toggle

AAPL Stock: 112.05 ( -0.6 )

Printed from http://www.macnn.com

Researchers: 2008 iSights vulnerable to low-probability firmware mod

updated 06:30 pm EST, Wed December 18, 2013

Hack not stealthy, installation requires administrative password input by user

Recently published research by Johns Hopkins University has confirmed what the FBI reported earlier this month -- that it is possible for remote attackers who have installed a software patch on a user's computer to activate an iSight camera on some of Apple's older laptop and iMac computers without powering the LED signifying an active camera.

The 2008 editions of Apple hardware had a hardware interlock between the camera and the light in an attempt to make camera power-on impossible without owner awareness of the situation. Researchers Stephen Checkoway and Matthew Brocker discovered that the firmware of the camera can be updated to disable the feature.

The firmware update requires the user to authenticate the software with the administrative password. Given that an administrative user password is required, the user is at least partially complicit in the software modification, allowing the activation and making this assault somewhat less than stealthy (contrary to some more hysterical media reports). The odds of the modification being done without access to the owner's administrative account password are, to put it mildly, extremely remote.

The researchers claim that the vulnerability is confirmed to affect "Apple internal iSight webcams found in earlier-generation Apple products, including the iMac G5 and early Intel-based iMacs, MacBooks, and MacBook Pros until roughly 2008" and not newer devices. Other researchers believe that the method can be used on newer hardware from Apple and other vendors as well.




by MacNN Staff

POST TOOLS:

TAGS :

toggle

Comments

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

MacNN Sponsor

Recent Reviews

Dell AD211 Bluetooth speaker

For all of the high-priced, over-engineered Bluetooth speakers in the electronics market, there is still room for mass-market solution ...

VisionTek 128GB USB Pocket SSD

USB flash drives dealt the death blow to both the floppy and Zip drives. While still faster than either of the old removable media, sp ...

Kodak PixPro SL10 Smart Lens Camera

Smartphone imagery still widely varies. Large Megapixel counts don't make for a good image, and the optics in some devices are lackin ...

toggle

Most Commented

 
toggle

Popular News