Skip to main content

Apple's line of laptops for professional and power users. To date, the MacBook Pro line includes 13, 14, 15, 16, and 17-inch variants, with major revisions defined by Pre-unibody(Original), unibody, Retina display, Touch Bar, and SOC (system-on-a-chip) designs.

19924 Questions View all

Is the iSight indicator LED hardwired or can it be circumvented?

Hi,

when a macbook's built-in iSight camera is activated, this is indicated by a green light right next to it.

My question is: Can anyone confirm that this indicator light is hardwired e.g. with the camera's power supply, so that it is by hardware impossible to use the camera without the light? (I sure hope so.)

Or can the indicator LED be switched off by software? (Clearly, this is not intended and most probably would not be documented, but it could still be technically possible. And if it is, I would guess, NSA and Co. have ways to acess it, and I don't want them in my home).

In other words: (How much) can I trust the green camera indicator LED?

Update (12/20/2013)

Here we go.

The answer is: Yes, the iSight indicator can be circumvented, no, it is not hardwired.

http://www.washingtonpost.com/blogs/the-...

Now, esp. @mayer, tell me who is paranoid and who has just been naive.

Update (09/27/2013)

So, I will try to sum this up.

A) As for the original question: Although there are several hints into both directions, there appears to be no evidence what so ever about whether the green indicator LED of the iSight camera is actually hardwired to the camera or not. And although, until further evidence, we have to assume that it is theoretically possible to use the iSight camera without activating the indicator light, it seems to be very hard to achieve and has possibly never been done yet (Thanks, fanxAlot for insisting on the original question with me).

B) Even if the LED was hardwired, there is no reason to feel safe from being spied on, because, as Dan pointed out, if single pictures are snapped, the light only flashes briefly, which is hard to notice.

C) If one is concerned about privacy and wants to invest time to make a Mac more safe, other issues are probably more important to look at, given that

  1. There is still at least one microphone in every macbook (without any usage indicator) and
  2. Spying on the contents of the screen and hard drive is easier to do and in many cases more revealing than the camera.
  3. This becomes even more relevant, now that OSX Mavericks introduces a mode where the computer is life and online even during 'sleep' time.
  4. Talking about agencies (domestic or foreign), with access to infrastructure providers, phones are more interesting targets anyway, since they are typically always on, always near us, officially remote controllable and harder to monitor.

Thanks for the discussion so far, and if anyone finds hard evidence to resolve the original question, please still post it here!

Cheers - Heiko

Answer this question I have this problem too

Is this a good question?

Score 12
22 Comments

To make my question more clear (since it has not been addressed by the first answers):

This is not about hackers getting acces to the camera (it clearly can be done).

The question is:

Will the green light necessarily come on, if they do?

And I would count this as a 'yes' only if someone has evidence that is is physically impossible to use the camera without the light (and without physically taking apart my laptop first).

So: has anyone had a look at the camera board or found a record on that?

by

This is a volunteer DIY help forum - I think you've mistaken it for a free personal technical research service.

by

Not at all. I deliberately came to this valued community of people who actually take things apart instead of only guess at the theoretical possibilities like esewhere.

by

A paranoid is a person who obsess over unsubstantiated worries. In your source material it states: According to the researchers, the vulnerability they discovered affects “Apple internal iSight webcams found in earlier-generation Apple products, including the iMac G5 and early Intel-based iMacs, MacBooks, and MacBook Pros until roughly 2008.” While the attack outlined in the paper is limited to these devices, researchers like Charlie Miller suggest that the attack could be applicable to newer systems as well.

“There’s no reason you can’t do it -- it’s just a lot of work and resources but it depends on how well [Apple] secured the hardware,” Miller says.

by

In plain english Miller claims it's possible, unless it isn't and Apple (wisely) isn't talking. If you, or Miller, can prove it's still possible, then you would not be paranoid.

by

Show 17 more comments

Add a comment

9 Answers

Most Helpful Answer

The Q is are you afraid of a picture or a video?

A picture only takes a second so you would not likely See the Light <pun intended> A video while longer, would be more visible when it was happening giving you a chance seeing the LED was lit.

