iSeeYou: Disabling the MacBook Webcam Indicator LED- RSVP required

September 30th, 2013

Monday Oct 7 Noon King 239  

Disabling the MacBook Webcam Indicator LED

Disabling the MacBook Webcam Indicator LED Modern computers contain a surprising number of processors distinct from the CPUs, each dedicated to a specific task. These processors along with their perhipherals form embedded systems inside standard desktop and laptop systems which are frequently overlooked when evaluating the security of computer systems. In this talk, I'll describe a security analysis of one such embeddedsystem: the Apple iSight webcam. The iSight contains, as a privacy feature, an indicator LED which provides a visual cue that the camera is turned on. I'll describe how the hardware that controls the LED can be bypassed, enabling video to be captured without any indication to the user. I'll also show how the iSight can be leveraged by malware to break out of a Virtual Machine sandbox.

Stephen Checkoway, is an Assistant Research Professor in the Johns Hopkins University Department of Computer Science and a member of the Johns Hopkins University Information Security Institute where he teaches courses on computer security and software vulnerabilities. His work includes security analyses of automotive emedded systems and computer voting systems as well as offensive and defensive computer security research. Checkoway earned bachelor's degrees in mathematics and computer sciences from the University of Washington in 2005 and a Ph.D. in computer science in 2012 from the University of California, San Diego. RSVP in the CSCI office King 223 for Pizza lunch