Apple's line of MacBook Pro laptops was intended for the professional and power users. The MacBook Pro line includes the MacBook Pro 13" Unibody, MacBook Pro 15", MacBook Pro 15" Unibody, MacBook Pro 17", and the MacBook Pro 17" Unibody.

11252 Questions View all

Is the iSight indicator LED hardwired or can it be circumvented?

Hi,

when a macbook's built-in iSight camera is activated, this is indicated by a green light right next to it.

My question is: Can anyone confirm that this indicator light is hardwired e.g. with the camera's power supply, so that it is by hardware impossible to use the camera without the light? (I sure hope so.)

Or can the indicator LED be switched off by software? (Clearly, this is not intended and most probably would not be documented, but it could still be technically possible. And if it is, I would guess, NSA and Co. have ways to acess it, and I don't want them in my home).

In other words: (How much) can I trust the green camera indicator LED?

Answered! View the answer I have this problem too

Is this a good question?

Score 6

Comments:

To make my question more clear (since it has not been addressed by the first answers):

This is not about hackers getting acces to the camera (it clearly can be done).

The question is:

Will the green light necessarily come on, if they do?

And I would count this as a 'yes' only if someone has evidence that is is physically impossible to use the camera without the light (and without physically taking apart my laptop first).

So: has anyone had a look at the camera board or found a record on that?

by

This is a volunteer DIY help forum - I think you've mistaken it for a free personal technical research service.

by

Not at all. I deliberately came to this valued community of people who actually take things apart instead of only guess at the theoretical possibilities like esewhere.

by

Add a comment

10 Answers

Chosen Solution

Here we go.

The answer is: Yes, the iSight indicator can be circumvented, no, it is not hardwired.

http://www.washingtonpost.com/blogs/the-...

Now, esp. @mayer, tell me who is paranoid and who has just been naive.

Was this answer helpful?

Score 0

Comments:

A paranoid is a person who obsess over unsubstantiated worries. In your source material it states: According to the researchers, the vulnerability they discovered affects “Apple internal iSight webcams found in earlier-generation Apple products, including the iMac G5 and early Intel-based iMacs, MacBooks, and MacBook Pros until roughly 2008.” While the attack outlined in the paper is limited to these devices, researchers like Charlie Miller suggest that the attack could be applicable to newer systems as well.

“There’s no reason you can’t do it -- it’s just a lot of work and resources but it depends on how well [Apple] secured the hardware,” Miller says.

by

In plain english Miller claims it's possible, unless it isn't and Apple (wisely) isn't talking. If you, or Miller, can prove it's still possible, then you would not be paranoid.

by

Add a comment
Most Helpful Answer

The Q is are you afraid of a picture or a video?

A picture only takes a second so you would not likely See the Light <pun intended> A video while longer, would be more visible when it was happening giving you a chance seeing the LED was lit.

The other fact here is an iSight image (vid or still) is only one side of the problem you could be spied on by an active microphone in your system! Are you doing any activity that involves heavy breathing with your system on? ;-}

Now that I've scared you - Lets look at some facts:

  • You would have needed to have downloaded a rogue application in the first place to expose your self to the risk. The way TCP/IP works would require your system to open up the session with the other persons system (the rogue app would need to phone home). Remember the other person has no idea what your IP address is and if you are smart you have enabled a software firewall (built-in to OS-X) and an external hardware firewall (your Router) so they can't attack your system externally. Ideally, you should also monitor your outbound sessions so you know what your system is doing and when. Using a good anti-virus and monitoring software puts an end to these risks.
  • Controlling your user accounts and permissions goes a long way here. Are you using only one user account on your system? If you are you should be using at least three; one you use every day, one to install your apps {admin} and one you allow others to use {guest}. If you do internet banking or buy anything on-line then you should create a fourth user account just for it and only use it on trusted sites with your regular bank account debit/credit card (isolating your banking and purchases with this account). Use a different user account (fifth) with a gift/pre-paid card (or a credit card you have set limits on) when your not sure the store/site is trustworthy. If you do any risky surfing you should use still a different user account setup as a guest account as its permissions can be set to lessen your exposure and besides you can always dump the account and re-create it if it get infected. If you used your regular or admin or banking account that could be painful having to rebuild everything.
  • Then the last thing here is setup a location to use your system that doesn't allow someone to see or hear anything they shouldn't if you use iSight or any other video chat. And don't forget to shutdown or put to sleep your system (closing the laptop's lid)!

