Audio recording support software must be disabled.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-51323	OSX8-00-01225	SV-65533r1_rule		Medium

Description
Audio recording support software must be disabled.

STIG	Date
Apple OS X 10.8 (Mountain Lion) Workstation STIG	2015-02-10

Details

Check Text ( C-53671r1_chk )
Disabling the microphone completely will also remove all audio output from the computer. If audio is not a mission requirement check for presence of the following files, presence of any of these files is a finding. ls -l /System/Library/Extensions/AppleUSBAudio.kext /System/Library/Extensions/IOAudioFamily.kext /System/Library/Extensions/AppleHDA.kext/Contents/PlugIns/AppleMikeyDriver.kext If audio output is required for the mission the only way to disable the microphone and maintain kext file signatures is running the following command to ensure the input volume is 0. The volume can be checked by running the following script: osascript -e 'get volume settings' Any value other than "0" for "input volume" is a finding. Microphone hardware can also be physically removed from the device prior to deployment to meet this requirement.

Check Text ( C-53671r1_chk )

Disabling the microphone completely will also remove all audio output from the computer. If audio is not a mission requirement check for presence of the following files, presence of any of these files is a finding.

ls -l /System/Library/Extensions/AppleUSBAudio.kext /System/Library/Extensions/IOAudioFamily.kext /System/Library/Extensions/AppleHDA.kext/Contents/PlugIns/AppleMikeyDriver.kext

If audio output is required for the mission the only way to disable the microphone and maintain kext file signatures is running the following command to ensure the input volume is 0. The volume can be checked by running the following script:

osascript -e 'get volume settings'

Any value other than "0" for "input volume" is a finding.

Microphone hardware can also be physically removed from the device prior to deployment to meet this requirement.

Fix Text (F-56123r1_fix)
To disable all audio input/output on the device run the following commands: sudo rm -rf /System/Library/Extensions/AppleUSBAudio.kext;sudo rm -rf /System/Library/Extensions/IOAudioFamily.kext;sudo rm -rf /System/Library/Extensions/AppleHDA.kext/Contents/PlugIns/AppleMikeyDriver.kext To fix a non "0" input volume on a machine that requires audio output functionality, run this command on a repeating interval or Manually change the input volume to "0": osascript -e 'set volume input volume 0'

Fix Text (F-56123r1_fix)

To disable all audio input/output on the device run the following commands:

sudo rm -rf /System/Library/Extensions/AppleUSBAudio.kext;sudo rm -rf /System/Library/Extensions/IOAudioFamily.kext;sudo rm -rf /System/Library/Extensions/AppleHDA.kext/Contents/PlugIns/AppleMikeyDriver.kext

To fix a non "0" input volume on a machine that requires audio output functionality, run this command on a repeating interval or Manually change the input volume to "0":

osascript -e 'set volume input volume 0'