The other fact here is an iSight image (vid or still) is only one side of the problem you could be spied on by an active microphone in your system! Are you doing any activity that involves heavy breathing with your system on? ;-}

Now that I've scared you - Lets look at some facts:

  • You would have needed to have downloaded a rogue application in the first place to expose your self to the risk. The way TCP/IP works would require your system to open up the session with the other persons system (the rogue app would need to phone home). Remember the other person has no idea what your IP address is and if you are smart you have enabled a software firewall (built-in to OS-X) and an external hardware firewall (your Router) so they can't attack your system externally. Ideally, you should also monitor your outbound sessions so you know what your system is doing and when. Using a good anti-virus and monitoring software puts an end to these risks.
  • Controlling your user accounts and permissions goes a long way here. Are you using only one user account on your system? If you are you should be using at least three; one you use every day, one to install your apps {admin} and one you allow others to use {guest}. If you do internet banking or buy anything on-line then you should create a fourth user account just for it and only use it on trusted sites with your regular bank account debit/credit card (isolating your banking and purchases with this account). Use a different user account (fifth) with a gift/pre-paid card (or a credit card you have set limits on) when your not sure the store/site is trustworthy. If you do any risky surfing you should use still a different user account setup as a guest account as its permissions can be set to lessen your exposure and besides you can always dump the account and re-create it if it get infected. If you used your regular or admin or banking account that could be painful having to rebuild everything.
  • Then the last thing here is setup a location to use your system that doesn't allow someone to see or hear anything they shouldn't if you use iSight or any other video chat. And don't forget to shutdown or put to sleep your system (closing the laptop's lid)!

As to your direct question can the iSight camera LED be turned off via software the answer is dependent on what version of OS-X you are using. Early versions this was possible and Apple altered the iSight camera API's so this couldn't be done in later releases. The iSight camera LED is controlled by software but the way OS (Lion & Mountain Lion) is now managed it would be very difficult for someone to over ride the OS's built-in security to put you at risk (replacing the iSight drivers and/or apps).

Bottom-Line: Mayers' hat is fast becoming a fashion statement ;-} I won't worry about the risk there are bigger ones and ways to minimize your risks on your system if you spend the time and effort using them.

Was this answer helpful?

Score 6

6 Comments:

Thanks Dan, for your Answer.

So, if you say, it depends on the OS version, that means the answer to my question would be NO, it is not hardwired and YES, it can be circumvented. To you have any references on this? As to how hard it is - well, once an attacker has root access to a machine (which can happen through many different ways), it should not be too hard to replace a driver with a 'patched' version.

by

With Lion and Mountain Lion you can't replace or alter the core services, so the answer here is No you can't patch the OS to alter things. Hint: that's why Apple did this so a rogue program couldn't be installed. Re-read my bulleted points as you missed the answer here. Tape and (a dead plug for the microphone) are your friends here if you really think you are being spied on.

by

Here's a just published Arstechica article on what happened with Miss Teen USA's Web Cam that was hacked (RAT'ed) How the FBI found Miss Teen USA’s webcam spy. Note it was the 'Other' OS that was hacked and she didn't run her system under a more protective user account (restricted from installing apps), nor did she run a good antivirus app to signal her system had be compromised! Lesson learned.

by

it's so helpfull thank you

by

Whether it can be circumvented or not - there's peace of mind in the simple application of a lump of blu-tac.

by

Show 1 more comment

Add a comment

If the NSA wants to monitor you, there's really nothing you can do. Of course to help them from thought monitoring an aluminum hat might help. Here's a fancy one so you wouldn't look so much like a paranoid nut

Block Image

Was this answer helpful?

Score 4
Add a comment

I’m an Apple tech and I was wondering about this question too! Obviously the LED can be disabled. The question is would it require a software, firmware or hardware modification?

As a hardware technician I open hundreds of these systems. I can see that there is 5 contacts on the camera connector on the logic board.

Just by educated guess and my very basic knowledge of electronics I would say that 5 wires means the LED most likely can operate separately from the camera. I plan to take a look a a schematic to check this.

Obviously, this would require physical access to a device and you could also just remove the glass and disable the LED.

My next step after that will be looking into this at the software & firmware levels

Was this answer helpful?

Score 1

1 Comment:

The camera uses an internal USB connection (two data wires) the microphone located just beside the camera uses two wires. You in fact have two more connections the power feed fifth wire and the shield (there are the two power lines).

The USB logic on the iSight camera controls the iSight LED, no direct connection to the LED from the logic board. The micro controller on the iSight camera controls the LED.

by

Add a comment

Hmm, for the sake of others who may search for this topic, let me just state that despite his assertions to the contrary, clearly Dan doesn't know the answer.

