Join 3,424 readers in helping fund MetaFilter (Hide)


Can a person hack my Mac's webcam?
May 29, 2012 9:59 PM   Subscribe

Can a tech-savvy person hack the webcam on a Macbook through the wireless network? How can I stop it if it is happening?

For the last couple of weeks, the green indicator light for the iSight webcam comes on randomly. Recently I tried to look into it by selecting programs that use the camera and those programs wouldn't work. The light doesn't stay on all the time, it will just come on at weird times, and stays on. And it's getting really creepy.

I hear it is difficult to hack a Macbook, but I am wondering if someone in my personal life may be doing so. I also read online that doing it is technically possible through the wireless router, even if it would be rather complicated.

I don't think my situation would be due to malware (the typical purpose of hacking a computer remotely), just wondering if someone personally could find a way to do this. How would I know they were doing this? How can I stop it if it is happening? Please give user-friendly how-to fixes because I am not as tech-savvy for Mac and wireless networking as I was for PC.
posted by hungry hippo to Technology (11 answers total) 1 user marked this as a favorite
 
The low-tech solution is to put a piece of tape (cut a nice little piece of black electrical tape to blend in better) and place it over the camera.

Then remove it when you actually want to use the camera, otherwise leave it in place. Unfortunately, this won't stop the microphone from recording.

I don't think someone would be actively hacking you through your router (though it is possible) but it's more likely that you have some malware/virus software installed that's activating the webcam. (or someone installed some monitoring software when you weren't around)
posted by jpeacock at 10:15 PM on May 29, 2012 [2 favorites]


Unfortunately, yes:

http://www.quora.com/Hackers/Is-it-possible-for-hackers-to-access-my-computers-webcam

I'd tape over it and have a tech-savvy person or the Apple people look at it. Never considered the microphone angle though.
posted by ziggly at 10:17 PM on May 29, 2012


It is not difficult to crack a Mac. As a comparison, an iOS device (iPod et al.) is pretty difficult to hack, and yet it happens routinely. There is obviously a far greater focus on Windows because it's the most common, but there are plenty of Mac tools as well, including some commercial "nanny-cam" ones, I believe. The only real difference between a legitimate application like Skype that takes video and sends it across the Internet and an illegitimate one is the user interface.

Agree with the others that the most likely vector was an email you read or a website visited that installed some kind of monitoring software. At this point, making sure everything (OS, Adobe Flash, Java, etc.) is up to date is pointless, because you have to assume you're infected and will have to take some action to clean it out.

A couple trivial things to check: 1. System Preferences -> Accounts -> Login Items. Check that you recognize everything there. 2. Applications -> Utilities -> Activity Monitor. Make sure it says "All Processes," instead of "My Processes." This will show you a list of every program running on your system, for the most part. See if you can correlate the webcam activation with a program that's using CPU.
posted by wnissen at 10:37 PM on May 29, 2012 [3 favorites]


I had problems with that for a while and they went away when, if memory serves, I reset the PRAM.

Odds are pretty low that someone's actually spying on you, especially through such an esoteric method.
posted by DoctorFedora at 10:48 PM on May 29, 2012


It's trivial to crack a Mac: the security model is the weakest out of Windows, Mac and Linux. The relatively low malware rate on Macs relies on goodwill. Anyway, to answer your question:

The LED in a Macbook is fitted in such a way that you cannot turn it off if the webcam is on: so that's the good news, which others have suggested a workaround for.

If you believe or suspect your computer is hacked, you only have one real option: reinstall it, then apply all updates and install your security software. Then do your restore. Remember that every file you restore has the potential to reinfect your machine.
posted by devnull at 11:05 PM on May 29, 2012 [1 favorite]


Disabling the built-in iSight Camera

1) First, we will create a relatively hidden backup folder for the file. If you don’t want the folder hidden from the GUI, just remove the . in front of the directory name. Launch the Terminal and type the following command:
mkdir /System/Library/QuickTime/.iSightBackup

2) Next, we will move the QuickTime component that allows the iSight to be accessed into the backup directory we just created. Type the following command:
mv /System/Library/QuickTime/QuickTimeUSBVDCDIgitizer.component /System/Library/QuickTime/.iSightBackup/

(In case it’s not clear, there is a space between the two directory paths)

3) That’s pretty much it, if you want to enable the iSight again, simply move the QuickTimeUSBVDCDIgitizer.component file back into the main QuickTime directory at /System/Library/QuickTime/
posted by nickrussell at 2:12 AM on May 30, 2012 [1 favorite]


Thank you everyone. I have tried resetting the PRAM at first to see if that addresses the issue. I am almost certain there will be a workable solution in this list of answers. Much appreciated!
posted by hungry hippo at 4:34 AM on May 30, 2012


Here is an Applescript to do it for you. You can also use something like the iPatch.

Some software will turn on the camera for you, without your control. Webex, for example, is notorious for this.
posted by Runes at 8:07 AM on May 30, 2012


One thing you can do is look at your network traffic. A utility like MenuMeters can show you this (and other useful info) right in your menu bar, so you can quickly see traffic as it happens. Next time the light comes on, stop whatever you're doing and see if there's a spike in outbound traffic.

Honestly, it's pretty doubtful you've been hacked, just as a matter of pure odds. If anything, it's more likely that you've got some hardware problem that might be symptomatic of an even worse hardware problem. If there's an Apple Store near you, I'd take it to the Genius Bar.
posted by mkultra at 8:18 AM on May 30, 2012


You might want to read this

Not only is it possible, its been done and there are scripts to do it on mass out there.
posted by Admira at 9:27 PM on May 30, 2012


Resetting the PRAM seemed to fix the issue. I also covered the camera with paper for my own peace of mind.
posted by hungry hippo at 10:24 AM on July 4, 2012


« Older MY wife and I just ended up on...   |  I bought a pair of men's leath... Newer »
This thread is closed to new comments.