How to get an alert in macOS when an app accesses the webcam or microphone

“Malicious websites and apps can gain access to your webcam and microphone,” Fatima Wahab reports for Additive Tips. “A lot of people might consider this to be an urban legend but there is truth to it.”

“Unfortunately, a website or an app that does this isn’t going to be easy to detect by the average user,” Wahab reports. “Tech savvy users might be able to tell if their webcam or mic is being accessed but for the ordinary user, and Mark Zuckerberg, you likely have to tape a bit of paper over your webcam to be safe.”

“Oversight is a free macOS app that makes this much easier. It monitors all connected webcams and microphones and alerts you when they are accessed,” Wahab reports. “It’s a very simple app that monitors current processes and can identify which app started a process to access these two devices.”

Read more in the full article here.

MacDailyNews Take: On this issue, we’re decidedly brute-force/low tech as we’ve been taping our Mac cameras for several years. Call us paranoid, but first see the related articles below. That’s why we use camJAMR iSight camera covers on our iMacs and MacBook Airs. They’re black, so they work perfectly with our iMacs and they’re removable/reusable. We’ve stuck and unstuck them hundreds of times. We just leave them on and peel them aside when we want to use the iSight camera.

SEE ALSO:
Former NSA staffer demonstrates Mac malware that can tap into live webcam and mic feeds – October 6, 2016
Mark Zuckerberg covers his MacBook’s camera and microphone with tape – June 22, 2016
How to disable the iSight camera on your Mac – February 19, 2015
Orwellian: UK government, with aid from US NSA, intercepted webcam images from millions of users – February 27, 2014
Sextortion warning: It’s masking tape time for webcams – June 28, 2013
Research shows how Mac webcams can spy on their users without warning light – December 18, 2013
Ex-official: FBI can secretly activate an individual’s webcam without indicator light – December 9, 2013
Lower Merion report: MacBook webcams snapped 56,000 clandestine images of high schoolers – April 20, 2010

13 Comments

    1. No actually. It is signed with an Apple developer security certificate. It simply opens and runs on recent versions of OS X. [There are still worries about certificates leaking out of Apple’s less-than-safe enterprise developer security certificate system, but Apple has managed to limit that so far to very few.] If the app was potentially dangerous, you’d have to turn off Gatekeeper to let it open and install.

      1. There remain many benefits to a developer by NOT putting their software into the Apple Mac App Store, but still obtaining Apple developer security certification:

        (A) Apple limit the functionality of apps, most specifically the extent to which they interact with the operating system itself, as found in their sandboxing requirement. An app like OverSight is unlikely to work inside a sandbox.

        (B) That 30% goes to Apple concern.

        Apple, happily, doesn’t force all Mac software to come from only their App Store. But they DO force at least developer security certificates. In Sierra, there is no obvious option for turning off Gatekeeper.

        1. DC, I think that your second point is weak. Apple’s 70% payout to developers was a breakthrough when the App Store was created. Apple created the ecosystem, created and manages the App Store, creates and distributes iOS and the developer tools, and handles the transactions and customer interface. I disagree with the people who are dissing Apple. Others were paying less to developers before Apple’s App Store. Go diss them.

          1. I know developers who would rather sell their apps on their own and they make more money doing so. Apple provides marketing exposure, app vetting and transactions with customers as well as reviews and other data. Whether that’s worth taking 30% of the profits from the app is up to the developer and some find it is not. This become more difficult when their apps have to be hobbled in some way to meet Apple’s app function/capability limitations, which generally are related to sandboxing.

            Sorry if you differ in opinion. I’m not a developer so I’m not offering my POV. I’m offering the POV of some developers I know. It’s no secret.

            1. I am a independent Apple developer. I have been for over 7 years. For all that Apple does for me as a one person development shop, I am happy for them to take their 30%. Before the app store, I had only half as much time to work with customer requests and actual development.

  1. Zuckerburg’s tape over the microphone or what we see as the audio jack, looks like a lark. Camera is easy. But audio is more difficult, as taping anything doesn’t prevent sound waves from getting through.

    Also after replacing my keyboard (top case) on my 2014 rMBP, it seems there are two microphones, on the left side – along the length of the speaker grill. Check the iFixIt tear down to have a look. It’s the same going back to 2012, both 13 and 15″.

    Being notified if a rogue app access an API or some AV input, is the only way to know.

    For the most part I simply cover my cam and hope for the best. No lights so far.

  2. I’m an engineer and I’m still stumped as to why this is even an issue. All the hardware designers need to do is put the camera status LED in line with the camera’s power rail. If the LED is off then the camera is off, period. Other than physically modifying the computer to bypass the LED, there’s nothing a hacker could do with software to gain access to the camera without the user knowing that the camera was on.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.