His reference to a bug prior to 10.7 above is misleading as it does not concern the link between the green light and camera, but is actually about someone being able to remotely use the camera (with green light on).

I'll remain looking for an answer and will post back again only if if I find one, or someone other than Dan posts something that actually addresses what the OP asked.

Was this answer helpful?

Score 0

2 Comments:

Just so its clear here the LED lights when the camera is active I haven't stated otherwise (if you had bother to read things fully). The problem is the length of time the LED is lit is a function on how long the camera is active. So if I have a program running on the system which takes a picture 'snap' it will be lit for a few seconds. So are you watching like a hawk, don't blink now! So you did see it didn't you? Most of us just aren't that over focused to be that attentive to cameras LED to know a picture was taken. Besides thats assuming your close enough to the display to even see it. So fanxAlot over-focus here on the LED is of little consequence in the case of a snap picture. While I'll agree a long constant video would be something you would likely see the LED lit (again if the system had a rogue program running on it) then I too would be worried. With the current OS-X this is extremely unlikely to happen with the changes Apple has done.

by

But that doesn't stop good programs from being used (as well as being misused). Thats were your control of the system comes in making sure you control the applications and where the system is located. If you are a parent then you should have the kids computer in a common family room so your child is not alone with it as well as you can monitor what your child is doing (it's called good parenting skills). It also means you should have parental blocking and monitoring on this system so you can backwind the chats and other actions on what your child has done so you know he or she is acting in a safe manor as well as others aren't bulling your child.

by

Add a comment

This just happened to my laptop a moment ago and my laptop is theoretically impenetrable. It is protected by McAfee anti-virus installed by Cisco. I too am now wondering if the flashing light is at all linked to the camera being on because I am not running any application that I have configured to use the camera.

I'm an IT security expert and my gut feeling is that I just got hacked. The reality is it's more likely that the light was broken. It's time for Apple to investigate, because either their hardware is defective, their operating system is defective or I'm too lazy to work out the alternative which is simply that I don't pay attention to all the applications running on my system and one of them is doing something it shouldn't be doing.

Whilst this was going on I had just woken my laptop from sleep mode and Chrome gave me the rainbow spinning wheel. I'm on the very latest OSX image at this moment.

Options: I got hacked. My laptop is defective. My operating system is defective. My applications are defective. I am defective. I wonder which it could be? :)

Was this answer helpful?

Score 0

1 Comment:

Sadly, I find most IT security folks are the most lax on good passwords and locking down their system (sorry guy).

I'm ultra paranoid not only for my self but how I setup my customers systems. I have yet to find any Mac hacked following good security practices.

1 - Only download from Apples App store or companies which have been in business over two years (good track record).

2 - Use different user accounts for Admin & User functions and lock down permissions.

3 - Maintain your OS and Apps, make sure you are using the latest versions and apply all patches.

4 - Install a good antivirus & anti-malware apps and run them weekly.

5 - Backup, backup & backup again!

by

Add a comment

This thread is a bit older now, but it shows out, how seriously all the people work on a single man's question!

BTW I was astonished, seeing the led glow, despite using any program, that in general uses the camera.

After a restart, the light was off.

I keep this thread in mind ....

Thank you all

yours

Rainer

Was this answer helpful?

Score 0
Add a comment

I know this thread is getting old, but on my last macbook the last thing I knew was the led was hardwired, now have the very same question for my MacBook Pro (15-inch, 2018)

Was this answer helpful?

Score 0

1 Comment:

Your camera is wired directly to the T2 chip to even isolate it more! It still uses an internal USB connection to an independent USB channel on the T2 chip.

by

Add a comment

Hello :) how about current MacBooks? Did anything change since back then? The paper from John Hopkins University is about 13 years old…

Was this answer helpful?

Score 0
Add a comment

http://endthelie.com/2013/08/20/nsa-reco...

http://www.nsa.gov/ia/_files/factsheets/...

There's a company that makes a living off performing camera removals from apple laptops for government buyers.

Was this answer helpful?

Score -1

1 Comment:

Looks like they've gone belly up or bought out by Big Brother.

by

Add a comment

Add your answer

Heiko Haller will be eternally grateful.
View Statistics:

Past 24 Hours: 1

Past 7 Days: 4

Past 30 Days: 25

All Time: 76,833