Slashdot Mirror
Apple Denies Wi-Fi Flaw, Researchers Confirm
Glenn Fleishman writes "Apple tells Macworld.com that the Wi-Fi exploit demonstrated at Black Hat 2006 in a video doesn't show a flaw in their hardware or software. A third-party USB adapter with different chips and drivers was used, and Apple says the two researchers haven't provided Apple with code or a demonstration showing a working exploit on Apple equipment. The researchers added a note at their Web site confirming that only an unnamed third-party adapter was used. This doesn't mean the researchers have no flaw to show, but rather that their nose-thumbing at Apple users who were too secure in their security was misplaced, at least at present. The researcher's claim that they were providing information to Apple now seems off-base, too."
. . People should ALWAYS trust what a company has to say about its own products. If Dell says there's no problem with their laptop batteries, they must be telling the truth. . right? On the same token, if Apple says that there is no problem with their wireless adapters or software, who are we to question them?
And here I agreed that the Mac community was too complacent. I was hoping that this would be a rather benign wake-up call (given that it wasn't an exploit seen in the wild, and the hats were taking proper precautions to prevent it from becoming so). And now we see that they were just trying to leverage their exploit to make a (valid, but now diluted) point.
Just junk food for thought...
When they have integrated wi-fi and the user decides on a third party usb option with questionable settings, I wouldn't say it was my fault either.
It would not be rediculous if the device in question were something that someone were at least somewhat likley to use.
But in reality every laptop sold by Apple today ships with an Airport card, and most of the ones sold previously had one as well. What message are you really sending when you trumpet a flaw that affects 1/10 of 1% of Mac users?
The message that Mac users should be aware of possible security vulnerabilites is an excellent one but hyping a vulnerability that would simply not happen in reality was a poor vehicle to convey this message, and basically comes off as self-aggrandizing; that is to say they were far more interested in promoting themselves than warn Mac users about security flaws.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
But you're assuming that the security is in the hardware not the software. It's pretty easy to write software that renders hardware vulnerable to all sorts of exploits. And since the OS maker doesn't control the developers, then it's impossible for them to say that the OS is completely secure.
So, in essence, this research only "proves" that if you take something that is secure out of the box and make alterations, it's possible to break that security.
XenoPhage
Technological Musings
I told you so
75% of people on Slashdot all tout the party line, "Don't believe everything you read in the mainstream media." It doesn't matter whether the discussion involves Iraq, Microsoft, SCO, Linux, IBM, the U.S. government, or CmdrTaco. If it's on CNN, don't believe it.
Well, here I am, to tell you, be skeptical of regular Joes, as well.
In this discussion, the only people not agreeing with the article said things like, "it was a 3rd party card." The thing is, I don't understand why you would believe ANY of it without some kind of proof, or evidence.
A video is easy to doctor. A video without any techniques and methods is monumentally stupid. I could have made the video in question in about 10 minutes.
Anyways, this is a big "FUCK YOU" to all the naysayers out there who continually announce that the end of OS X's relative security is on the horizon. I'm not saying that OS X is without flaw, and I'm not even saying there won't be widespread virus outbreak (however unlikely). But for godsakes, at least demand a shred of evidence before you proclaim the end of an era.
WhiteWolf666 an exBush supporter. All you new-school,compassionate,save the children Republicans can rot in hell
Third party drivers run inside the kernel. If they have security flaws there's nothing the rest of the kernel can do about it. Even a microkernel OS will have a hard time being completely secure without trusting the drivers. At some point it's going to have to touch hardware and it's not easy to abstract that away. After all that's what the device driver is there for in the first place. It's not Apple's fault if someone released a crappy device driver. This is why I like all my Linux drivers to be free instead of that binary crap ATI/Nvidia do. Go Intel!
Pedro Côrte-Real.
Brian Krebs has been proven to be a fraud many times over when it comes to security. Take what he says with a large grain of salt... like maybe one the size of your house. As for the test, I'm surprised the rest of the Black Hat community didn't call Maynor and Ellch out and get them to do the exploit live. Probably because they can't....
Anyone who thought about it for more than a second or two would have realised that it was never going to be a vulnerability in the default MacBook Pro hardware or drivers. If it wasn't, why would they need to introduce a third-party wireless adapter at all?
Frankly, the disclosure here was pretty amateurish. Surely they would have known that demoing the vulnerability on Apple hardware would have implicated Apple. In fact based on the "aura of smugness on security" comment it looks like they deliberately *chose* Apple hardware to be falsely implicated.
Do these guys have *any* credibility left?
Wouldn't say no user, but as most macs come with built in airport they rarely use 3rd party wifi adapters and drivers. Infact it's damn hard to find 3rd party wifi adapters and drivers. In any case it certainly isn't any fault of Apples if 3rd party equipment has vulnerabilities.
abcdefghijklmnopqrstuvwxyz
Here just play this sony music cd on your computer.
It's not Apple's or MSFT's fault for faulty software someone else wrote.
i thought once I was found, but it was only a dream.
Except that drivers either run in the kernel's address space (in which case security is impossible) or they don't (in which case performance is diminished). The only way to protect an OS from driver malfunctions is use a microkernel, so the question is whether you want slow and secure or fast and ever so slightly less secure....
Check out my sci-fi/humor trilogy at PatriotsBooks.
I'm amazed at the sheer audacity of your post. What you are saying is that any OS MUST have a security model that prohibits the machine's administrator from installing any software which could conceivably break the OS's security. While such systems do exist, I find it hard to believe that anyone would think that such a system would make sense for a consumer or business computer. You're talking military security here, and it would be plain stupid for Apple or Microsoft to design their systems that way.
