On mySimon: Nike SB Eugene Backpack
BNET Business Network:
BNET
TechRepublic
ZDNet

September 25th, 2006

Apple strongly denies getting information from SecureWorks

Posted by George Ou @ 4:16 pm

Categories: Defcon2006, Hardware, Mobile/Wireless, Networking, News, Security, ~Events~

Tags:

I posed some questions to Apple when I wrote "Apple patches Wi-Fi but refuses to give researchers due credit" to try and pin down exactly what Apple acknowledges to have received from SecureWorks or not.  I was a bit surprised when I got all of them answered based on my past experience so I will have to give Apple some credit for not dodging any of the questions this time and answering in a straight forward manner.  The answers also surprised me since this puts Apple and the two security researchers David Maynor and Jon Ellch on a collision course at Toorcon 2006 and there is no backing out at either end.  [Update 11:59 PM: David Burke gives a great analysis to the following response.]

Here is the word-for-word email response from Director of Mac PR Lynn Fox:

George,

Answers to your questions are below.

We noticed that there was a question on your blog for us that was not included in your below email (on packet captures), so we’ve also answered that question for you too.

• Did SecureWorks ever disclose any Wi-Fi vulnerabilities to Apple?

The only vulnerability mentioned by David Maynor was FreeBSD vulnerability CVE-2006-0226. This does not affect Apple products.

• Did SecureWorks ever disclose the packet captures of the malicious payload used to trigger said vulnerabilities?

No. Packet captures were promised repeatedly but never delivered.

• Did SecureWorks ever provide driver disassemblies pertaining to said Wi-Fi vulnerabilities?

No. While SecureWorks did provide a driver disassembly, it did not indicate a Wi-Fi vulnerability in any Apple product.

• Did SecureWorks ever provide crash dumps pertaining to said Wi-Fi vulnerabilities?

No. While we received crash dumps from SecureWorks, they didn’t have anything to do with Mac OS X or any other Apple product.

• Did SecureWorks ever point to the location of the vulnerable code of said Wi-Fi vulnerabilities?

No.

• Do any of the current patches released by Apple match any of the characteristics of the information provided by SecureWorks?

No.

I’d also like to comment on this excerpt from your post:

"’Fox also said Apple staff were already aware of the flaw when SecureWorks contacted them about it prior to their Black Hat presentation, and that Apple had already determined that the wireless flaw addressed in the FreeBSD patch was not exploitable on any of the Mac products’

Now this statement has come back to haunt Apple. Ironically, I had accidentally stumbled upon this when I asked Maynor and Ellch in my video interview if the Wi-Fi vulnerability was anything "like" the FreeBSD hack back in January. I could have sworn I got a funny reaction from Maynor and Ellch but I figured they only reacted that way because not many people knew about the FreeBSD flaw. Little did I know at the time that I had actually stumbled upon the truth and that the Apple Wi-Fi flaw was EXACTLY like the FreeBSD flaw because it’s all the same code."

The code flaws we addressed with the Wi-Fi security updates we released on September 21 are not based on the same code as the FreeBSD flaw.

We think this helps clarify what we’ve been saying all along and helps put this topic to rest.

Feel free to post my email to your blog word-for-word to avoid any confusion.

Lynn Fox

Director, Mac PR

Apple

Things keep getting more interesting every day.  More to come on this.

George Ou is Technical Director of ZDNet. See his full profile and disclosure of his industry affiliations.

