Every microphone in every powered device must be considered as listening if you are serious about security at all.<p>So what if the panel actually even disabled the mic preamp on the board? You could have a program/virus/trojan that silently re-enabled it behind your back, without you knowing. So I'd say this is nothing to be concerned about, because every device you own potentially "listens" with its microphones all the time.<p>The advice with plugging a jack into the line-in port is good -- if you're sure your hardware hasn't been tampered with, this should physically disconnect the microphone.<p>Obviously if you're <i>really</i> worried about your computer listening, you should rip it open and physically cut the microphone connection.
Actually I don't think it is listening at all when not in use. In fact the sound card even powers itself down when not in use, which can actually be heard in some cases (with some badly shielded/grounded HP for example). It's on when the prefpane is shown for the purpose of displaying that VU meter but as soon as you quit the prefpane, the <i>hardware</i> turns off. And as soon as an app opens it, it turns back on.<p>Even then, let's assume the sound card is always on (like my old SB16):<p>- what would listen to it if it was on? necessarily some code, or else it just goes straight to /dev/null.<p>- so if it's external code injected by a malicious guy, what prevents him from setting it back to internal (and setting it back to line-in when you're looking)? Or craft all sorts of drivers hooking into or replacing AppleHDA.kext or whatever?<p>- but if it's not external code it has to be internal (i.e Apple provided), so what would prevent Apple to simply tell you it's off when it would not actually be?<p>- and since line-in disappeared but the (HDA or whatever) sound chip certainly still has this functionality, what would prevent Apple from having a second microphone plugged into that line-in, completely hidden and uncontrollable?<p>Now Poe's Law kicks in and I can hear headlines already "Apple removed the line-in on purpose to spy on us!"
This article is without merit. The author's logic train derails shortly after leaving the station.<p>Without removing the hardware there is no way to prevent someone with remote root access from recording audio from any input regardless of settings. This is true of any machine that has audio inputs and drivers loaded for those devices.
Even if the default input device is set to "Line-In" software would be able to get the audio data from any device on the system. The NSA precautions mentioned in the article are superstitious and would likely do nothing to deter anyone who had compromised your system that badly.
If you are really worried about this, I recommend surgery. I used to have this Windows box at work that would always make sounds for no reason, even though the sound was muted. The solution was to open it up and physically disconnect the speaker. Never made a sound again.<p>If you don't want your computer to be used as a listening device, first try adjusting your tinfoil hat. If you're still worried, open it up and remove the speakers and microphones. Make sure you get them all! Though I'm sure someone can figure out how to make a hard drive into a microphone, so you'd better replace that with an SSD. Also get the camera while you're in there.<p>There. Now you just have to worry about the bugs the Agents put all over your house.
Even with a "mute" checkbox, it stands to reason that a hack that grants access to the mic will also at least attempt to bypass the "mute" setting. So, without a hardware solution, there's no real way to secure the mics on these macbooks.<p>Personally I'm not that worried, but I can see why this could be a problem for some.
Changing your sound configuration is useless against anyone who has obtained admin rights on your operating system. Windows, Linux, Mac, or otherwise. If they have root/admin, they can override any setting you change at the most basic levels.<p>If you're still OCD and concerned about it, install Soundflower [1] and you can easily configure Soundflower as your default input, but not feed anything on to the Soundflower bus, thus making the default input silence. This is, in effect, the same as the author's suggestion of setting the default input to line-in and plugging in a stub; also pointless, as a line-in jack has no ability to convert acoustic wave forms to electrical signals.<p>I feel less-smart for even addressing this question.<p><a href="http://cycling74.com/products/soundflower/" rel="nofollow">http://cycling74.com/products/soundflower/</a>
Reducing the volume in the control panel doesn't add security. Microphone input volume is settable from user level without special permissions, so any software that was going to listen can control the volume.
When you plug a microphone device (e.g. a headphones/mic combo that comes with the iPhone) into the single audio port on a recent Macbook, it will be detected and the control panel will switch to giving you settings for "External microphone".<p>The internal microphone no longer shows up, suggesting it is disabled as before.<p>Thus, the simple plug hack should still work.<p>(I'm running Lion on a MBP8,1.)
Cell phones are badly-secured always-on tracking devices with built-in microphones designed to communicate potentially sensitive data over known-insecure networks. (Start at <a href="https://en.wikipedia.org/wiki/Phone_hacking." rel="nofollow">https://en.wikipedia.org/wiki/Phone_hacking.</a>) Why are we worrying about MacBooks again?
