Disabling the built-in microphone for security reasons
 

Though built-in laptop cameras can be easily obscured with tape or a sticker, there seems to be a plethora of information available regarding disabling them, and yet none pertaining to microphones.

Is there some way to disable the built-in Macbook microphone, or the ones in other sorts of laptops, for that matter? I've changed the input settings to Line In instead of the internal mic and it no longer appears to be picking up sound, but I imagine this could be easily overridden.

Thanks for your time.

I'm interested to know what "security problems" you think the microphone might cause.
Worst case: someone has hacked your Mac so that everything is recorded and the output sent over the Internet to a third party.

This is essentially no different from someone hacking your Mac and installing a keylogger or any other eavesdropping software.

General security precautions for a laptop include:
1. Require a login at boot.
2. Require password to end screen saver.
3. Don't run an admin account for your daily work.

You could also install Little Snitch to stop outgoing internet connections.

You could try changing the permissions of the preference file that stores the audio settings. I tried changing my Sound settings and looking to see what plist got modified, but couldn't find anything. Perhaps the settings are stored in PRAM directly.

Hm. I'm surprised that anyone would want elaboration upon the privacy hazards raised by most new electronics having built in cameras and microphones, honestly. It's awfully straight-forward, and the fact that lesser security breaches are also possible is no reason to not attempt to alleviate greater ones. Though by no means an epidemic, past instances of webcams and microphones being used remotely for spying are well documented. Even if that weren't the case it would be plain to see that such implements could theoretically be used as incredibly convenient bugs. There's just no reason to expose yourself to such a potential breach of privacy.

I also do actually have Little Snitch, and my screensaver/login is password protected, though there's no prompt at boot.

Yes, can you elaborate, please?
Are you suggesting that someone can eavesdrop on the mic, without physical access to the computer, when the mic is selected as the current input but not actually recording anything?

There's a green light that goes on when the camera is on, right next to it, which is a bit of a giveaway.

A couple of Google searches for various terms doesn't yield much. This thread is third on one of them.

I dont believe that the camera or mic can be used w/o your consent, as long as you are securely on the net.

Can you clarify "as long as you're securely on the net"? Under what circumstances can it be used w/o your consent?

The only thing I've discovered is that Flash Player can use your camera or mic, but this is disabled by default in the settings.
And frankly, if you're that serious about security, you wouldn't have Flash on your Mac anyway.:p

Perhaps you could change the permissions of the Sound preference pane so that only the admin group can read it. Though again, I can't imagine how the sound input settings might become "over-ridden". If some malware is already in a position to do that, you've got bigger problems than people hearing what you say to your laptop.

You can find most of the hardware in /System/Library/Extensions

Just find the proper kext file and rename it or move it to a different location and it should disable the hardware in question

Rather than renaming or moving the kext, you could try terminating it with kextunload (see man page for syntax). Apple's recent tendency to code-sign core components has made it more difficult to tinker with a lot of the lower levels of the system.

But which kext controls the microphone? As tlarkin suggests, start poking around in /System/Library/Extensions for audio-related kexts. Note that often kexts contain other kexts, so you may need to drill down a few times to find a likely package. Scanning this directory on a Leopard machine for files containing the word "microphone" reveals these suspects:

/System/Library/Extensions/AppleHDA.kext/Contents/MacOS/AppleHDA
/System/Library/Extensions/AppleHDA.kext/Contents/PlugIns/AppleMikeyDriver.kext/Contents/MacOS/AppleMikeyDriver
/System/Library/Extensions/AppleOnboardAudio.kext/Contents/MacOS/AppleOnboardAudio
/System/Library/Extensions/SM56KUSBAudioFamily.kext/Contents/PlugIns/AppleSM56KUSBAudio.kext/Contents/MacOS/AppleSM56KUSBAudio
/System/Library/Extensions/AppleUSBAudio.kext/Contents/MacOS/AppleUSBAudio

Some of these kexts could have been added by third-party apps, so your list may differ.

Good luck.

In the Sound Preference Pane, you can set the input level of the microphone to zero. Certainly safer than fiddling with kexts.

I get the distinct feeling that it isn't out of curiosity that you ask these things so much as out of some strange attempt at antagonism. Are you suggesting that they can't? If you have reason to suspect such a thing, I certainly wouldn't mind knowing why. You do have over two thousand posts here and are posting on the hardware forum, after all, I presume to help others more often than to ask questions. You sure you don't really know the answers yourself? I'm merely asking for help, and have made none of the claims of great technological knowledge that you seem to be attempting to tear down.

If this weren't the case I'd suggest replacing any instances of the word microphone with webcam in your queries, since, as noted in the first post, people tend to be more worried by that, and it's just naturally assumed that the two will be used in conjunction.

Yes, but I've already dealt with the camera, and that isn't the case for the microphone, I assume because it is always on. I can set the input back to the internal mic, for example, and no light will go on as it shows the levels of sound being picked up.

Ah, thank you very much. I hate to ask such an obvious question, but how did you go about searching for that term? Finder brings up nothing for it, although I do see those files in there. Just from the looks of them, though, I suspect that altering any would affect more than just the microphone, even if you were to delve down into them a bit. Suppose I'll make backup before trying anything.

