You’ve heard me say it. You’ve read it elsewhere. When it comes to working online, even with Mac users, everyone is out to get you. Every day your Mac is attacked by hacker scripts from abroad (or, down the street, depending upon where you live) trying to compromise your security, gain access to your computer or home or office network, and do whatever can be done to steal something, anything from you.
If everyone is out to get you, and they are, then a little paranoia is a good attitude to have, amirite? How can you be safe in an unsafe world? Start by doing what I do. First, open System Preferences, click on Security & Privacy, then click on Firewall. For whatever reason, arrogance maybe, Apple has Firewall turned off by default. Turn it on. The Firewall’s options are straightforward so pick those that let you stay connected, or, if you’re really paranoid, turn them all off (then, one by one, figure out which applications to allow; it’s painful, a bit messy, but paranoia works).
What about the Mac’s built-in iSight camera and that pesky microphone? Smart Mac users like Facebook founder Mark Zuckerberg covers up his Mac’s camera? Why? Too many reports of government spooks and hackers figuring out how to use the Mac’s camera and mic to spy on you. Most cameras are easily block with a little masking tape, but there’s also a cool free app called OverSight which lets you know when you camera and microphone have been accessed.
That pop up message is good for a Skype or FaceTime connection, but not so good if you don’t know the application and are not expecting your camera and mic to go active. Just how bad is the potential for bad to happen?
One of the most insidious actions of malware, is abusing the audio and video capabilities of an infected host to record an unknowing user. Macs, of course, are not immune; malware such as OSX/Eleanor, OSX/Crisis, OSX/Mokes, and others, all attempt to spy on OS X users. OverSight constantly monitors a system, alerting a user whenever the internal microphone is activated, or the built-in webcam is accessed. And yes, while the webcam’s LED will turn on whenever a session is initially started, new research has shown that malware can surreptitious piggyback into such existing sessions (FaceTime, Sykpe, Google Hangouts, etc.) and record both audio and video – without fear of detection.
While masking tape is your friend, OverSight does monitor your Mac’s camera and microphone and let you know what has been activated and when.
OverSight installs OverSight Helper which starts up when your Mac starts up so isn’t easily detected by outsiders. When the internal Mac microphone is activated– by you or anyone else– you get a pop up notification.
Ditto for the Mac’s camera. These pop up notices are both assuring– if you’re using the camera or mic– and a warning, because someone else could be using either one.
Caveats? Always. OverSight’s Developers:
As with any security tool, direct or proactive attempts to specifically bypass OverSight’s protections will likely succeed. Moreover, the current version over OverSight utilizes user-mode APIs in order to monitor for audio and video events. Thus any malware that has a kernel-mode or rootkit component may be able to access the webcam and mic in an undetected manner.
Otherwise, just remember the basics. If everyone is out to get you, a little paranoia is a good attitude to have.