On CHOW: Sexy vampire party
BNET Business Network:
BNET
TechRepublic
ZDNet

August 4th, 2006

MacBook wireless hacked, not hacked, ok hacked

Posted by Jason D. O'Grady @ 5:00 am

Categories: Hack, MacBook, Security, WiFi

Tags:

owned-macbook.pngIf you’ve been following the drama over the hackability of a MacBook’s wireless driver your head is probably spinning. The latest news is that the MacBook’s wireless device driver is indeed hackable with the exploit demonstrated at the Black Hat conference in Las Vegas on Wednesday.

First, some background is in order. Washington Post blogger Brian Krebs first reported at 7:30 a.m. on August 2nd that a pair of hackers had developed a "new method for remotely circumventing the security of an Apple Macbook computer to seize total control over the machine."

Then at 6:45 p.m. Krebs amended his post with the actual video shown at the conference clearly showing that the MacBook in question was in fact using a third-party wireless card connected via a USB card reader. At several points in the video Dave Maynor disclaims this fact, even stating at the beginning "Don’t think however just because we’re attacking Apple, the flaw itself is in an Apple, we’re actually using a third-party wireless card."

In his follow-up post at 9:00 a.m. ET on August 3 Krebs mentions that the exploit does indeed work with the default MacBook wireless device driver and that Apple had pressured the hackers to use a third-party wireless card in a USB card reader attached to the MacBook.

During the course of our interview, it came out that Apple had leaned on Maynor and Ellch pretty hard not to make this an issue about the Mac drivers — mainly because Apple had not fixed the problem yet. Maynor acknowledged that he used a third-party wireless card in the demo so as not to draw attention to the flaw resident in Macbook drivers. But he also admitted that the same flaws were resident in the default Macbook wireless device drivers, and that those drivers were identically exploitable. And that is what I reported.

So, it turns out that MacBook users aren’t are safe from the exploit as Apple’s PR machine would have you believe. If you want to stay as safe as possible keep your Airport connection turned off when it’s not in use and never connect to an unknown WiFi access point.

Jason D. O'GradyJason D. O'Grady is the editor of PowerPage.org, which has been publishing daily mobile technology news since December 1995. For disclosures on Jason's industry affiliations, click here or to view Jason's full profile click here.

Email Jason D. O'Grady

Subscribe to The Apple Core via Email alerts or RSS.

News: 404 Error
search

We were unable to find the page you requested.

If you arrived here by typing a URL, please make sure the spelling, capitalization, and punctuation are correct, then reload the page by hitting the Enter or Return key on your keyboard.

You have landed on a 404 error page -- the result of a broken link. The information you were seeking may be available on ZDNet, but it is not at the location specified. If you were looking for a specific product, recent news story, or general topic, you may find it by entering one or more key words in our search engine above.

Your other options are: return to the ZDNet home page, contact Customer Service, or click your browser's Back button to return to the previous page.

advertisement

SponsoredWhite Papers, Webcasts, and Downloads

Essential Topics Click Here

advertisement

Recent Entries

Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors
advertisement

Archives

Favorite Links

ZDNet Blogs

White Papers, Webcasts, and Downloads

Enterprise Applications

  • Check out some of the easiest and most powerful ways to boost productivity while saving money on your application infrastructure. See ZDNet's comprehensive Enterprise Application resource center, now!
  • New Online Dashboard
  • Read about top issues IT decision-makers face every day, plus get cost effective solutions to real life IT problems. Oracle Topline