As to your direct question can the iSight camera LED be turned off via software the answer is dependent on what version of OS-X you are using. Early versions this was possible and Apple altered the iSight camera API's so this couldn't be done in later releases. The iSight camera LED is controlled by software but the way OS (Lion & Mountain Lion) is now managed it would be very difficult for someone to over ride the OS's built-in security to put you at risk (replacing the iSight drivers and/or apps).

Bottom-Line: Mayers' hat is fast becoming a fashion statement ;-} I won't worry about the risk there are bigger ones and ways to minimize your risks on your system if you spend the time and effort using them.

Was this answer helpful?

Score 4

Comments:

Thanks Dan, for your Answer.

So, if you say, it depends on the OS version, that means the answer to my question would be NO, it is not hardwired and YES, it can be circumvented. To you have any references on this? As to how hard it is - well, once an attacker has root access to a machine (which can happen through many different ways), it should not be too hard to replace a driver with a 'patched' version.

by

With Lion and Mountain Lion you can't replace or alter the core services, so the answer here is No you can't patch the OS to alter things. Hint: that's why Apple did this so a rogue program couldn't be installed. Re-read my bulleted points as you missed the answer here. Tape and (a dead plug for the microphone) are your friends here if you really think you are being spied on.

by

Here's a just published Arstechica article on what happened with Miss Teen USA's Web Cam that was hacked (RAT'ed) How the FBI found Miss Teen USA’s webcam spy. Note it was the 'Other' OS that was hacked and she didn't run her system under a more protective user account (restricted from installing apps), nor did she run a good antivirus app to signal her system had be compromised! Lesson learned.

by

Add a comment

So, I will try to sum this up.

A) As for the original question: Although there are several hints into both directions, there appears to be no evidence what so ever about whether the green indicator LED of the iSight camera is actually hardwired to the camera or not. And although, until further evidence, we have to assume that it is theoretically possible to use the iSight camera without activating the indicator light, it seems to be very hard to achieve and has possibly never been done yet (Thanks, fanxAlot for insisting on the original question with me).

B) Even if the LED was hardwired, there is no reason to feel safe from being spied on, because, as Dan pointed out, if single pictures are snapped, the light only flashes briefly, which is hard to notice.

C) If one is concerned about privacy and wants to invest time to make a Mac more safe, other issues are probably more important to look at, given that

  1. There is still at least one microphone in every macbook (without any usage indicator) and
  2. Spying on the contents of the screen and hard drive is easier to do and in many cases more revealing than the camera.
  3. This becomes even more relevant, now that OSX Mavericks introduces a mode where the computer is life and online even during 'sleep' time.
  4. Talking about agencies (domestic or foreign), with access to infrastructure providers, phones are more interesting targets anyway, since they are typically always on, always near us, officially remote controllable and harder to monitor.

Thanks for the discussion so far, and if anyone finds hard evidence to resolve the original question, please still post it here!

Cheers - Heiko

Was this answer helpful?

Score 4

Comments:

Good Summary! Heiko

by

To add to it: Use a good antivirus program on your system - Use multiple (2) firewalls (software & hardware) - Make sure to maintain your OS & apps with the updates - Don't forget to effectively use your user accounts to isolate users or even if you are the only user of the system your most sensitive stuff (i.e. Banking online) - Use strong passwords.

by

And lastly, make sure you download apps from a known safe source (i.e. App Store or major known company) and don't open email messages from people or sources you don't know (i.e. junk email) as the could have a Trojan embedded in it. For parents make sure you have the computer in a common area and use parental filtering & control software on the system.

by

Yeah, I can't find an answer to this question either. It seems almost every thread on the net about this mistakes the question as being about "disabling the camera" whereas what we want to know is

can the camera operate and NOT show the green light?

I plan on passing my MBP onto my kids; while I know I can set up parental controls, I want to make sure no nasties can 'rat' them.

I will do some more research and post back if I find anything useful.

by

As long as you are running Lion or Mountain Lion the answer is No the camera and the LED are tied together (earlier OS's had a bug which allowed someone the turn off the LED). But, that is only part of the issue! If someone snaps a picture you may not see the LED light when the camera is active. So it's important not to expose your system in a way someone (your kid) could download a rogue program which could take over the camera. This is where you need to setup a admin account to manage the system (which they don't have access to). While your kids use limited account/s (maybe even different ones for each child).

by

Show 10 more comments

Add a comment

If the NSA wants to monitor you, there's really nothing you can do. Of course to help them from thought monitoring an aluminum hat might help. Here's a fancy one so you wouldn't look so much like a paranoid nut

Block Image

Was this answer helpful?

