krstic at solarsail.hcs.harvard.edu
Sat Aug 18 17:01:40 EDT 2007
On Aug 18, 2007, at 9:26 AM, NoiseEHC wrote:
> As I know there are LEDs indicating the camera/microphone activity.
> Have you thought about that if a rogue program uses the camera for
> second in every second then the LED will blink fast enough that the
> will see it as it glows faint?
"Care was also taken to avoid hysteresis attacks: it is not possible
to enable capture from the microphone or camera for such a short time
that the LEDs do not noticeably light."
-- page 9, http://cups.cs.cmu.edu/soups/2007/proceedings/
Mitch and I worked out the numbers at some point and concluded it
wasn't a compelling attack due to device start/stop and driver
overhead. Note that as Scott points out, the only time this is even a
possible attack vector would be when the entire OS is compromised and
Bitfrost disabled or overridden.
Ivan Krstić <krstic at solarsail.hcs.harvard.edu> | http://radian.org
More information about the Devel