[vilhelm_s]

Early macbooks tried to do something like this, but got it wrong. The camera unit had a bunch of pins, including a "STANDBY" pin which turns off the sensor, and they wired the green LED directly to the standby pin.

But then in 2013 some researchers figured out that actually the camera unit is an entire system-on-a-chip, with a configuration register accessible on an i2c bus, so they could write some malware which first re-configures the camera to ignore the standby signal, and then turn it on...

The paper notes that many camera units have a separate power connection for the CMOS sensor itself, which would be more secure. And I hope later-model macbooks have fixed it. But I guess this shows that it possible to get even seemingly bullet-proof solutions wrong.

https://jscholarship.library.jhu.edu/handle/1774.2/36569

(As a more practical problem, I have also seen suggestions that it's possible to turn on the camera, take a photo, and turn it back off again too quick for the LED to be noticable, and if you do that several times per second you could capture low-frame-rate video without the green light, so even a hardware solution might not be perfectly secure.)

[mopsi]

> As a more practical problem, I have also seen suggestions that it's possible to turn on the camera, take a photo, and turn it back off again too quick for the LED to be noticable, and if you do that several times per second you could capture low-frame-rate video without the green light, so even a hardware solution might not be perfectly secure.

It's trivial to add a capacitor or hardware timer to illuminate indication light for some time after the camera loses power.

[ghostly_s]

Your wording implies more-recent Macbooks no longer bother with this security feature. I believe I've read elsewhere they actually switched to a custom control board which renders this hack impossible. Is that not the case?

[vilhelm_s]

I didn't mean to imply that, sorry.

[im3w1l]

Even when they thought it was a hardware button it was still a software one just at a deeper layer? Good cautionary tale!

Wonder if malware could do reconfigure some chips (not necessarily macbook one) to go into parasitic power mode or something, that is when the power is supposedly off they keep running with power taken from some data connection.

[fyfy18]

This is how Power Nap works. Even though the lid is closed and your laptop is supposedly asleep (on battery or AC), the software can still wake it occasionally.

https://support.apple.com/en-us/HT204032

[Godel_unicode]

Siphoning power from a data connection is sci-fi and not at all how Power Nap works. It's just a fancy sleep mode plus a timer.

[im3w1l]

I don't know what you mean by sci fi?

Consider this sensor https://martybugs.net/electronics/tempsensor/hardware.cgi

If someone used such a sensor and overlooked the parasitic mode, then that could be used even when the power was physically shut off.

[Godel_unicode]

You appear to be suggesting that a temperature sensor and a MacBook in Power Nap mode use similar amounts of power. That is not the case.

Even in the webcam case, powering the camera CCD would take significantly more power than is supplied by the data line. You can derive this for yourself without taking one apart by realizing that the power is supplied separately for a reason.

Further, it's not the case that this would work when the power is "physically shut off". If there's no power then there's no power.