Oh, hm. I hope this isn't what's actually necessary to make changes, because I'm afraid little of it makes sense to me. Am I correct in assuming that doing it this way would make it more likely that one could inadvertently do irreparable damage?

I've actually seen this suggested in the few places that attempted to address the microphone issue, but it turns out that it only sets the sensitivity very low. It will still register sound perfectly clearly if you tap near the mic or speak close to it/somewhat loudly from a normal distance.

How risky is messing with kexts, exactly?

It would be extremely difficult if not impossible for someone to remotely bypass your firewall and password and enable your microphone without your permission. If they did somehow manage to accomplish this, you would have way bigger things to worry about. You then shouldn't trust anything it tells you. (EDITED TYPO) They would have already have access to everything on your computer.

Even if you disabled the kext files, there would be nothing preventing the hacker from re-enabling them and hiding them from you.

Most cases of webcam snooping are due to someone having physical access to the computer while the owner is away/unaware. Again, if a person had physical access and was able to plant spy software on your Mac, they could easily re-enable the microphone, and possibly even hide the fact that the Mic is active.

kexts are system files that are used to run various components of your Mac. This is one of the few ways to completely disable a part of your Mac via software.

Moving them around or modifying them could screw up your system, even if it doesn't seem like the kext you are removing is related to anything else.

I recall a post where someone wanted to disable USB ports on a Mac running as a display/slideshow/kiosk for 'security' purposes. The person messed around with the IO kext and it ended up causing the Mac to go into a kernel panic (complete system crash), and he had to reinstall everything.

The only other option would be to take your Mac and fool around with the various electronic components inside it This is not recommended, as it could do way more damage than simply removing kext files.

I believe the best balance between privacy and stability would simply be to not let people who you do not trust use your Mac, and to not download unsafe programs from the internet.

I work for a school district in a 1:1 deployment so 6,000 macbooks I help manage. Plenty of students get in trouble and are banned from using their built in camera and I have created policies to disable them.

I simply create a folder called disabled_kext and move the kext in there. It can be tricky because some are tied together and some may be third party. I haven't had it crash a system or anything like that yet. On my 3rd year of the 1:1.

Well, that's certainly good to know. I've learned from the mistakes of others to not let anyone use my computer, and lock it when leaving for even a few minutes, so I suppose it isn't much of a liability after all. Probably wouldn't kill me to implement a boot password, though, now that I think of it.

So far as kexts are concerned, I suppose it's good that I was a bit leery of poking around in such things. My laptop is also rather old and doesn't need any help falling apart, plus electronics aren't exactly my area of expertise, so just ripping the microphone out altogether was never exactly part of the plan, no.

Anyway, thanks for the info.

I don't plan to do this myself, but just out of curiosity, which kext is it that you moved? Most of them looked to be multipurpose.

I use EasyFind, http://www.devon-technologies.com/pr...are/index.html, to search inside packages and hidden files that Spotlight won't search.

Irreparable, no. But is it possible to cripple your system in such a way that you would need to load the OS anew, yes. Experiments on kexts are best carried out on a test machine. But honestly, what benwiggy and ThreeDee are saying is true: anything that you can do in software to stop someone can be reversed in software--even tlarkin's disabled_kext can be reenabled, I would imagine, by someone with the know-how and desire to do it. The only irreversible solution (and even this, too, can be reversed by anyone with physical access) is to jab a screwdriver right through the microphone or start snipping wires--and those approaches are emphatically not recommended.

Oh, thank you, that looks very useful.

Why not try the simple fix?
A small piece of tape, strategically placed over the microphone, would muffle any sound so much as to make the microphone unusable. Same for the built-in camera.
Even if remotely turned on (somehow), then nothing could be seen, and any sound would likely be indecipherable.

Haha, really? I wouldn't have thought that'd be enough to render even a microphone useless.

Why not? The built-in microphone gets sound input through a tiny hole on the edge of the display. Cover that hole with tape, and no sound gets through, other than vibrations that would indirectly be transmitted though the case. That would shoot any sensitivity down to nothing. The camera needs light to work. So, cover with nice black vinyl tape, and you get nothing at all, even if the camera is turned on.
Seems simple enough.
And, you don't need to worry about some future system update that reinstalls your microphone .kext files without you knowing about it.

Yeah, I have the camera covered up in such a manner. It just seems funny that no sound could get through something so flimsy, even if it's reasonable if you stop to think about it.

Well, you could always test it by trying to record something with tape over the mic. If you hear muffled/distorted noise, you know the tape works.

I'm not being antagonistic. You said that the security risks of mics and cameras were "well-documented". I'd never heard anything and would be interested to know about them, if they exist.
I do come to this forum to help people; but also to be helped and learn more. It's an exchange of information.

From my understanding (which may be wrong), there is nothing inherently insecure about having a mic and camera on your own laptop. And that seems to be what others are saying, too.
The reason for my questioning you about the security risks, was to make you consider whether disabling the mic is something that is really necessary.