Like always, if you can't trust your machine, you should stop using it and reformat it. The only security comes with a controlled behavior in which software is installed in your computer, which websites you visit, etc.<p>Any software switch can be overriden by a silent hack. Besides, overhearing conversations is the least of your problems if your computer is compromised. I would worry more about documents and web browser data.
Without further investigation, I pose a potentially naive question:<p>What evidence is there that this behaviour of the internal mic is the same when the Audio preferences pane is not open?<p>Could it be that the mic is automatically made 'live' when system preferences or that particular pref pane is opened?
This behavior is not present in OS X 10.7. However, as many people have pointed out, it is foolish to trust the display shown in System Preferences if you are really paranoid about security.
Finding a single regression in a defense in depth strategy does not an exploit make. Software can select whichever input it wants, regardless of whatever settings you may have set. This is one of many things that are simply a best effort to protect the computer. Root access or even access as an Administrative user could bypass this setting easily.
Apple should put an activation indicator LED shining through micro-holes like the power light is, next to the microphone which is hardwired to a tiny relay, such that the microphone is physically disconnected unless the LED is on.
Yeah .. umm .. and there is <i>no</i> guarantee that your CPU isn't broadcasting every single operation to a top-secret government satellite, either. The technology is there: have <i>you</i> audited your CPU today?
I'll tell you what else seems to always be listening - the camera on the MacBook Pro, even when the little green light is off.<p>Cover the camera with your finger or shine a flashlight/mobile phone screen into it, watch the keyboard lights react. It's obviously listening for light level changes.<p>I just wonder how much data you could collect from the sensor without the green light turning on?<p>edit: I'm wrong, see my reply to jcromartie
If you hook something like this to the macbook, do you get the option of selecting an external mic?<p><a href="http://www.amazon.com/Logitech-3-5mm-Jack-Audio-Adapter/dp/B0058P0I2C/ref=sr_1_14?s=electronics&ie=UTF8&qid=1327459565&sr=1-14" rel="nofollow">http://www.amazon.com/Logitech-3-5mm-Jack-Audio-Adapter/dp/B...</a>
Paranoia much? Surely a much better approach to security would be network monitoring, anti-virus and vigilance. This sounds like blacking out the windows because you can't be bothered to close the curtains.<p>If your tin-hat doesn't feel like enough protection, try downloading and installing Sound Flower (Generally cool app). Basically it lets you 'patch' one audio output on the computer to an audio input, so you could record the output of your computers speakers at near full resolution (Useful for screen-casts/video game play through and probably lots of other things). Activate Sound Flower Bed and select the option along the lines of 'no input'/'no device'. Go into system preferences and select the Sound Flower device as the default input device.<p>All of that is, however, completely irrelevant since applications can select audio inputs external to system preferences and record the input at whatever volume they like. (E.G. Skype can use a different input to the sys default, Logic Pro can record from all you system inputs at once etc.)
> especially the average Mac user to secure their machine’s audio input in the first place.<p>The average user of any machine doesn't need to worry about this. Much ado about nothing.
Though this is a bit foil-hat for most people it can be a real privacy concern. Can your mac be used to secretly spy on you? Absolutely. Has apple done this before to their customers? 100% (and so have others) see carrier IQ: <a href="http://en.wikipedia.org/wiki/CarrierIQ" rel="nofollow">http://en.wikipedia.org/wiki/CarrierIQ</a><p>If something like this bothers you theres no reason you should be using any closed source software at all.<p>It's that easy. If you're concerned about your privacy and system integrity don't use any software from a source you don't personally trust and that can't be reviewed by a third party.
currently down.. > read it here:
<a href="http://webcache.googleusercontent.com/search?q=cache:brianpress.heroku.com/blog/2012/01/23/is-my-macbook-pro-always-listening/" rel="nofollow">http://webcache.googleusercontent.com/search?q=cache:brianpr...</a><p>ever thought about the camera or your mobile phone? ;)
Wow, a lot of pretty serious comments for what I consider to be a completely tongue-in-cheek post that is essentially asking a simple question.<p>Some of you people need to lighten up.<p>Besides, my favorite hat is made of copper! ;P
Are you suggesting that my mac book pro is sending this data to some apple server somewhere?<p>Can you imagine A the traffic that would take and B the amount of useless information that would be recorded. They have millions of computers!<p>If its not being recorded locally or sent to an external source from a privacy point of view there is no problem. Both of these would be easy to detect by looking for sound files somewhere on the device or monitoring outbound internet traffic.<p>So is it battery life that you have the problem with?