MacBook Neo: New approach to protect users from webcam espionage
To prevent attackers from activating the webcam and microphone unnoticed, Apple uses various techniques. The Neo relies on a new variant.
(Image: Sebastian Trepesch / heise medien)
Apple promises “additional security” against the secret activation of the integrated camera with the MacBook Neo. A new security architecture relies on a combination of “system software and dedicated silicon elements” in the processor. This prevents “untrusted software” from activating the webcam without the green status light on the screen illuminating, the manufacturer promises in an updated security whitepaper. The protection continues to exist even if malware gains root or kernel privileges.
Apple's Undocumented Chip Enclaves
According to a developer's statement, this uses “enclaves” from Apple that have not been publicly documented so far – areas demarcated at the chip level that communicate very restrictively with the kernel and userspace. The orange light that illuminates when the microphone is open is also secured in this way. According to preliminary reports, such “enclaves” are only available from M4 and A18 – the latter is found in the A18 Pro variant in the MacBook Neo. Why Apple uses this system exclusively with the MacBook Neo, according to the whitepaper, remains unclear.
Videos by heise
iPhones, iPads, and MacBooks signal with a green status indicator when the webcam or front camera is active. The manufacturer uses different techniques for this. For MacBook Air and MacBook Pro, a hardware solution is used: the camera is designed in such a way that it cannot be activated without simultaneously switching on the status light, which is placed directly next to it and is independent.
Apple explicitly advises against using a camera cover on MacBooks, as this could damage the display when the laptop is closed. The connection to the microphone is supposed to be disconnected at the hardware level on all MacBook models for years as soon as the notebook is closed. For iPads, Apple promises the same protection from model year 2020 onwards in combination with specially designed magnetic cases.
iPhones Only with Software Status Light?
However, iPhones seem to rely solely on their software status lights. Recently, security researchers reported that sophisticated iOS spyware was able to activate the camera and microphone on a compromised target device – at least in iOS 18 – without the status light illuminating. Whether this also applies to newer iPhone models from the 16 series with A18 is unknown. More than ten years ago, another research team caused a stir: It documented a way to disable the webcam status LED of very old MacBooks (up to approx. model year 2008) via software – without any privilege escalation.
Empfohlener redaktioneller Inhalt
Mit Ihrer Zustimmung wird hier ein externer Preisvergleich (heise Preisvergleich) geladen.
Ich bin damit einverstanden, dass mir externe Inhalte angezeigt werden. Damit können personenbezogene Daten an Drittplattformen (heise Preisvergleich) übermittelt werden. Mehr dazu in unserer Datenschutzerklärung.
(lbe)
