A research done at the Johns Hopkins University has revealed that it is possible to remotely activate a built-in laptop webcam without triggering the warning LED next to it, The Washington Post reports. Though researchers used the 2008-era MacBook and iMac models to demonstrate the technique, they said that similar techniques could work on modern day computers from various vendors.
So, what does it mean? It means that if you have a laptop with a built-in camera, it is possible for an individual or a government agency to remotely access it to spy on you, and you'd probably never know about it.
Stephen Checkoway, the co-author of the research and a computer science professor at the university, said that the 2008-era MacBooks they studied had a hardware interlock that made sure the green LED glows whenever the webcam was active and capturing video. But he, along with a university graduate student Matthew Brocker, figured out a hack to bypass this security protection by reprogramming the micro-controller of the internal iSight webcam.
The paper iSeeYou: Disabling the MacBook Webcam Indicator LED details the specifics of how Stephen Checkoway and Matthew Brocker disabled the warning LED and used unprivileged (non-root) software applications to remotely access the MacBook webcam.
The research only proves what's been in the news recently. Marcus Thomas, who used to work at the FBI’s Operational Technology Division, recently admitted that FBI has been using a similar hack for several years. A similar technique was also used in the 'sextortion' hacking case targeting Miss Teen USA.
Charlie Miller, a security expert at Twitter, gives an easy solution to this problem. “The safest thing to do is to put a piece of tape on your camera,”, he says.