Slashdot Mirror

← Back to Stories (view on slashdot.org)

Apple Denies Wi-Fi Flaw, Researchers Confirm

Posted by ryuzaki0 on from the not-as-bad-as-it-seemed dept.

Glenn Fleishman writes "Apple tells Macworld.com that the Wi-Fi exploit demonstrated at Black Hat 2006 in a video doesn't show a flaw in their hardware or software. A third-party USB adapter with different chips and drivers was used, and Apple says the two researchers haven't provided Apple with code or a demonstration showing a working exploit on Apple equipment. The researchers added a note at their Web site confirming that only an unnamed third-party adapter was used. This doesn't mean the researchers have no flaw to show, but rather that their nose-thumbing at Apple users who were too secure in their security was misplaced, at least at present. The researcher's claim that they were providing information to Apple now seems off-base, too."

2 of 267 comments (clear)

  1. So was this just a lie? by Anonymous Coward · · Score: 5, Informative
    Security Fix:

    During the course of our interview, it came out that Apple had leaned on Maynor and Ellch pretty hard not to make this an issue about the Mac drivers -- mainly because Apple had not fixed the problem yet. Maynor acknowledged that he used a third-party wireless card in the demo so as not to draw attention to the flaw resident in Macbook drivers. But he also admitted that the same flaws were resident in the default Macbook wireless device drivers, and that those drivers were identically exploitable. And that is what I reported.

  2. Re:Uh... the "game's" rules are too strict by TheGreek · · Score: 5, Informative
    It seems pretty ridiculous to say "We guarantee our OS is secure [unless you use hardware that wasn't made by us]."
    It's a good thing Apple doesn't guarantee that, then, because it would indeed be ridiculous. What they acutally said was:

    "Despite SecureWorks being quoted saying the Mac is threatened by the exploit demonstrated at Black Hat, they have provided no evidence that in fact it is," Apple Director of Mac PR, Lynn Fox, told Macworld. "To the contrary, the SecureWorks demonstration used a third party USB 802.11 device-not the 802.11 hardware in the Mac-a device which uses a different chip and different software drivers than those on the Mac. Further, SecureWorks has not shared or demonstrated any code in relation to the Black Hat-demonstrated exploit that is relevant to the hardware and software that we ship."