Slashdot Mirror

← Back to Stories (view on slashdot.org)

The Black Hat Wi-Fi Exploit

Posted by ryuzaki0 on from the plot-thickens dept.

Joe Barr writes to tell us that while many have heard that an Apple was exploited in order to install a rootkit at the recent BlackHat security conference, most people don't know the details of how it works. This is no mistake, it seems that the researchers who demonstrated the flaw were intentionally vague. Some theorize that this is in response to the real or perceived threat of legal action similar to the situation with previous Blackhat presenter, Michael Lynn.

6 of 129 comments (clear)

  1. This seems a bit misleading... by DarkShadeChaos · · Score: 5, Insightful

    The current exploit was intentionally vague so that attackers would not have the upper-hand. The previous researcher mentioned was arrested for something prior to his presentation; I do not correlate the actions together.

    --
    The machine unmakes the man. Now that the machine is so perfect, the engineer is nobody. -Ralph Waldo Emerson
    1. Re:This seems a bit misleading... by Anonymous Coward · · Score: 5, Insightful

      The current exploit was intentionally vague so that attackers would not have the upper-hand.

      Making the details vague, especially by not telling which card to avoid using, makes the users unable to do anything to prevent being victims. That very much GIVES the attackers the upper hand.

      Without knowledge, the users are defenseless. Heck, I have a laptop here with a built in wifi-card. So does everyone else in the office. If I knew the card was a risk, putting in a different card would make me safe. But as it is, the built in one could be safe and the one I would put in instead could be the risk. Heck, I don't even know if disabling the card through software solves anything. If the exploit really works on any OS, it doesn't sound like a software problem, but a hardware/firmware problem.

      The only thing being protected by not informing the users is the image of the manufacturer.

    2. Re:This seems a bit misleading... by Aladrin · · Score: 5, Informative

      Actually, you WERE told how to prevent an attack. Maybe not outright, but it was there. The original slashdot report http://it.slashdot.org/article.pl?sid=06/08/03/129 234 said that "Machines are vulnerable if they have wireless enabled and are set to connect to any available wireless network". This is enough information to secure your system. Simply tell it not to connect to any available wireless network. Only allow it to connect networks you have specified. Tada. No cash needed for this fix.

      You can throw money at me instead, if you feel the need.

      --
      "If you make people think they're thinking, they'll love you; But if you really make them think, they'll hate you." - DM
  2. Flogging a dead Story by bananaendian · · Score: 5, Insightful

    ScuttleMonkey writes to tell us that apparently the 'plot-thickens' as some guy somewhere emailed that some people are 'theorizing' alternate motives for the Blackhats keeping wraps on their so-called 'exploit' (that they tried unsuccessfully to smear a OSX security with).

    There is no new substance. This bone has been gnawed clean already. Sounds more like some people are making excuses for something...

    --
    www.tribalnetworks.org - helping tribal people around the world to own their own means of high-tech communications
    1. Re:Flogging a dead Story by pchan- · · Score: 5, Interesting
      Yes, you're exactly right. There's nothing to this story at all. ...Oh wait. What's this on Bugtraq? Let me paste the headline for you:

      Intel PRO/Wireless Network Connection Drivers Remote Code Execution Vulnerabilities . Look at that, a remotely exploitable security hole in the Wifi driver. Anyone using one of these things is vulnerable if they have not upgraded their Wifi drivers, regardless of OS. This was disclosed by the vendor (Intel).

      Intel PRO/Wireless Network Connection drivers are prone to multiple remote code-execution vulnerabilities.

      An attacker within range of a vulnerable Wi-Fi station can trigger these issues to corrupt memory to execute code with kernel-level privileges.

      A successful attack can result in a complete compromise of the affected computer.


      I guess you were right. No facts, just theories.
  3. Equal opportunity sploit by wolfdvh · · Score: 5, Interesting
    I heard the presentation when it was repeated at DefCon and what was not vague was this exploit was at the card driver level below the OS, which is why it would work against any OS. They said they chose to demonstrate it on Apple rather than Windows because they thought if they'd used Windows, people would say "Of course, it's Windows, what did you expect." so by demonstrating it on a more "secure" (Mac) OS people would realize it was not just a Windows thing. Unfortunatly, now everybody just thinks its a Mac thing.

    Bottom line, assuming the demo is not a hoax, it will work against *nix, Windows, and Mac equally.