174 words on Mac OS X
Just a thing that Steffen pointed out to me this morning: On a camera equipped Mac, opening a web page can activate the camera. While I am not aware of any real security implications by this (and at least superficially looking at Quartz Composer suggested there is no way to send a recorded image away from it), I do find it extremely freaky that visiting a web page can turn that little light on and make sure I am filmed.
So while you’re being freaked out by that you might as well enjoy it a little:
Just as application have to ask me for permission to use information from my keychain, I’d feel much more comfortable if they had to do the same before using a camera. Or a microphone, once I start thinking about it.
And now that paranoia has set in, I’d still like to see conclusive evidence that the built-in camera’s status light is implemented in hardware and cannot be decoupled from the camera being active by some clever software tweak…
Oh, I don’t like that. On the other hand, how easy is it to get to the data the camera sends? It’s one thing to activate it, but to receive the stream using a web-based exploit must be hard.