Remember at Black Hat a few weeks ago a demonstration showing a MacBook being hacked through the wireless card? Well it was misleading:
http://www.wireless-weblog.com/50226711/macbook_is_safe_from_wifi_exploit_after_all.php
Apparently the hack requires 3rd party drivers and a 3rd party card. They never explained this at the demo. So for all those worried don't be.
-
-
I'm not totally sure if that is correct or not though. It is true that they did use a 3rd party wireless card, but I read at least one interview with the people who did it who said that the built-in wireless in a MacBook also has the same security problem, but they just didn't use it. I'm not totally sure if I buy that or not (their excuse for not using the built-in wifi is that they wanted to make sure it was understood that the wireless usb device has a flaw, and that they weren't totally picking on Apple...... but if that was their motivation, why make such a big deal about putting "smug" Apple users in their place by using a MacBook).
Either way, it sounds to me like the MacBook's internal wireless could also be affected by this. I still don't see it as a huge problem either way, but I'm sure that security patches will be released if necessary. -
hmm....When I watched that video, the guy was presenting did say that: " We are using a third party Wi-Fi adapter, so don't think the flaw is in the apple itself".
Does Apple have a firewall built into their OS, something similar to Windows Firewall? -
-
then there is technically a security flaw in the Mac OS X, as it does have a firewall.
-
Actually, it sounds like those reports where they said the security flaw could be found in OS X itself and the standard hardware wasn't true.
It sounds like there was a lot of misinformation spread about this - at this point i'm not clear on if they could perform the same hack on a MacBook by itself or not.... but until I see someone prove they can do it, I would definitely not be concerned about it. -
It seems like the flaw is in fact with the third party wireless device and its drivers, which allow someone to gain full root access; the firewall doesn't specifically seem to have anything to do with it (same with the same exploit on Windows). -
This makes no sense. The firewall has nothing to do with the matter. The supposed vuln resides in the wifi driver, both third party and the internal Atheros card (reportedly they didn't use the Macbook internal wifi due to pressure from Apple). The driver runs in kernel space so the existence or not of a firewall is moot - assuming this is real, I have my doubts.
-
Root is disabled by default anyways on OS X, why make a big deal about it.
Anyone knows if you enable root in OS X you are basically opening an door with a welcome mat. -
That said, I am not still convinced that the whole thing wasn't an ellaborate hoax (though Intel upgrade of its Windows wifi drivers might point otherwise). -
-
According to the story and several comments I have read other places, the vulnerability did not exist in the Atheros driver, but did in this 3rd party driver. I still question the validity of the whole thing, but apparently it is not a MacBook issue, but an issue with this particular driver.
-
It was obvisous it was an attack on Apple, lets face it it's more common to see an PC notebook than a Mac notebook around.
Quite frankly why didnt they choose to put the 3rd party wireless in the PC machine? -
There are stories all over now and it seems that what happened is Apple released a statement saying this was not a Mac vulnerability. So the people that did the demo backed off and admitted that they kinda fudged the idea that it was a Mac problem.
-
I didn't think much of it when I saw this, but I think its good that Apple responded to the matter. I think if people are smart they would have realized that the people who were doing this were using a 3rd party wireless card, when in fact just about every notebook these days come with built-in wireless.
Is there a link to this statement made by Apple? -
http://www.macfixit.com/article.php?story=20060818083223440
I think that should be it -
In that article apparently the Secure guys still went ahead continued going around showing this security 'issue' to some of the press.
Why are they not reporting this to the companies, showing them the exploits instead of going around. If your profession is a security expert, do your job. -
-
For those worried about the WiFi flaw...
Discussion in 'Apple and Mac OS X' started by cashmonee, Aug 18, 2006.