Noticed a post “Slashdot | Apple Closes iSight Security Hole” which talks about iSight being used to maliciously spy on a user. But, this isn’t new to Mac OS X hardware. In fact, it’s a problem that’s been around since the black box NeXT days.
When I worked at and ISP that used old NeXT machines, I used to tape a wad of paper to the mic on the monitors because it was not unheard of that someone could listen in to whatever conversations were happening in the room. This was a security hole that existed when a machine was configured to allow remote machines to display their application windows on a local machine.
I used to farm TTYs from other machines, primarily in sales because they didn’t use many terminal sessions, because there was a kernel limit on the number of TTYs a machine could use. So, I would remotely run additional Terminal.app instances on remote machines but display the windows on mine. This was so I could stay logged in to all the various terminal servers at the same time. Half of my screen used to be filled with tiles for open terminal sessions minimized.
So, I had my machine configured to allow remote apps to display on mine, and that’s the way the security hole worked. As a precaution, I taped a wad of paper over the mic. Funny to think about it now, but I had no reason to trust it wouldn’t happen that I would be listened to that way. When you work for an ISP started with Russian mob money …
Even funnier, in a sad way, is that the next ISP had a group of immature wannabe gangsta geeks who were just as likely to do stupid and unethical things, too.
Ah, the warm memories … actually, more of a burning … in my stomach.