josephcrawford.com — So as you might see to the left (if you have an iSight) you can see that it was turned on and can be viewed remoetly.  All i am doing is displaying it back to you but….  What could someone else do with this?  It is actually very simple to do.  If you have the [...]
Nov 12, 2006 View in Crawl 4
nutjobNov 13, 2006
interesting... I've been playing with my laptop's built in isight camera and the Apache install on the machine - getting it to take a new photo everytime you hit special page.I'm thinking of documenting the process if anyone is interested?It's amusing having the light come on every now and then, especially when you're picking your nose etc. but it certainly makes for a workable webcam solution.
bluflameNov 13, 2006
Worked on my MB Core Duo with Opera9.
stanleyfreshNov 13, 2006
...Every bond you break, every step you take, Jobs is watchin you.Seriously, this kinda thing is a bit scary.
daveschroederNov 13, 2006
The iSight "hijack" is nothing more than a QuickTime movie embedded in a web page that displays the locally-attached iSight on the local computer. This has nothing to do with the internet or the web just because it appears in a web page. This is a feature of the iSight, and QuickTime movies can easily be embedded in web pages. The fact that it's a QuickTime movie that displays the output of a locally attached iSight is incidental.To be clear, this only allows a locally-attached iSight to be viewed locally. For someone to view this content remotely, they'd have to already have compromised and have control over your machine, something that we know from experience isn't likely. (Also, even if a machine was completely compromised, there would be hurdles to viewing the content remotely, live, easily. But if the machine was completely compromised and could be controlled remotely, essentially anything could be done with it. But that's a pretty high bar: the machine still needs to be compromised and able to be remotely controlled.)If someone is really paranoid, iSight video digitization can be disabled completely by removing:/System/Library/QuickTime/QuickTimeUSBVDCDigitizer.component/System/Library/Extensions/Apple_iSight.kextIncidentally, this is a way to disable the iSight on managed machines in settings where camera use is not desired.However, if someone compromises your machine, which would be the only scenario in which someone could remotely view your iSight, obviously those items can simply be re-added. The point is that for this to be interesting, it requires the machine to be compromised. Otherwise, it's just displaying the local iSight to the local user.Regards,Dave SchroederUniversity of Wisconsin - Madisondas@doit.wisc.edu<a class="user" href="http://das.doit.wisc.edu/">http://das.doit.wisc.edu/</a>
jfarschmanJul 28, 2009
An even scarier iSight Trick: <a class="user" href="http://digg.com/apple/iSight_WALL_E">http://digg.com/apple/iSight_WALL_E</a>