomist Level 7 Level 7 (31,690 points)
    Not as you mean it, no. You can allow access to your webcam, though. Also, your Mac has a built-in firewall (System Preferences > Security > Firewall tab) - enable it.
  • khassani Level 3 Level 3 (945 points)
    I don't think it's physically possible to use the camera w/o the green light. This isn't something that's controllable by software as far as I know.

    If someone manages to get a trojan horse (or theoretically a virus), they could view your iSight camera, but I've never heard of this happening on a Mac.
  • lenn5 Level 4 Level 4 (2,530 points)
    You might also want to right click on a flash movie like a youtube video and go into Flash Player settings. The second icon from the left deals with Privacy. You can deny Flash access to your web came by selecting the deny button.

    Btw, I never use my MBP's web cam so I've put a tiny piece of black electrical tape over the camera lens. I can't even tell the tape is there.

    lenn
  • EZ Jim Level 7 Level 7 (21,660 points)
    Blameitonthemacbook wrote:
    Hello everyone, I am very curious to know if someone can hack my MacBook Pro's webcam without the green light being on ? And can someone hack it at all ?


    Unless you have installed, activated, and authorized Apple Remote Desktop or some other software for remotely operating your Mac, nobody can be watching you without your explicit permission and action.





    EZ Jim



    G5 DP 1.8GHz w/Mac OS X (10.5.7) PowerBook 1.67GHz (10.4.11)

    iBookSE 366MHz (10.3.9)         External iSight
  • Supreme Virtue Level 4 Level 4 (1,750 points)
    A few years back I remember seeing a website that they sell a little patch that covers the camera port. You slide it left and right to hide it.

    I don't know if anyone remember this. I'm looking to buy one myself now for my new MBP.

    I know its programmed to light on when its activated, but theoretically, and "hackably", its possible to activate the camera without the light.

    Edit: found it. http://www.theipatch.com/
  • khassani Level 3 Level 3 (945 points)
    Where did you hear that (about the green light)? I've read programmers' comments about it saying that you can't have one w/o the other.
  • EZ Jim Level 7 Level 7 (21,660 points)
    Supreme Virtue wrote:
    ... theoretically, and "hackably", its possible to activate the camera without the light.


    The only way would be for you or someone else to have access to and modify or somehow damage your Mac or its software.

    Apple's http://support.apple.com/kb/HT2090 iSight Troubleshooting suggestions will help you find and fix this, or any other unexplained iSight problem.

    If the $4.99 patch makes you feel better, buy it. However, aside from orders from the boss, wife, or someone else with authority over you, there is no security need for a "patch."

    Unless you have installed, activated, and authorized Apple Remote Desktop or some other software for remotely operating your Mac, nobody can be watching you without your explicit permission and action.




    EZ Jim

          Message was edited by: EZ Jim

          BTW, Well said, khassani !
          Jim


    G5 DP 1.8GHz w/Mac OS X (10.5.7) PowerBook 1.67GHz (10.4.11)  iBookSE 366MHz (10.3.9)  External iSight
  • khassani Level 3 Level 3 (945 points)
    Thanks, Jim.

    Just to clarify a point, though, you could unintentionally give authorization by running a trojan horse. In fact, I don't believe that type of program would even need root access (at least for the iSight access part). It just needs to be loaded on the computer. However, you would always know the camera was on.
  • EZ Jim Level 7 Level 7 (21,660 points)
    You're welcome, khassani

    However, I must comment on your reply.

    khassani wrote:
    ... unintentionally give authorization by running a trojan horse. In fact, I don't believe ...


    I am not expert in these matters. However, I have had NO such problem, and I do not want to leave other readers with the impression that such matters are likely to cause any problem for them.

    Even in my research on this topic, I have seen only two types of OS X trojan horse discussions:

      (1) ones identified as being hidden in pirated software, and

      (2) ones identified by vendors who claim to offer "security" fixes for OS X.

    Because I do not use pirated software, item 1 is of no concern to me, and I am too suspicious of possible exaggeration due to commercial motivations for the item 2 examples to cause me any concern. My checks have NEVER shown that any of the alleged trojans were in my Macs.

    All of us must take actions we consider necessary to protect our computer security, but I do not understand how unsubstantiated assertions of possible threats help anyone.

    If you can identify specific trojan horses and provide links to the particulars concerning each, please do so in order that other readers can take appropriate action.

    Cheers,
    EZ Jim



    G5 DP 1.8GHz w/Mac OS X (10.5.7) PowerBook 1.67GHz (10.4.11)   iBookSE 366MHz (10.3.9)  External iSight
  • khassani Level 3 Level 3 (945 points)
    Like I said in my earlier post, I've never heard of it happening. However, it's very easy to do. I have almost no experience writing for the Mac, and I can write one. I say that b/c I've worked out the process to write a lojack-type program, with my only roadblock being where to upload to.

    The only reason it's not out there is because no one's wanted to put it out (the green light may be influencing that decision). I've just stated the facts: nothing out there, but very easy to write. People can make their own decisions. If you feel that you have no need for any security b/c you don't pirate software, then that's fine, but to say that it shouldn't be mentioned is a little extreme in my view.
  • EZ Jim Level 7 Level 7 (21,660 points)
    Thanks, khassani

    That is about what I thought would be the case. Your forthright response is appreciated.

    Cheers,
    EZ Jim



    G5 DP 1.8GHz w/Mac OS X (10.5.7) PowerBook 1.67GHz (10.4.11)
    iBookSE 366MHz (10.3.9)         External iSight
  • Supreme Virtue Level 4 Level 4 (1,750 points)
    Piracy has little to do with this. Even legit Windows OS can be affected.

    No offense to anyone but I think there is a difference between "programmer's comments" (known API) and the actual electrical/mechanical design of the system. Unless someone can actually confirm that the light must share power with the camera (like a series circuit) when activated, we have no idea.

    Just because your cellphone is on standby in your pocket doesn't mean the microphone isn't listening to your conversation... by some entity.
  • khassani Level 3 Level 3 (945 points)
    They don't have to be in series. In order for the light and camera to be activated independently, the iSight hardware would have to accept a signal to turn each on independently. That may be the case, but it seems like an unnecessary expense.

    Also, adeona is a multi-platform open-source project, so I don't think they're using Apple APIs. They've made that comment about the camera light.

    I'm pretty sure it's not possible by software.
  • EZ Jim Level 7 Level 7 (21,660 points)
    Supreme Virtue wrote:
    Piracy has little to do with this. Even legit Windows OS can be affected.


    Well said, Supreme Virtue. I agree that Windows software and apps can be hacked.


    I should have specified in my earlier posts that possible hacking of webcam control should not be a concern for OS X Macs.


    Windows users are wise to be cautious and take every possible precaution against Windows' inherent security weaknesses, whether running on a PC or on a Mac (and whether via OS X Boot Camp or one of the PC emulators that runs inside OS X.



    EZ Jim



    G5 DP 1.8GHz w/Mac OS X (10.5.7) PowerBook 1.67GHz (10.4.11)   iBookSE 366MHz (10.3.9)  External iSight