Researchers Hack Webcam While Disabling Warning Lights
- By NICK BILTON - December 19, 2013 - The New York Times
If you are sitting at your computer reading this, smile, you could be on camera. Actually, don’t smile.
Last week, researchers at Johns Hopkins University’s Department of Computer Science showed off an exploit that allows a hacker to take over some MacBook computers and activate their Web cameras without the users’ knowledge.
The webcam hacking technique, first reported by The Washington Post, is said to be similar to a tactic used to spy on Cassidy Wolf, a 19-year-old Miss Teen USA, who fell victim to a webcam hacker earlier this year.
The Federal Bureau of Investigation arrested the man responsible for the spying on Ms. Wolf. He pleaded guilty to charges in connection with his spying on her and a number of other women, using software that could snap a picture or record video of them without warning.
The Johns Hopkins paper, titled “iSeeYou: Disabling the MacBook Webcam Indicator LED,” explains how the researchers were able to reprogram an iSight camera’s microcontroller to activate the recording functions and LED activation lights independently to spy on someone without giving that person any idea that the computer camera is in use.
Stephen Checkoway, an assistant research professor at Johns Hopkins and a co-author of the study, noted that as of now, the exploit works only on 2008 Apple products.
“The ubiquitous webcam indicator LED is an important privacy feature, which provides a visual cue that the camera is turned on,” the researchers wrote in the paper. By turning off the light, the security experts were able to capture video and photos without any indication to the person using the computer.
Mr. Checkoway has been tracking security issues for some time and is a member of the Johns Hopkins University Information Security Institute,. He wrote the paper with Matthew Brocker, another researcher.
There have been past reports of people being spied on with webcams.
Last year, seven computer rental companies agreed to a settlement with the federal government after it was discovered that they were unlawfully capturing photos of customers by using illicit software that controlled a computer’s webcam.
The webcam software, called PC Rental Agent, had been installed on approximately 420,000 computers worldwide, according to the Federal Trade Commission, and was used to spy on thousands of people.
Security experts have warned that webcams are susceptible to hacking, and say there is only really one solution that can guarantee no one is spying on you: a piece of tape stuck over your computer camera.