Mac camera may be spying on you

Stephen Checkoway, a computer science professor at Johns Hopkins University and graduate student Matthew Brocker claim that they can bypass the warning light when the Mac iSight camera.

A “hardware interlock” between the camera and the light can be circumvented by reprogramming the micro-controller chip inside the camera. This technique will allow the camera and light to be turned off or on independently.

"The same technique that allows us to disable the LED, namely reprogramming the firmware that runs on the iSight, enables a virtual machine escape whereby malware running inside a virtual machine reprograms the camera to act as a USB Human Interface Device (HID) keyboard which executes code in the host operating system. We build two proofs-of-concept: (1) an OS X application, iSeeYou, which demonstrates capturing video with the LED disabled; and (2) a virtual machine escape that launches Terminal.app and runs shell commands. To defend against these and related threats, we build an OS X kernel extension, iSightDefender, which prohibits the modification of the iSight’s firmware from user space."

The FBI has long been able to covertly activate a computer’s camera, without triggering any "recording in progress" warning light.

The best technique to guard against this is simply to put a piece of tap over the camera.

A video demonstrating how the iSight camera can be turned on without activating the small-green LED light on older Macs can be found here.