  • Talkback
  • Most Recent of 73 Talkback(s)
No doubt
Apple has a lot to lose while George, well..... (Read the rest)
Posted by: denuj Posted on: 08/02/07 You are currently: a Guest | | Terms of Use
Strong words  bkwatch | 09/25/06
Yes, very strong, and it only gets more interesting from here on out  georgeou | 09/25/06
so also says Rich Mogull  bkwatch | 09/25/06
Please don't assume anything yet  georgeou | 09/25/06
evidence?  rwahrens1952 | 09/25/06
the problem with SecureWorks's evidence...  bkwatch | 09/25/06
another one  bkwatch | 09/25/06
That might be interesting....  jragosta | 09/26/06
Toorcon in "a couple of days"  dgtruckses | 09/26/06
I totally agree, very strong words  Cayble | 09/25/06
not so crazy  rwahrens1952 | 09/26/06
Seems reasonably prudent to me  tic swayback | 09/26/06
and lo and behold!  JetJaguar | 09/26/06
Actually, yes...  tic swayback | 09/26/06
I'm willing to suspend disbelief  JetJaguar | 09/26/06
IOW  jragosta | 09/26/06
If you start off with a clear bias...  tic swayback | 09/26/06
apologies  rwahrens1952 | 09/25/06
They have been parsing their words  georgeou | 09/25/06
nice try  rwahrens1952 | 09/25/06
Only...  jragosta | 09/26/06
Sigh. Vocabulary lesson time  tic swayback | 09/26/06
Journalism for Idiots  jragosta | 09/26/06
George is a Blogger not a journalist  barstewards | 09/26/06
Apple strongly denies getting information from SecureWorks  samcurry | 09/25/06
Apple admitted the internal audit was done because of SecureWorks  georgeou | 09/25/06
Another ASSumption from Ou  V-Train | 09/25/06
No, Apple said that  georgeou | 09/25/06
Do you even read what you're responding to?!  V-Train | 09/25/06
Are you even reading?  denuj | 08/02/07
But  rwahrens1952 | 09/25/06
They just won't admit what they got from SecureWorks helped  samcurry | 09/25/06
Handy post generator  timyu | 09/25/06
So?  jragosta | 09/26/06
Where to go from here  nucrash | 09/26/06
Exactly  jragosta | 09/26/06
The missing link here  tic swayback | 09/26/06
That is a valid point  nucrash | 09/26/06
Wow, cut short by management  nucrash | 09/26/06
No doubt  denuj | 08/02/07
Apology and Retraction Forthcoming?  1macgeek | 09/26/06
Sorry, but it's not your timeline  georgeou | 09/26/06
Don't count on it  tic swayback | 09/26/06
This isn't from SecureWorks  georgeou | 09/26/06
Another Lie?  1macgeek | 09/27/06
Get a clue, Ellch was never employed by SecureWorks  georgeou | 09/27/06
Obvious question  tic swayback | 09/28/06
Same Lie, Different Day  1macgeek | 09/27/06
Fixed.  aa4lr@... | 09/26/06
Don't let the b@stards bring you down!  tic swayback | 09/26/06
Weren't you screaming at me that there was no Mac Wi-Fi exploit?  georgeou | 09/26/06
There is no Mac Wi-Fi Exploit!  SheldonW | 09/26/06
You're living in a fantasy world  georgeou | 09/27/06
Show us!  1macgeek | 09/27/06
Where is it?  tic swayback | 09/27/06
Tic, you've been screaming there is no exploit for all this time  georgeou | 09/27/06
Prove it  tic swayback | 09/28/06
There is NO exploit  tic swayback | 09/27/06
That's funny  georgeou | 09/27/06
Who said the exploit stopped working?  SheldonW | 09/27/06
Offer proof or stop talking  tic swayback | 09/28/06
'the expoit'?  jragosta | 09/26/06
quoting JetJaguar  JetJaguar | 09/26/06
Can I quote you too?  tic swayback | 09/26/06
yes, but  JetJaguar | 09/26/06
Well...  tic swayback | 09/26/06
any encounter  JetJaguar | 09/26/06
Jay Beale: "don?t take your OS X laptop onto the wireless network here!"  JetJaguar | 09/27/06
Just your type of article  jragosta | 09/27/06
It's not an article per se  JetJaguar | 09/27/06
That's nice  jragosta | 09/27/06
What exploitable vulnerability?  SheldonW | 09/27/06
Other than ZDNet being anti-Apple, why is this article important?  mlindl | 09/28/06

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

Click Here
advertisement

Recent Entries

Top Rated

    advertisement

    Archives

    ZDNet Blogs

    White Papers, Webcasts, and Downloads

    • Smart Tech Expert advice on innovations in healthcare and the green technologies that make it happen. Find out more
    • Smart Business Discussion and advice on management issues that revolve around making your world smarter and more useful. More Smart Advice
    • Smart People The best and worst moves in the management and strategy trenches. Learn More