How’s this for creepy: Cassidy Wolf, who is none other than the reigning Miss Teen USA, found out the hard way that the MacBook’s iSight camera isn’t exactly a foolproof device.
A classmate of Wolf’s was able to shut off the camera’s indicator light with the use of special software. By doing so, he was able to spy on Wolf without her knowledge. With the light off, Wolf had no idea that the camera was on and running.
Two researchers at Johns Hopkins University, Matthew Brocker and Stephen Checkoway, co-authored a paper that explained how they were able to disable the iSight camera’s indicator light on MacBook notebooks and iMac desktops using OS X software called iSeeYou. After reporting their findings and revealing the iSight’s camera soft underbelly in their tests, they also built a countermeasure in the form of an OS X kernel extension, dubbed iSightDefender.
“iSightDefender is able to block all user space reprogramming attempts, including those mounted from within a virtual machine,” wrote Brocker and Checkoway. They go on to say that “using iSightDefender raises the bar for attackers by requiring the attacker to have root privileges in order to reprogram the iSight. In some sense, this is the strongest possible software based defense.”
Though it was initially thought that the vulnerability was confined to older versions of Apple’s MacBook, the FBI has reportedly been able to replicate the same iSight behavior on newer models of Cupertino’s popular laptop.
