Apple: No Evidence Provided to Back Up Wireless Security Threat
Apple: No Evidence Provided to Back Up Wireless Security Threat
by , 1:25 PM EDT, August 18th, 2006
Lynn Fox, Apple's director of public relations, this week responded to SecureWorks' recent claims that there is a vulnerability in wireless networking shared by Mac and Windows laptops. Ms. Fox told Macworld: "Despite SecureWorks being quoted saying the Mac is threatened by the exploit demonstrated at Black Hat, they have provided no evidence that in fact it is. To the contrary, the SecureWorks demonstration used a third party USB 802.11 device -- not the 802.11 hardware in the Mac -- a device which uses a different chip and different software drivers than those on the Mac.
"Further, SecureWorks has not shared or demonstrated any code in relation to the Black Hat-demonstrated exploit that is relevant to the hardware and software that we ship."
As TMO reported on Aug. 3, SecureWorks researchers David Maynor and Jon "Johnny Cache" Ellch used the Black Hat 2006 conference in Las Vegas to release a video demonstrating a MacBook being compromised through a flaw that they said was common to the Mac and Windows operating systems. While Mr. Maynor claimed that the flaw existed in Mac OS X, he used a third-party wireless device and driver to demonstrate the exploit because Apple "had leaned on them" to not use the MacBook's built-in AirPort Extreme technology.
Macworld noted that the SecureWorks Web site has since been updated with this disclaimer: "Although an Apple MacBook was used as the demo platform, it was exploited through a third-party wireless device driver -- not the original wireless device driver that ships with the MacBook. As part of a responsible disclosure policy, we are not disclosing the name of the third-party wireless device driver until a patch is available."
Observer Comments
"SecureWorks has not shared or demonstrated any code in relation to the Black Hat-demonstrated exploit that is relevant to the hardware and software that we [Apple} ship."
"As part of a responsible disclosure policy, we [SecureWorks] are not disclosing the name of the third-party wireless device driver until a patch is available."
And how is Apple or anyone supposed to write a patch if SecureWorks doesn't give the manufacturers data on the exploit?
I'm becoming more and more dubious about the BlackHat demo. Not that what SecureWorks showed is not possible, just I'm doubting their particular demonstration of it. It's beginning to look like they are trying to publicize themselves and their company more than alert the community to a danger.
More importantly, who cares? The MacBook comes with Apple's Wi-fi card, not some third party card. Accordingly, not many users are going to be using a third party solution.
It is highly doubtful the alledged hack works on OSX using Apple's hardware and drivers. If it did, the Black Hat folks would have given Apple information concerning the hack since it alledges to have given the third parties the informaiton.
Is it really an Apple designed card with Apple drivers or some third party system that was integrated into Apple's motherboard? I don't know the answer to that but the latter is more common. It's why MacBook Pros come with ATI Mobility Radeon X1600 graphics rather than an Apple graphics card.
Quotegeoduck wrote:
Is it really an Apple designed card with Apple drivers or some third party system that was integrated into Apple's motherboard? I don't know the answer to that but the latter is more common. It's why MacBook Pros come with ATI Mobility Radeon X1600 graphics rather than an Apple graphics card.
I think we can assume that Apple knows what they're putting in their machines. Come on, even the *processor* is third-party. They're in control of what goes in and, since they offer a reasonable (if not large) amount of upgradeability, you can be 99% sure that anything that Apple puts into one of their computers would be as good--or better--than anything they'd be making themselves. (Come on, they're not a graphics card company! Or a WIFI card manufacturer! Or a processor developer!)
The vulnerability here would be in the driver itself. So the key to this is determining the source of the driver. I would not be surprised if they used a 3rd party card which had an open source driver available and engineered the flaw into that driver themselves to simulate a flaw that someone else already discovered in a windows driver or the windows kernel or wherever it is that the windows flaw exists. This is of course assuming that the video they showed wasn't all staged to begin with.
Even if they didn't create the driver themselves, you don't take a kernel extension written by a 3rd party and then tell the world that the kernel itself has a fundamental flaw. If you do that then you are lying. Especially people who are so "knowledgeable" about the internals of operating systems.
Fri Aug 18, 2006 6:33 pm Subject: Secureworks admitted they lied!
Fri Aug 18, 2006 10:46 pm Subject: The truth will come out
I think we'll find out, soon, that they didn't exploit any driver or any WiFi card, from Apple or any third party. The whole thing will be shown to be a parlor trick. Look at the video. They get access to UNIX shell, yet claim the same hack would work on Windows. Note also that the shell looks slightly different than a normal shell script (they turned of any prompt, which is a trivial thing to do), in an attempt to make it look like they didn't just ssh from one machine to another.
Which is exactly what, it will be shown, they did. So they had two computers on the same wireless network, and used one to ssh to the other? Say it isn't so! Oh wait, that's called normal behavior. They could have connected an Ethernet cable and done the same thing, but that wouldn't make for nearly as good of a show.
Mark my words: SecureWorks found no flaw whatsoever.
Sat Aug 19, 2006 12:06 pm Subject: It doesn't matter
It doesn't matter if there was a real exploit or not, a lot of people will only believe what they first heard. Months from now you will be in a conversation with some Dell user and they will mention the Mac's WiFi weakness. It is just like the OSX virus/worm/malware that hit the news now and then.
Comments are currently closed. Please email the author instead.
Recent Headlines - Updated May 23rd
- Wed, 7:50 AM
- TMO Quick Tip - Mac OS X: Handy Terminal Dock Tweaks
- Tue, 9:51 PM
- News - NPD: Apple Dominates Q1 Mobile PC Shipments
- 7:17 PM
- Apple Stock Watch - Barclays: Apple Is So Big…
- 4:01 PM
- Deal Brothers - New Mac Pro 12 Core 2.66GHz Intel Xeon: $4739
- 4:00 PM
- Analysis - Estimated Apple TV Sales to Date: 6.3 Million
- 3:20 PM
- Video Review - Buffalo AirStation WZR-D1800H 802.11ac Router Video Review
- 1:47 PM
- News - Apple’s Brand Value Grows 19%, Remains World’s Top Brand
- 11:13 AM
- News - Galaxy Tab Injunction Hearing Set for June 7
- 10:35 AM
- MGG Answers - How to Troubleshoot Connection Issues on Public Wi-Fi Networks
- 9:59 AM
- Hot Forum Topic - Reader Discussion: Predicting Apple’s Q3 iPhone Sales
- 9:23 AM
- News - Google Completes Motorola Mobility Purchase
- 8:45 AM
- News - Webby Awards Pay Tribute to Steve Jobs
The Mac Observer Reader Specials
Macsales for the Right Mac Memory. Easy to Use Online Guide for no Guesswork! Mac Pro up to 128GB, iMac up to 32GB. MacBook/MB Pro, & Mac mini up to 16GB. - Macsales.com 
Mac RAM Upgrades: MacBook Pro 16GB kits $475, 8GB Kits for $119.99! iMac 16GB RAM Kits (4x 4GB) for $229.99! Mac Pro Memory 32GB Kit for $399.99, 64GB Kit for $889.99! Mac Hard Drives 2TB Seagate SATA II for $249.99! Click Here!
If you're using a Mac, then you've gotta check out PokerOnAMac.com. Online casinos and poker rooms are literally giving away cash and the casino sites at Poker on a Mac do the unthinkable, they actually reward! Join today, the download is free! 
Looking to find online casinos for mac? We can help you find the best real money casino sites where you can play your favorite casino games including blackjack and slots. -
-
-
-
-
-