As others have said, it is possible for someone with physical access to the machine to engineer something; or perhaps for some trojan to turn on the mic and relay it. But as I said in my first post, this is only one of a number of things that they could do. By that point, they would have control of your ENTIRE machine.

A keylogger that detected your passwords is much more fruitful and likely, from a criminal point of view, than listening to what you might be saying to someone else whilst you're in front of your laptop.

Well then, apologies for misconstruing your intentions. It just seems a bit hostile to attempt to guide someone to a conclusion with demands for information they never claimed to know when you could instead have simply explained it.

The desire to finally do something about my suspicion of built in recording devices came a bit out of the blue, and although I'm certain I've read many articles detailing instances in which they were used for insidious purposes, that was awhile ago, and I don't exactly have a means by which to direct people to them at this point. Though I'm sure most of these cases occurred in poorly maintained windows machines, the knowledge that such a thing can and does occur is still unsettling. Happened to one of my cousins years back, in fact, with a rather psychotic ex. You always hear people going on about how crazy their exes were, but this guy actually deserved the title for once. I was young at the time and didn't find it particularly interesting, so I'm not entirely clear on details like why they didn't press charges, or how they knew it was him. Perhaps they simply couldn't prove it, and that was their reasoning. Either way, I believe he had originally intended to procure blackmail (or maybe masturbation) material, but I guess when a few days passed without anything incriminating happening in front of the cam, he got frustrated and resigned to just freaking her out by making his control of the computer known. Looking back on it now, it sounds like it was controlled remotely, probably with Back Orifice or something of that nature, but it isn't as though I can be entirely sure.

While I know now that I'm very unlikely to be at risk of such a thing by simple virtue of practicing basic security and computer literacy, it's still a troubling thought I figured may as well not remain unaddressed.

EDIT: Oh, looks like adding Back Orifice to the search query turns up some fairly recent results.
http://www.slate.com/id/2215499/pagenum/all/
http://i48.tinypic.com/1zr051w.jpg

You came to the forum claiming that security problems with webcams and mics were well-known and well-documented.
It's not hostile to reply "Really? I find that surprising and haven't heard anything about that. Please tell me more." But apologies nonetheless.
Instead, I could have asserted "You have nothing to worry about. Don't bother." But you might have some evidence that this was wrong, so questioning seemed prudent.

Back Orifice is Windows malware. It's certainly easier to take control of a Windows box, and the vast majority of malware is targeted at Windows OS.

Sorry to hear about your cousin. If a relationship goes sour, and one of the parties had access to your computer, or had keys to your house, or other access, then bad things may occur.

True, objectively, but I'm not exactly a frequent poster here, and in all of the other places I frequent, something worded as those posts were would definitely be intended as a snipe. Funny 'ol internet, eh?

If someone obtains physical access to your Mac laptop they can remotely exploit it, and yes you can control the camera from the command line. A guy got busted doing this to college women (he was some sort of IT, like geek squad or something) and their laptops and he got busted because a girl noticed the green light kept coming on so she started to google what that meant.

Another example is someone in NYC got their Mac stolen and they used back to my Mac or log me in or some sort of web based remote desktop and logged into their mac remotely and took a snap shot of the thief with the camera and got their laptop back.

There is an app called iAlertU which is like a "car alarm" type app for your Mac laptop, which also uses the camera and will email you snapped pics when the alarm is triggered.

Now, is it heavily documented? No, but it is out there, and yes you can probably use those in some very strange and esoteric conditions to exploit someone's security.

Whenever I get any macbook back from repair the first thing I do is image it. Not that I don't trust my third party guys that do all the warranty repair, I just don't know who is all involved and since it is third party I just image it as standard procedure.

Looks like I'm the only one to have considered what little info is out there adequate documentation. Oh well.

I hate to necro the thread, but I was just sent this link, and I was wondering if someone could provide an explanation...

http://forums.somethingawful.com/sho...readid=3238852

EDIT: Oh, looks like it might be a bit NSFW, if you're at work or something.

The page is about searching Google for open webcams that are already on and broadcasting to the web. They are "insecure" in the sense that they are freely available, even if the owner/user might not intend the world to eavesdrop.

You can't use Google to turn on someone's web camera.

Ah, alright. I hadn't been under the impression that an inactive webcam could be activated in this way, but was wondering if personal cams being used for some other purpose, like, say, videochatting, could be viewed in such a manner.

Seems odd that so many businesses would have such bad security, though.

I don't know much about videochat, but I would presume that it's more point-to-point, and doesn't just serve its content to anyone who requests it.

I was taught years ago that "a phone call is not a private conversation". This was in the UK in the 70s. Whether legally accurate or not, it's still sage advice and can be applied to anything you do online. Once it has left your computer; the world has it.

I was told this only applied to wireless phones, but by now I'm sure nothing is free of governmental spying, at least in the US and UK. Technically things transmitted over any medium could be made private/unintelligible if encrypted properly, though, correct? Even an IM client I used to use had some such feature. Not that I'm exactly well versed when it comes to cryptography, but...