Can webcams be turned on without the indicator light?
I've made a series of penetration tests in my network and one of the things I've tried was to record webcam and microphone.
Recording an end-user's microphone seems to be a stealth thing, but what about the webcam? In my tests, the indicator is turned on and I can't figure out a way to do this without turning on the light.
So far, I'm assuming that if someone broke into my computer and turned on the webcam, I'll know that.
But, if that's possible, which of the available hardwares on the market are vulnerable to that kind of attack?
Most definitely, but in order to do this you would probably have to patch the camera's firmware and then flash it. Similar attacks have been used to disable the "shutter sound" on cameras.
Does drivers have something related?
@Keyne doubtful, its probably firmware. in that the device has a set reactions to an incoming command like "start recording".
The answer is absolutely wrong! You're forgetting about the fact that it doesn't take firmware, but only a simple change in system configuration (as malware would be able to change). Check http://forums.logitech.com/t5/Webcams/Can-I-turn-off-red-LED/m-p/277305#M52816 for one of the many examples. LOGITECH WEBCAMS as an example DO NOT need firmware changes to have their light disabled! And note that I'm not yet talking about former Adobe Flash security issues that enabled camera use without indicating activation (read: while leaving the activity-indicating light off). Firmware only? You wish!
@user6373 that is one way of accomplishing the same task, it depends on the device. But, at the end of the day, the lights on the device is controlled by the firmware.
I'm not trying to troll this answer, but I don't really see why this isn't just hyperbole. If the camera's power circuit includes an LED then how could one power the camera without powering the LED? I know there is a link in the above comment, but that is for a peripheral device, not an integral laptop camera. Has someone actually looked to see if they are on separate circuits controlled independently by firmware? Lights were added by manufacturers to solve the RAT problem, so I'd be surprised if they didn't solve this simply by pulling the LED in parallel from the power circuit.
@rook most cameras (including many if not all Logitech cameras) have the light controlled by firmware, yes. However, this firmware has a SOFTWARE INTERFACE that offers application-based control over the camera's indicator light. We actually use this at work to disable the LEDs on our C920 cameras, just takes a command from `uvcdynctl` to set the camera to "LED Off" before activating the camera, and the LED never comes on. I suspect many other cameras have similar interfaces with this potential for abuse; however, there are also legitimate uses for it.