Miss Teen USA exposes Apple Macbook camera security fail

The fruit themed toymaker Apple’s legendary sloppy security has been brought into the spotlight again after it was revealed that you can turn on the laptops camera without the owner knowing.

Miss Teen USA Cassidy Wolf contacted the FBI after she received two nude photos of herself by e-mail which had been taken over a period of several months.

The untouchables found that the person who had taken the snaps was a high school classmate, a man named Jared Abrahams. Abrahams’s had software on his computer that allowed him to spy remotely on her and numerous other Apple fangirls. Abrahams pleaded guilty to extortion in October.

Laptops with built-in cameras have a privacy feature that turns on a light when the camera is being used. In the case of PCs, security experts say that there is no way to deactivate the warning light. However it appears that in the case of Macbooks someone has worked out how to do it.

In fact the FBI recently admitted to the Washington Post that it has known how to do it for years. This is despite the fact that Apple assured its users that the camera had a “hardware interlock” between the camera and the light to ensure that the camera couldn’t turn on without alerting its owner.

Security experts at Johns Hopkins University have come up  with a method using MacBook and iMac models released before 2008 and would probably work on later models too.

It is based on the fact that a modern laptop has several different computers in one package. Apple designed its MacBooks to block software running on the MacBook’s CPU from activating its iSight camera without turning on the light. But if you target the chip inside the camera, known as a micro-controller, you can defeat this security feature.

But this also opens up a large number of security vulnerabilities in Macbooks which no one ever really thought of.

The researchers found that you could also mount an attack on Apple batteries, which causes the battery to discharge rapidly, potentially leading to a fire or explosion. Another researcher was able to convert the built-in Apple keyboard into spyware using a similar method.

It all depends on how much security Apple puts on its hardware, and it appears that they might not put on much. The reports’ authors said that they had contacted Apple, which got back to them several times. However it does not appear to have done anything.

The best way to deal with the problem is to put a piece of tape on your camera which you take off when you want to use it. No Apple fanboy would do that of course, it would destroy the gizmo’s design. It is much better for them to trust in the power of Steve Jobs to protect them from all hacks. 

Source: TechEye