It's easy to overlook what they did - but the guy did say it quickly at the beginning. They broke into the MacBook by using a 3rd party external WiFi card connected by USB to the MacBook. It is the 3rd party's WiFi software driver that was exploited - not the native Mac OSX WiFi driver software!

So, yes. You can break into a MacBook with someone else's driver software if it is poorly written. However, I don't know many people who will use a 3rd party WiFi card in a Mac that comes with WiFi installed by Apple.

I'm curious if they choose the 3rd party because you cannot hack into the native OSX driver or for some other reason. Also, I would be curious to see what brand that is.

Lastly, they say at the beginning of the video that you do not have to be connected, but for the ease of the demonstration they use their attack machine as wifi access point - so you are connected to the attach machine already. So I would love to see the demo if they were not actively attached to it.

That all said, it is a pretty darn scary video. What would be great is if these guys would list the drivers, OS that are affected by this bug/issue. The only way to get it solved is to have public ask for it.

dw9

Who the h*** uses a “3rd Party Wireless Card” on a MacBook? Just how dumb are these two security experts? They’ve shown the upmost in stupidity.

It’s obvious this “flaw” is only relevant under this inane scenario - time to worry about something else.

CVB

of the video, "this is not a demonstration of a vulnerability in Mac OS X, but a general vulnerability in some third party device drivers" or word to that effect. They used "Mac OS X exploit" to attract attention, but in the end, it was not. They did not hack into the drivers for the MacBooks internal wireless hardware; they had to stick a third party wireless card into a MacBook that already has built in wireless.

How stupid! Can go back to being "smug" about Mac OS X security. They proved the whole point. (1) Because Macs have built in wireless hardware, Mac users will not be using a third party wireless card. (2) They used a third party wireless card in a MacBook, because they apparently could not hack in through the built-in wireless hardware. (3) The laptops that would use such vulnerable wireless hardware is (yes that's right) a Windows laptop.

Hey, wait a minute - That was a MacBook. How did this guy stick a "third-party wireless card" into a MacBook? It has no such port to accept that type of device.

You truly are an idiot, CVB.

As was mentioned in the video more than once, this was not a demonstration of a hack against Apple or any specific Apple configuration. It is a proof of concept of a never-before-seen variety of network attack. The attack was probably executed against a Mac because this was a hardware configuration on which the specific attack works.

As David said, this is a systemic problem, not an Apple problem. The fact that it was executed against an Apple system is meaningless. They were merely demonstrating a potential threat of a poorly-tested device driver.

Stop being such a kneejerk defense Apple fanboy already and listen to what people tell you.

I just checked the tech specs for a MacBook. It was definitely a black MacBook that guy pull out as the "victim" laptop. The MacBook has no port/slot to accept a "third-party wireless card." Where was that guy sticking that thing on the right side of the MacBook (the hidden side from the camera angle). This is the right side of a MacBook.

http://www.apple.com/macbook/design.html

Not only is this demo totally lame, it is totally fake...!

kw99: USB. The macbook has some of those things.

Those are typically called USB wireless network "adapter" because they look like those little flash drives, not those PC "cards" you insert into the slot. I don't know what that white card thing that guy had was exactly, but it didn't look like any USB wireless network adapter I've ever seen. If this demo was real, they went out of their way to make it look fake... or they are just a bunch of idiots.

It is a USB WiFi card. You can see the connector on the end of the card just before he plugs it in.

There are several USB WiFi cards at this site:

http://www.directron.com/usbwifi.html