Q: My iSight light turned on randomly.

I was working on my mac, running safari and no other apps at all and nothing that would require my isight camera. I just happened to notice that it was on - green light. It’s always off and I never really use it. I immediately put a sticky over it and started looking into any open apps that might have turned it on and no, there was nothing other than safari and an eBay listing app that doesn’t use the camera.

So I looked into it and YES there are ways to hack a macs isight camera. There is a vulnerability in BROWSERS like safari plugins and third party extension that basically YOU give permission to install themselves. It requires you to download something as innocent as “you need this plug-in for safari to view this” “you need flash plug-in” etc. and other prompts as such. You download apps that have JAVA bundles in it that can allow java scripts to run on your mac and with JAVA VIRTUAL MACHINE you can indeed run a virtual machine on someones apple mac. I’m not extremely tech savy but this is what I found on the internet. Look it up yourself.

There was an ip address in my safari cookies that again was in the “cookies” list but showed up as a plug in. I tried to delete it but it would never delete. Anyway the roundabout is I found the culprits to be the Flash plug in and Java. With both of these you could high jack someones isight camera and spy without them knowing and I also learned there is an additional script that will not allow the green light to come on to further allow the hacker to go undetected.

What did I do to make it stop and make that strange ip address go away in my Safari? Went into my Firewall first of all and yes it was ON. Clicked into Firewall options and found apps that somehow had been given permission to allow incoming connections. Things like google voice, and others I did recognize and need like eBay. In there was flash plugin - deleted it and blocked any incoming connections I didn’t want to allow - specifically any that wanted to use my camera. Went into my System Preferences and found the Flash Player, clicked on it and found options to allow local storage permissions on your computer. They were found in storage, camera and mic, playback and  advanced. All of these had options to ALLOW websites to store stuff on your mac (most innocent like your preferences etc.) but can most certainly be exploited! I found the strange ip address in there. Turned out to be some strange company that does IT work etc. - I don’t remember visiting this site. Anyway told it I didn’t want it to have access and or you can choose to delete. Low and behold I went into safari and subsequently was abe to delete it. And also guess what happened when I told FLASH not to allow any websites access to camera and mic? The green light on my isight camera turned off.

If you don’t need flash or Java delete it. If you must live with it - limit what it can do, take charge and control who and what access your permissions on your mac. I know those like me that are not that tech savvy can fall prey to very innocent permissions specially when it comes to using our internet browsers. Just be careful what you download and now too be careful what you add and allow in your browser.

<Re-Titled By Host>