i think the obvious solution would be to have the light in series with the power to the camera, so that in order for the camera to be on, the light will also have to be on
Early macbooks tried to do something like this, but got it wrong. The camera unit had a bunch of pins, including a "STANDBY" pin which turns off the sensor, and they wired the green LED directly to the standby pin.
But then in 2013 some researchers figured out that actually the camera unit is an entire system-on-a-chip, with a configuration register accessible on an i2c bus, so they could write some malware which first re-configures the camera to ignore the standby signal, and then turn it on...
The paper notes that many camera units have a separate power connection for the CMOS sensor itself, which would be more secure. And I hope later-model macbooks have fixed it. But I guess this shows that it possible to get even seemingly bullet-proof solutions wrong.
(As a more practical problem, I have also seen suggestions that it's possible to turn on the camera, take a photo, and turn it back off again too quick for the LED to be noticable, and if you do that several times per second you could capture low-frame-rate video without the green light, so even a hardware solution might not be perfectly secure.)
> As a more practical problem, I have also seen suggestions that it's possible to turn on the camera, take a photo, and turn it back off again too quick for the LED to be noticable, and if you do that several times per second you could capture low-frame-rate video without the green light, so even a hardware solution might not be perfectly secure.
It's trivial to add a capacitor or hardware timer to illuminate indication light for some time after the camera loses power.
Your wording implies more-recent Macbooks no longer bother with this security feature. I believe I've read elsewhere they actually switched to a custom control board which renders this hack impossible. Is that not the case?
Even when they thought it was a hardware button it was still a software one just at a deeper layer? Good cautionary tale!
Wonder if malware could do reconfigure some chips (not necessarily macbook one) to go into parasitic power mode or something, that is when the power is supposedly off they keep running with power taken from some data connection.
The obvious solution is to make this a regulatory requirement.
You want to sell cameras in this country? The on indicator light must be hard wired.
With exception for some professional grade equipment, or the ability to physically cover the indicator light when the recording environment requires it, for whatever reason.
If I want to buy a camera to place in my own home without having it light up (and without having to mod it), that's my business.
I understand what you're getting at: you want to protect average people from predatory device manufacturers who would make an Internet-connected camera and then spy on their customers.
But requiring non-disableable lights by law has unintended consequences.
Of course, and that's how most webcams work. But my point was with this particular camera, they clearly didn't build it that way, but now they're going to make people think they did, and that's what is dangerous here.
vilhelm_s|6 years ago
But then in 2013 some researchers figured out that actually the camera unit is an entire system-on-a-chip, with a configuration register accessible on an i2c bus, so they could write some malware which first re-configures the camera to ignore the standby signal, and then turn it on...
The paper notes that many camera units have a separate power connection for the CMOS sensor itself, which would be more secure. And I hope later-model macbooks have fixed it. But I guess this shows that it possible to get even seemingly bullet-proof solutions wrong.
https://jscholarship.library.jhu.edu/handle/1774.2/36569
(As a more practical problem, I have also seen suggestions that it's possible to turn on the camera, take a photo, and turn it back off again too quick for the LED to be noticable, and if you do that several times per second you could capture low-frame-rate video without the green light, so even a hardware solution might not be perfectly secure.)
mopsi|6 years ago
It's trivial to add a capacitor or hardware timer to illuminate indication light for some time after the camera loses power.
ghostly_s|6 years ago
im3w1l|6 years ago
Wonder if malware could do reconfigure some chips (not necessarily macbook one) to go into parasitic power mode or something, that is when the power is supposedly off they keep running with power taken from some data connection.
TheSpiceIsLife|6 years ago
You want to sell cameras in this country? The on indicator light must be hard wired.
With exception for some professional grade equipment, or the ability to physically cover the indicator light when the recording environment requires it, for whatever reason.
kelnos|6 years ago
I understand what you're getting at: you want to protect average people from predatory device manufacturers who would make an Internet-connected camera and then spy on their customers.
But requiring non-disableable lights by law has unintended consequences.
jedberg|6 years ago