Slashdot Mirror

← Back to Stories (view on slashdot.org)

Less Than a Minute to Hijack a MacBook's Wireless

Posted by ryuzaki0 on from the uh-oh dept.

Kadin2048 writes "As reported by Ars Technica and the Washington Post, two hackers have found an exploitable vulnerability in the wireless drivers used by Apple's MacBook. Machines are vulnerable if they have wireless enabled and are set to connect to any available wireless network, fairly close to their default state, and the exploit allows an attacker to gain "total access" -— apparently a remote root. Although the demo, performed via video at the BlackHat conference, takes aim at what one of the hackers calls the "Mac userbase aura of smugness on security," Windows users shouldn't get too smug themselves: according to the Post article, "the two have found at least two similar flaws in device drivers for wireless cards either designed for or embedded in machines running the Windows OS." Ultimately, it may be the attacks against embedded devices which are the most threatening, since those devices are the hardest to upgrade. Currently there have not been any reports of this vulnerability 'in the wild.'" According to this story at ITwire.com, they were able to exploit Linux and Windows machines, too. (Thanks to Josh Fink.)

16 of 390 comments (clear)

  1. Mac Users by Ramble · · Score: 5, Funny

    And in the background we hear 1000 Mac users screaming in horror...

    --
    "Oh boy"
    1. Re:Mac Users by cbiltcliffe · · Score: 5, Funny

      What, you mean all of them? Come on! I'm sure a few of them wouldn't have read this story!

      (For the humour challenged among you, this is a joke. I know there are a lot more than 1000 Mac users. Only stupid mods mod jokes as trolls and flamebait.)

      --
      "City hall" in German is "Rathaus" Kinda explains a few things......
    2. Re:Mac Users by marklark · · Score: 5, Informative
      According to John Gruber of Daring Fireball, the affected MacBook was seen to be using a 3rd party wireless card. MacBooks (Pro or not) have wireless built in these days. This is a non-story. And this will probably be fixed soon by Apple for others.

      Next?

  2. A Mac Exploit by KodeSlut · · Score: 5, Funny

    My reality has been shattered. Macintosh computers have been found to be less than perfect! Time to install WinXP.

    --
    - i'll get me coat! -
  3. Re:How about warning the vendor. by Snover · · Score: 5, Informative
    You mean like this, from TFA?

    Maynor said he and Ellch have been in contact with Apple, Microsoft and other companies responsible for vetting the device drivers that power the embedded or third-party wireless card devices meant for those systems, and that both companies are working with wireless card vendors and original equipment manufacturers (OEMs) to remedy the problems.


    Also, christ, I'd say they're being pretty responsible about it.

    Maynor said he and his colleague opted in favor of a videotaped demonstration versus a live one because of the possibility that someone in the audience could intercept the traffic sent to a potentially live target and deconstruct the attack -- possibly to use the exploit in the wild against other Macbook users.
    --

    [insert witty comment here]
  4. Third party wireless card? by snackdog · · Score: 5, Interesting

    In the video he uses a third party wireless card. Are other cards, such as the built-in card, similarly vulnerable?

  5. Why did they need a 3rd party card? by VTrain0 · · Score: 5, Insightful

    If the flaws are in Apple's drivers, why did they need to plug a 3rd party card into the MacBook? What user would ever plug a 3rd party redundant wireless card into their computer? Presumably, if they could hack Apple's drivers they wouldn't need the other card. All this video shows is a 3rd party wireless card with crappy drivers.

  6. Linux Wireless by hyfe · · Score: 5, Funny
    Does this exploit run on Linu......
    Nobody knows, they couldn't get wireless up and running on it.

    Requests for testing have been sent to the guy in California who were rumoured to have gotten it running though.

    --
    "" How about taking the safety labels off everything, and let the stupidity-problem solve itself? """
  7. The ISC discussed this yesterday by pbrammer · · Score: 5, Informative

    Look for more information on the ISC Web site. Bottom line is this is not an OS issue, rather a "firmware/driver" issue.

  8. Re:Centrino. Feh. by Nick+Fury · · Score: 5, Informative

    It's not Centrino. Centrino is the name given to Intel's package of Motherboard chipset + wireless chipset + Processor. The new Apple machines don't use an Intel wireless card. They use Intel's chipset and Processor but not their wireless card. This does not make them Centrino machines.

    To be specific the new Macbooks/pros use a Atheros 5006x. This is in comparison to the powerbooks that use a broadcom based card. So Apple doesn't use Centrino.

  9. Watch the video by eturro · · Score: 5, Informative

    The actual video is here.

  10. Re:3rd party by fatrat · · Score: 5, Informative


    Read Brian Krebs' follow up

    http://blog.washingtonpost.com/securityfix/2006/08 /followup_to_macbook_post.html

    Apple 'leaned heavily' on the presenters to make them use a different card. The built in card *is* vulnerable.

  11. Apple's wiress drivers are flawed too, read ... by everphilski · · Score: 5, Informative

    check Security Fix:

    During the course of our interview, it came out that Apple had leaned on Maynor and Ellch pretty hard not to make this an issue about the Mac drivers -- mainly because Apple had not fixed the problem yet. Maynor acknowledged that he used a third-party wireless card in the demo so as not to draw attention to the flaw resident in Macbook drivers. But he also admitted that the same flaws were resident in the default Macbook wireless device drivers, and that those drivers were identically exploitable. And that is what I reported.

    ( Looks like Apple was wielding a big stick ... )

  12. Re:Actually, your Powerbook probably IS safe! by larkost · · Score: 5, Informative

    Of course... just after I post this becomes available (new to me anyways). So it looks like it only being a third-party driver exploit was a red herring: the built-in chipset is venerable, and Apple is aware of it and already working with the vendor for a solution.

  13. Re:Uh by Daniel+Dvorkin · · Score: 5, Insightful

    Windows users are always accusing Mac users of smugness, but there's nobody more smug than a Windows user observing that one (1) particular security vulnerability has been found for Macs. This strikes me as akin to someone with AIDS being smug because some previously healthy person has caught a cold.

    --
    The correlation between ignorance of statistics and using "correlation is not causation" as an argument is close to 1.
  14. Re:That's ridiculous by Mister+Whirly · · Score: 5, Funny

    "How do you know exactly? Viruses, trojans, and rootkits should be undetectable."

    With "undetectable rootkit detection software", duh....
    Unless the rootkit has an "undetectable rootkit detection software" detector and tries to disable it, then you need "undetectable rootkit detection software detector detector software" to disable the rootkit's detector - no big deal..

    --
    "But this one goes to 11!"