Welcome to the MacNN Forums.

olePigeon · Aug 18, 2006, 11:02 AM

Macworld: News: MacBook Wi-Fi hack didn't use Apple drivers

As many people were suspicious about the setup, this hack only works with a 3rd party USB wireless and their respective drivers. It doesn't affect the MacBook's built in wireless and drivers.

TETENAL · Aug 18, 2006, 11:03 AM

And I have been using dial-up all the time.

mitchell_pgh · Aug 18, 2006, 11:41 AM

A good number of people are eating crow over at Slashdot... some are still arguing that the OS is flawed.

mduell · Aug 18, 2006, 11:47 AM

I don't see anything new in that Macworld article. It has been widely/publicly known/acknowledged that a third party card and driver was used in the demonstration.

From the Washington Post on August 3:
During the course of our interview, it came out that Apple had leaned on Maynor and Ellch pretty hard not to make this an issue about the Mac drivers -- mainly because Apple had not fixed the problem yet. Maynor acknowledged that he used a third-party wireless card in the demo so as not to draw attention to the flaw resident in Macbook drivers. But he also admitted that the same flaws were resident in the default Macbook wireless device drivers, and that those drivers were identically exploitable.
(emphasis mine)

Gossamer · Aug 18, 2006, 12:48 PM

SecureWorks researcher David Maynor and “Johnny Cache” demonstrated the vulnerability at the Black Hat conference using a MacBook. Maynor told the Washington Post at the time that they demoed the flaw on the Mac because of the “Mac user base aura of smugness on security.”

Well good job of increasing that...

Big Mac · Aug 18, 2006, 01:07 PM

Originally Posted by mduell

I don't see anything new in that Macworld article. It has been widely/publicly known/acknowledged that a third party card and driver was used in the demonstration.[/I]
(emphasis mine)

True, but the original story also stated that the built-in drivers were vulnerable too, which this Macworld story disputes.

Gossamer · Aug 18, 2006, 03:43 PM

From the UAWB:

Sounds like SecureWorks, the company who sponsored all this Mac hackery, is finally fessing up to their falsification and admitting that they, in fact, did not find the flaw in Apple's drivers, and that they used a 3rd party card and software to facilitate the exploit. As icing on the cake part of a 'responsible disclosure policy,' they aren't releasing the name of the manufacturer of said 3rd party magic hacking tools. Three cheers for truth (and discretion) in journalism.

Emphasis mine. Yep, quite the losers.

baw · Aug 18, 2006, 03:47 PM

A now the Black Hat Cisco hack can't be replicated as well.

CSO | Cisco can't reproduce Black Hat flaw

A lot of crow eating going on now!

ghporter · Aug 18, 2006, 04:26 PM

Originally Posted by baw

A now the Black Hat Cisco hack can't be replicated as well.

CSO | Cisco can't reproduce Black Hat flaw

A lot of crow eating going on now!

Hmmmmm. Interestinger and interestinger. So what about the people who DID this hack on tape? Anything from them?

Eriamjh · Aug 19, 2006, 07:03 PM

But don't all Macbooks come with built in airport? Why would you ever need an external USB wireless card?

baw · Aug 19, 2006, 07:12 PM

Originally Posted by Eriamjh

But don't all Macbooks come with built in airport? Why would you ever need an external USB wireless card?

Exactly.

Chuckit · Aug 19, 2006, 07:38 PM

Originally Posted by Eriamjh

But don't all Macbooks come with built in airport? Why would you ever need an external USB wireless card?

Attention whores?