Ex-NSA Hacker Creates Tool To Warn You Of Webcam Spies
This tool will alert you when a stealthy spyware starts watching or listening you while you use your Mac computer.
Do you cover your webcam with tape?
There was a time when the only people doing that were paranoid hackers or security researchers worried about leaving that little digital eye always exposed. But when Mark Zuckerberg posted a picture on his Facebook account earlier this year, revealing he covers his webcam (and his mic!), he prompted countless thinkpieces on why, perhaps, you should cover yours as well.
And yes, you probably should. But what happens when you need to use your webcam and microphone to talk to your partner who's on a far-away trip, your colleagues during a business conference call, or perhaps a confidential source? That's when a smartly-designed spy software could turn on and capture your conversations, and you'd have no way to know whether that's happening.
Now ex-NSA hacker is launching a new free tool for Mac that monitors your computer and alerts you when any application, be it a legitimate one like Skype or FaceTime, or a sketchier one, is accessing your webcam and microphone streams.
"I want to know who and what is using my webcam," Patrick Wardle, the former NSA staffer who's now the director of research at security firm Synack told Motherboard.
Wardle, who has a knack for finding new ways around Apple computers' security measures, argues that tape can only get you so far. At some point, you need to use your computer for important video and audio conversations.
Important private conversations, whether they're with friends, family, business partners or confidential sources, are also likely to be the most interesting to anyone who would want to spy on you.
"These are the kind of things that as an attacker you would want to record anyways, because otherwise i'm just sitting at my desk petting my dog," Wardle said jokingly.
"I want to know who and what is using my webcam."
Luckily, Mac computers come by default with a green LED light that will alert you when your webcam is on, making it pretty easy to tell when it's on for no reason (There is no mic LED, however). And in the past, researchers have found ways to disable the LED light when turning on the webcam surreptitiously, and in one case, a high school even reportedly used Mac webcams to spy on its students.
Obviously, when your are purposely using FaceTime, you expect the webcam and mic to turn on —along with the green LED light. But Wardle's argument is that if another application, say a spyware, turns on right after that, the user has no way of knowing he or she is being spied on.
Apple declined to comment.
Wardle's new tool is called Oversight, and all it does is monitor webcam and mic usage to detect when an application tries to access them, and notifies the user, who can then decide to allow the stream to go on, or block it. If there's malware on your laptop that's designed to activate only when you turn on your webcam and mic, Oversight will pop up two notifications, one for when FaceTime, Skype or another similar app launches, and one for when the malware turns on.
There's never been proof that any Mac malware found in the wild until now is designed to piggyback on the legitimate use of webcam and mic, but Wardle, who designed a proof of concept malware to test his tool, just wanted to give Mac users a way to protect in case that happens.
Mac malware is still relatively rare, but in the event someone ever hacks your computer and wants to stealthily spy on your webcam, now you have a tool to catch them.
Get six of our favorite Motherboard stories every day by signing up for our newsletter.
- motherboard show
- Patrick Wardle
- Tech news
- information security
- Internet Insecurity