I don't think they are saying that a vulnerability currently exists. I think they are saying that people don't trust these lights because they have a bad track record. It could be that the current implementation is better, but how is an end user supposed to know it's better?
It's kind of a matter of fool me once, shame on you, fool me twice, shame on me.
> that people don't trust these lights because they have a bad track record.
No tech people who think about and obsess about this type of 'risk' don't trust the lights. Most Apple customers vast majority don't think and don't care.
I would wager money that precisely zero of the "tech people who think about and obsess about this type of 'risk'" have had their privacy compromised as a result of an Apple laptop misrepresenting the on/off state of the camera.
It's been twelve years since a vulnerability in this was reported, and by all reports the LED power state is now implemented in hardware. It's long since time to obsess over other sources of risk, instead of the dead ghosts of previous ones.
An opaque piece of tape used to disable a camera is one of few components a user can completely understand. Apple is probably correct to tell users to rely on Apple's security features, but those features are way more complicated than a piece of tape.
It's kind of a matter of fool me once, shame on you, fool me twice, shame on me.