This only works on audio chipsets that allow pin retasking. Which is, coincidentally, all Realtek chipsets that are present in every PC...

(you also need to plug the speaker directly, mostly limiting it to headphones and laptop speakers)

Despite this being a 2016 paper, it's worth noting that this is true in general and has been common(ish) knowledge among electrical engineers for decades. Highschoolers and undergrads in electrical engineering classes often discover this independently.

What's notable about this paper is only that they demonstrate it as a practical attack, rather than just a neat fun fact of audio engineering.

As a fun fact, an LED can also be used as a photometer. (You can verify this with just a multimeter, an LED, and a light source.) But I doubt there's any practical attack using a monitor as a photosensor.

I recall in the early or mid 2000s using some cheap earbuds plugged into the microphone port of my family computer as a pair of microphones in lieu of having a real microphone nor the money for one. Then I used Audacity to turn the terrible recording into a passable sound effect for the video games I was making.

Not knowing much about how soundcards work, I imagine it would be feasible to flash some soundcards with custom firmware to use the speaker port for input without the user knowing.

> Yup it's wild to me how much anxiety there is about cameras while no mind is given to microphones. Conversations are much more privileged than potentially seeing me in my underwear.

It depends on the person, I don't think you could gain much from me? I don't say credit card numbers out loud, I don't talk about hypothetical crimes out loud. I don't say my wallet seed phrases out loud. I also don't type in my passwords. Yes you could probably find out what restaurant I'm ordering delivery for, but other than that I suppose my conversations are really boring.

I’m just going to assume you’re a man, and don’t generally worry about things like revenge porn. Because that is a bigger concern to me than you, it seems. Sure, I don’t want my sound to be recorded either, but that’s why I put a cover on the webcam AND turn off the physical switch on my (external) microphone. They are both easy things to do.

I went the "batshit insane" route and my microphone hole is plugged in with some clay.

It did most likely physically damage it forever, but at least I now know it's OFF for good.

How is that true? I use my macbook mic occasionally with the lid closed, and an external monitor.

I just tested this with Voice Memo and can confirm it works at least in that scenario. The recording didn't stop, the mic was just disconnected then reconnected when lid was opened. Using Amphetamine w/ script installed on M1.

Record, produce transcript, look for keywords, alert the puppeteer when something interesting is picked up - trade secrets, pre-shared keys, defense sector intelligence, etc.

Wireless noise-cancelling headphones. Oh no, the microphone is back through bluetooth.

M2 and newer MacBooks have an IMU on-board, which is just a funny way of spelling microphone. Admittedly a very low quality one; I'm not sure if you could pick up understandable speech at the 1.6kHz sample rate Bosch's IMUs seem to support.

Going into full paranoid mode, I wonder if some other sensors / components can be used as a makeshift microphone. For instance, a sufficiently accurate accelerometer can pick up vibrations, right? Maybe even the laser in a CD drive? Anything else?

Well it doesn’t need to be visible to work in contrast to camera. Seriously though, no technological and almost no economic barrier preventing embedding a mic into every wireless communication chip.

> There is no privacy on macOS, nor any other proprietary system.

Nor is there on any free system for which you didn't make every hardware component yourself, as well as audit the executable of the compiler with which you compiled every executable. (You did self-compile everything, hopefully?)

The root of all trust is eventually some human, or group of humans. See "Reflections on Trusting Trust." At least so far, Apple has convinced me that they are both willing and competent enough to maintain that trust.

I get it, free software take, nothing new.

But this is a pretty extremist take. Just because a company doesn't push source code and you can't deterministically have 100% certainty, doesn't mean you can't make any assertions about the software.

To refuse to make any claims about software without source is as principled as it is lazy.

Imagine an engineer brought to a worksite, and they don't have blueprints, can he do no work at all? Ok, good for you, but there's engineers that can.

> There is no privacy on macOS, nor any other proprietary system.

Which is to say, every system in actual widespread use. All such CPUs, GPUs, storage devices, displays, etc. run closed microcode and firmware. It'd be funny if it wasn't so profoundly sad.

And even if they didn't, the silicon design is again, closed. And even if it wasn't closed, it's some fab out somewhere that manufactures it into a product for you. What are you gonna do, buy an electron microscope, etch/blast it layer by layer, and inspect it all the way through? You'll have nothing by the end. The synchrotron option isn't exactly compelling either.

Once malware is installed, the proprietary blobs from my hardware vendor are the least of my concerns. Thus my request for hardware.

You can watch network traffic for data leaving the device. Trust but verify.