The woman was shocked when she received two nude photos of herself by e-mail. The photos had been taken over a period of several months – without her knowledge – by the built-in camera on her laptop.
Fortunately, the FBI was able to identify a suspect: her high school classmate, a man named Jared Abrahams. The FBI says it found software on Abrahams’s computer that allowed him to spy remotely on her and numerous other women.
Abrahams pleaded guilty to extortion in October. The woman, identified in court papers only as C.W., later identified herself on Twitter as Miss Teen USA Cassidy Wolf. While her case was instant fodder for celebrity gossip sites, it left a serious issue unresolved:
Most laptops with built-in cameras have an important privacy feature – a light that is supposed to turn on any time the camera is in use. But Wolf said she never saw the light on her laptop. As a result, she had no idea she was under surveillance.
That wasn’t supposed to be possible. While controlling a laptop camera remotely has long been a source of concern to privacy advocates, conventional wisdom said there was no way to deactivate the warning light.
But evidence is mounting that this creepiest of intrusions is real.
There have been warnings. Marcus Thomas, former assistant director of the FBI’s Operational Technology Division in Quantico, Va., said in a recent story in The Washington Post that the FBI has been able to covertly activate a computer’s camera – without triggering the light – for several years.
Now research from Johns Hopkins University provides the first public confirmation that it’s possible to do just that, and demonstrates how. While the research focused on MacBook and iMac models released before 2008, the authors say similar techniques would probably work on more recent computers from a wide variety of vendors.
In other words, if a laptop has a built-in camera, it’s possible someone – whether the federal government or a malicious 19-year-old – could access it to spy on the user at any time, and the user would never know.
The iSight camera was designed to prevent this, said Stephen Checkoway, a computer science professor at Johns Hopkins and a co-author of the study. “Apple went to some amount of effort to make sure that the LED would turn on whenever the camera was taking images,” Checkoway said. The 2008-era Apple products they studied had a “hardware interlock” between the camera and the light to ensure that the camera couldn’t turn on without alerting its owner.
But Checkoway and his co-author, Johns Hopkins University graduate student Matthew Brocker, were able to get around this security feature. That’s because a modern laptop is actually several different computers in one package. “There’s more than one chip on your computer,” said Charlie Miller, a security expert at Twitter. “There’s a chip in the battery, a chip in the keyboard, a chip in the camera.”
MacBooks are designed to prevent software running on the MacBook’s central processing unit (CPU) from activating the iSight camera without turning on the light. But researchers figured out how to reprogram the chip inside the camera, known as a micro-controller, to defeat this feature.
In a paper called “iSeeYou: Disabling the MacBook Webcam Indicator LED,” Brocker and Checkoway describe how to reprogram the iSight camera’s micro-controller to allow the camera to be turned on while the light stays off. Their research is under consideration for an upcoming academic security conference.