Score 3
Add a comment

Hmm, for the sake of others who may search for this topic, let me just state that despite his assertions to the contrary, clearly Dan doesn't know the answer.

His reference to a bug prior to 10.7 above is misleading as it does not concern the link between the green light and camera, but is actually about someone being able to remotely use the camera (with green light on).

I'll remain looking for an answer and will post back again only if if I find one, or someone other than Dan posts something that actually addresses what the OP asked.

Was this answer helpful?

Score 0

Comments:

Just so its clear here the LED lights when the camera is active I haven't stated otherwise (if you had bother to read things fully). The problem is the length of time the LED is lit is a function on how long the camera is active. So if I have a program running on the system which takes a picture 'snap' it will be lit for a few seconds. So are you watching like a hawk, don't blink now! So you did see it didn't you? Most of us just aren't that over focused to be that attentive to cameras LED to know a picture was taken. Besides thats assuming your close enough to the display to even see it. So fanxAlot over-focus here on the LED is of little consequence in the case of a snap picture. While I'll agree a long constant video would be something you would likely see the LED lit (again if the system had a rogue program running on it) then I too would be worried. With the current OS-X this is extremely unlikely to happen with the changes Apple has done.

by

But that doesn't stop good programs from being used (as well as being misused). Thats were your control of the system comes in making sure you control the applications and where the system is located. If you are a parent then you should have the kids computer in a common family room so your child is not alone with it as well as you can monitor what your child is doing (it's called good parenting skills). It also means you should have parental blocking and monitoring on this system so you can backwind the chats and other actions on what your child has done so you know he or she is acting in a safe manor as well as others aren't bulling your child.

by

Add a comment

http://endthelie.com/2013/08/20/nsa-reco...

http://www.nsa.gov/ia/_files/factsheets/...

There's a company that makes a living off performing camera removals from apple laptops for government buyers.

Was this answer helpful?

Score 0

Comments:

Looks like they've gone belly up or bought out by Big Brother.

by

Add a comment

Whether it can be circumvented or not - there's peace of mind in the simple application of a lump of blu-tac.

Was this answer helpful?

Score 0
Add a comment

This just happened to my laptop a moment ago and my laptop is theoretically impenetrable. It is protected by McAfee anti-virus installed by Cisco. I too am now wondering if the flashing light is at all linked to the camera being on because I am not running any application that I have configured to use the camera.

I'm an IT security expert and my gut feeling is that I just got hacked. The reality is it's more likely that the light was broken. It's time for Apple to investigate, because either their hardware is defective, their operating system is defective or I'm too lazy to work out the alternative which is simply that I don't pay attention to all the applications running on my system and one of them is doing something it shouldn't be doing.

Whilst this was going on I had just woken my laptop from sleep mode and Chrome gave me the rainbow spinning wheel. I'm on the very latest OSX image at this moment.

Options: I got hacked. My laptop is defective. My operating system is defective. My applications are defective. I am defective. I wonder which it could be? :)

Was this answer helpful?

Score 0

Comments:

Sadly, I find most IT security folks are the most lax on good passwords and locking down their system (sorry guy).

I'm ultra paranoid not only for my self but how I setup my customers systems. I have yet to find any Mac hacked following good security practices.

1 - Only download from Apples App store or companies which have been in business over two years (good track record).

2 - Use different user accounts for Admin & User functions and lock down permissions.

3 - Maintain your OS and Apps, make sure you are using the latest versions and apply all patches.

4 - Install a good antivirus & anti-malware apps and run them weekly.

5 - Backup, backup & backup again!

by

I would suspect you'll need to reformat the drive and re-install known good copies of your apps.

by

Add a comment

it's so helpfull thank you

Was this answer helpful?

Score 0
Add a comment

I am an Apple tech and i was wondering this question.. obviously the led can be disabled.. the question is would it require a software, firmware or hardware modification? as a hardwear technician i open hundreds of these things. I can see that there is 5 rails on the camera connector to the board. Just by educated guess and my very basic knowledge of elctronics i would say that 5 rails means the led most likely can operate separately from the camera.. i plan to take a look a a schematic to confirm or deny this. Obviously tgis would require physical access to a device and you could also just remove the glass and short the led. My next step after that will be looking into this at softwear & firmware level

Was this answer helpful?

Score 0
Add a comment

Add your answer

Heiko Haller will be eternally grateful.
View Statistics:

Past 24 Hours: 23

Past 7 Days: 181

Past 30 Days: 774

All Time: 49,681