David Maynor made a name for himself a year ago during the Black Hat Security Conference by demonstrating a wireless networking flaw that could potentially give someone unauthorized access to a Macintosh computer. His how-to is finally seeing the light of day -- over a year later -- at Uninformed.org, according to Computerworld.
Mr. Maynor demonstrated the security vulnerability on video instead of in person, and used a third party wireless networking card instead of Appleis AirPort Extreme card. As such, many people questioned the validity of his presentation.
Apple released a security fix in September 2006 for the type of threat Mr. Maynor described.
Mr. Maynor now claims he chose to use a third party wireless network card for his demonstration because that would be seen as less offensive to people. At the time of the Black Hat presentation, he said that he was bothered by what he called the "Mac user base aura of smugness on security."
He also stated that he held back the details of his security exploit because of a nondisclosure agreement with an unnamed company. That has now expired. "I published it now because I can publish it now," he said.
Even though Apple patched the potential security threat a year ago, Mr. Maynor thinks publishing his work now still holds value. In August 2007, however, his hack was mocked with a Pwnie award at the same conference he demonstrated at a year ago.
"Thereis a lot of interesting information in the paper that, if youire doing vulnerability research on Apple, youid find useful," he said.
No Comments
Log-in to comment