toggle

AAPL Stock: 98.38 ( -0.64 )

Printed from http://www.macnn.com

WiFi hack demoed on un-patched MacBook

updated 02:35 am EST, Thu March 1, 2007

Mac WiFi hack demoed

The much publicized Mac WiFi hack from last summer may have been real after all, according to the original researcher who discovered the alleged vulnerability and promised to release the code. The security flaw, which Apple blamed on a third-party WiFi card, appears to affect pre-Mac OS X 10.4.8 systems; it was demonstrated on Wednesday on a MacBook running Mac OS X 10.4.6 at the Black Hat DC event, but researchers note that updates to fix the problem have been around since last September. CNET News.com reports that the Mac crashed crashed while scanning for a wireless network and coming across the malicious code researcher David Maynor was using from his Toshiba laptop. Though he demonstrated only caused a crash, Maynor claimed the exploit could also be used to run arbitrary code on the Mac.

In addition, the researcher claims that Apple last year exerted undue pressure to force a publicly apology and threatened his then-employer SecureWorks with a lawsuit, leading to a cancelation of his presentation at event scheduled for San Diego.

Last year Maynor along with another researcher initially touted a similar exploit but later admitted that the Mac laptop was in fact exploited using a third-party wireless device driver, not Apple's own default software. Apple claimed that the researcher did not cooperate and did not provide any details, but its AirPort security updates, released a month after the initial demo, were simply a result of a thorough code review.

Maynor, however, claims that Apple's subsequently released Mac OS X 10.4.8 update included fixes for the problem demonstrated on Wednesday at Black Hat and that he did provide information on the vulnerability as well as packet captures, which helped locate and understand the exploit.

The OS update, he said, was the result of his work to help reveal underlying exploits but Apple refused to admit to the flaws and pressured his previous employer to publicly admit that Macs were not flawed. "Apple released some security patches to address stuff I actually pointed them to and they claimed had nothing to do with me," he told the publication.

A separate WiFi exploit was identified last October in older Macs by other security researchers. The vulnerability affected a small percentage of previous generation AirPort-enabled Macs and does not affect currently shipping or AirPort Extreme enabled Macs, according to a separate report from last fall.

Apple in January addressed the issue with an update to its WiFi drivers and software for some Intel-based Macs: designed for users of both the server and client versions of Mac OS X 10.4.8 Tiger, it patches a vulnerability that enables attackers on the wireless network to cause system crashes.




by MacNN Staff

POST TOOLS:

TAGS :

toggle

Comments

  1. LouZer

    Joined: Dec 1969

    0

    Wow!

    Researchers found a security problem in older macs back in October, and it too until January to get a fix out. What happened to apple's 'timely response' there?

    And I'm sure no one here will give this article credence, and even if they do, they'll argue that its been fixed so its now not an issue (assuming you install the updates, just like with WIndows, not everyone installs every update Apple sends out).

  1. MacnTX

    Joined: Dec 1969

    0

    Enough Already...

    This has been beaten to death and I'm sick of hearing about it. Tell us again, how many real world users were actually ever impacted by this so called flaw? Absolutely zero? Yeah, that's what I thought.

    As for Apple supposedly not having a "timely response" give me a break. I can't count how many times Microsoft has let various Windows vulnerabilities rock on for months while many thousands of real world users were directly impacted.

  1. ERG

    Joined: Dec 1969

    0

    @louzer

    while your comment about "not everyone installs every update Apple sends out" may be right (but in this case nobody should complain against Apple), I should add two more arguments: 1) not everybody uses wireless networks 2) the statement "MacBook running Mac OS X 10.4.6" is totally bullshits: the first OSX officially released for intel has been version 10.4.7

  1. DeltaMac

    Joined: Dec 1969

    0

    Everyone has an opinion

    and the statement 2 is also BS The first Intel Macs came with 10.4.4

    there is not yet an 'officially released version for Intel' - that is, a retail version. You can still only get OS X for Intel with each Intel Mac, and not yet as a retail set.

  1. mgpalma

    Joined: Dec 1969

    0

    redeltamac

    This may be symantics, but there most definitely is an 'officialy released' version of Mac OS X Tiger for Intel. Apple is not going to sell Macs to the general public with beta OS's are they? No you can't buy an Intel version of Tiger because there is no way you would need it since it comes with the Intel Macs. But I can assure you it is available and in Tiger Server version as well. Lastly, Intel Macs did ship with Mac OS X 10.4.5 (that I can verify) at least so the claim in the story is valid. I for one am glad people find flaws so they can be fixed, though it is irresponsible for a company not to be given a chance to fix it before public disclosure. It is also irresposible for a company to try and hide these things-but we won't ever know the whole story. I am sure the truth lies somewhere between these 2 companies.

  1. jhorvatic

    Joined: Dec 1969

    0

    Still no proof!

    Still no proof! This is old news and these dumb concept stories are just that, stories with nothing in the wild that proves anything. Technical people have already proven that this doesn't give access to anything. Just more untrue FUD!

  1. Rosyna

    Joined: Dec 1969

    0

    as I thought

    So did these guys wait for apple to audit their own OS X airport code, find some potential issues, and then maynor goes and claims he discovered it? Especially odd since he can't seem to get it to do what it was claimed to do in the video.

  1. leamanc

    Joined: Dec 1969

    0

    Mactracker confirms...

    That the original MacBook Pro shipped with 10.4.5, while the original MacBook (which came out a few months later) shipped with 10.4.6.

    The first Intel Macs (the early 2006) iMac was the only Intel Mac to ship with 10.4.4.

  1. hokizpokis

    Joined: Dec 1969

    0

    the real problem

    is that exploits rely on 'hackers' which, by nature are a criminal bunch of thugs, liers and thieves.

    None of which are trustworthy enough for any purpose especially discovering an otherwise 'fake' exploit because these guys just went ahead and 'edited faulty wifi code to allow this hack to occur', which is a quite a difference then what is claimed to be 'an error in existing code'.

    Otherwise a FAKE HACK FOLKS, just ignore this bs!

    these guys should go back to being parking lot attendents instead of hacking; they don't deserve anyones attention at all.

  1. Guest

    Joined: Dec 1969

    0

    Grammar??

    Or is that no longer required to be a journalist? Please tell me what this sentence is supposed to mean: "Though he demonstrated only caused a crash" What???? Please proofread, I find it hard to take an article seriously when there are such blatant errors. Of course, someone might want to do a word count per sentence. Between 18-22 words per sentence is considered to be good style in journalism. Over 25 is considered to be bad style, and usually limits quick comprehension. There are sentences in the above article with 50 words per sentence that could have easily been split into two sentences. There is an art to journalism. Please try to keep it alive.

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

MacNN Sponsor

Recent Reviews

Adesso Xtream S3B Bluetooth speaker

Finding a speaker purpose build for a specific need is challenging. Even when a Bluetooth speaker can be paired with a mobile device, ...

JBL Synchros E40BT headphones

For all the different configurations of headphones on the market, it's always a tough choice for buyers to get something that is just ...

Razer Taipan mouse

The list of gaming devices is growing larger with each passing day. A large number of companies have entered the gaming input arena, a ...

toggle

Most Commented