Less Than a Minute to Hijack a MacBook's Wireless

Kadin2048 writes "As reported by Ars Technica and the Washington Post, two hackers have found an exploitable vulnerability in the wireless drivers used by Apple's MacBook. Machines are vulnerable if they have wireless enabled and are set to connect to any available wireless network, fairly close to their default state, and the exploit allows an attacker to gain "total access" -— apparently a remote root. Although the demo, performed via video at the BlackHat conference, takes aim at what one of the hackers calls the "Mac userbase aura of smugness on security," Windows users shouldn't get too smug themselves: according to the Post article, "the two have found at least two similar flaws in device drivers for wireless cards either designed for or embedded in machines running the Windows OS." Ultimately, it may be the attacks against embedded devices which are the most threatening, since those devices are the hardest to upgrade. Currently there have not been any reports of this vulnerability 'in the wild.'" According to this story at ITwire.com, they were able to exploit Linux and Windows machines, too. (Thanks to Josh Fink.)

Bogus

[eturro]

1) He uses a third party wireless card that no one uses (i.e. this is irrelevant to 99.99999% of MacBook users) 2) He suddenly "gets the shell" and is logged in on the MacBook. But, where did he specify what user to log in as? Is he logged in as root? Then, why is root logged into Mac OS X with a full-blown Finder, etc (something that no one ever does and is not even easy to do)? 3) Destination port is set to "80" (HTTP). WTF? This looks like nothing more than a login script. At the end he moves to the other side of the table and does some more creating/deleting files on the Desktop saying that if you're not convinced, NOW you will be. Huh? WTF? What does it matter if you move an extra metre? How does this help your case?

what a load of b*llc*ks

[xirtam_work]

They did this with a third party wi-fi card and third party drives. MacBooks do not ship with these cards . Apple do not sell these cards. The MacBook "Airport" wi-fi is not open to this attack. This is completely bogus. Just a cheap way for them to get attention saying that they've "Hacked the MacBook" Whoop-de-doo. No story here.

In other news, America's security open to attack with thousands of illegal immigrants cross the borders every day.

Hmmm...

[maztuhblastah]

Reading the TFA, it actually seems that it was not the "MacBook's Wireless" that was hijacked, but rather an external card plugged into a MacBook. By that standard, I may as well run around and declare "Less Than a Minute to Hijack a Power/i/Book/G3/G4's Wireless". Granted that would be FUD, and a sensationalist headline that doesn't accurately reflect the story, but I could do it....

Yes, some Mac users are smug (myself sometimes included), but in this case, one side is guilty of being "smug" and the other of spreading FUD. Take your pick.

-maz

Re:Why did they need a 3rd party card?

[NatasRevol]

Sure, that's a fine point.

BUT THE MACBOOK & OS X ISN'T HACKED. It's a third party card, running a third party driver, and guess what? OS X doesn't have root enabled by default, so I seriously doubt they got root access without changing it.

I call a LOT of bullshit for making this out to be an Apple issue. Not default hardware, not default wireless settings, not default security settings, but it's still a hack and Apple's fault? Riiight.