I have seen the future, and it is inconvenient.
Insightful my arse. The guy obviously has no clue about how (non microkernel) operating systems and drivers work or tie together.
Except that 3rd party WiFi is pointless when every mobile Mac comes with AirPort.
What the hackers are actually claiming is: "I can take over any Mac. All I need to do is add this 3rd party hardware, install 3rd party drivers, disable the built-in version, and sneak away without you noticing several inches of antenna sticking out the side."
Yeah, so they should also trust two jokers on the internet who want to create a buzz around their presentation, and frame their demo so that it is bound to do so...? It cuts both ways.
Although we'll see nothing but speculation in this article and its comments, eventually the truth will be known, and we'll have an exploit which is documented and proven to work, or not. If Apple have a flaw, and won't admit it, that would light a fire under them wouldn't it?
Given the hackers comments :
Although an Apple MacBook was used as the demo platform, it was exploited through a third-party wireless device driver - not the original wireless device driver that ships with the MacBook.
It sounds like they were bullshitting to try to make a splash, which they did. Till I see proof, I'm not inclined to trust either side.
Before you tar and feather someone publicly, make darn sure you don't leave the wrong impression or it will boomerang on you later.
This is true in any industry.
If these guys had made it CLEAR that they were using a NON-APPLE network device from the get-go we wouldn't be having this discussion today.
What they should have said:
"We found a wireless exploit in a major-brand wireless network device. We will be releasing the name and model number of the device after responsible notification to the vendors involved. The videotape you are watching shows this device connected to an Apple Macintosh. We have also tested a device containing the same chipset connected to a Windows-based PC and found similar problems."
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
but that fact was pretty thoroughly buried in the avalanche of "OS X is worse than Windows" news reports.
Clear, Dark Skies
Why couldn't you understand something like that? You've got to stop thinking about these things as network cards and video cards. Think of them as devices that take input, do some work, and produce output. Then you can see that any kind of device is susceptible to bad data.
'' Just giving 20 mins to this story get "FUD" tag and we go -1 levels by some Mac zealot moderator ;) ''
I think there should be an automatic moderation to -2 levels for any post that predicts "I will be moderated down because some zealots don't like my opinion".
1. The inconsistent position of the original demonstration?
/. have a polling mechanism? Can we actually vote on these?
2. The willingness of everyone to jump on an actual vulnerability in MacOS X (schadenfreude) ?
3. People who believe that the only reason software is vulnerable is its market share?
4. People who think that a company should be able to warrant/guarantee an OS regardless of what you do to the machine it's running on?
Does
dave
p.s. my Mini, that runs continuously 24 hours/day including web server, iTunes broadcast, etc, had a kernel panic yesterday. First time, too! I think it was because I was in the middle of LDAP client configuration and left the machine in an inconsistent state, i.e. -operator error-. No, OS X isn't perfect, but it's a damn site better than -any other OS- I've used on personal hardware. The only things I've used in almost 30 years in the business that have been more reliable are VAX/VMS, Ultrix and SunOS 4.0.3...
. People should ALWAYS trust what a company has to say about its own products. If Dell says there's no problem with their laptop batteries, they must be telling the truth. . right? On the same token, if Apple says that there is no problem with their wireless adapters or software, who are we to question them?
Myself, I trust the people who actually have the code to look at. In this case that would be Apple. They have done little that would lead me to think this statement was misleading.
If you blindly mistrust any company just because it is a company, you are just as badly off as if you blindy accept anythign any company says. You need to use common sense in evaluation statements from anyone.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
These guys had a demonstrable bias against Apple's platform and users from the get-go. They specifically chose the MacBook because they didn't like Mac users' supposedly smug attitude about security, so they wanted to make a public example of a Mac getting 0wned. But oh wait, they used a third-party wireless device with a third-party driver, a setup that's about as common on Mac hardware as steaming shit in Antarctica. When asked why they chose this, they claimed that Apple had put pressure on them to not demonstrate the flaw with Apple hardware ... but to go ahead and tell everyone that the same flaw existed in Apple hardware anyway. Why Apple would ask them to do that is anyone's guess. This was a highly dubious claim at the least. It's not surprising at all that it turned out to be total bullshit.
With the statements from Apple, the questionable reasons given by the researchers and their ire about the Mac community in general, I think the most probable conclusion is that these guys are full of shit. What I can't understand is why they'd risk their reputations on something seemingly so petty.
The headline's construction is confusing (paraphrasing) Apple Denies, Researchers Confirm. Since deny and confirm are antonyms, the headline implies that the two parties, Apple and the researchers are in disagreement, which is not the case.
My other sig is extremely clever...
[sarcasm: on]
Right. Because trying to play a music cd on your computer and installing third party hardware and drivers are, like, exactly the same.
[sarcasm: off]
(How did the parent get modded insightful?)
I have been wondering from the beginning, if they could insert an third party wireless card into my computer, why don't they insert a OS X boot DVD and enable root on my computer? Or simply grab my computer, they can gain TOTAL control of my computer much faster.
There is a spark in every single flame bait point.
Black Hat, you have a choice. You need to code a virus / worm, or develop something to take advantage of an exploit. Your goal is: Make as much money as possible. Your choices are: 1.) attack 2% of the market. 2.) Attack 6% of the market. 3.) Attack 92% of the market.
That's a poor way to look at it, and masks the situation you have with the Mac market today.
Any of those 92% of computers may vary wildly in terms of OS loaded or software used.
With the Mac you have tens of millions of computers (fourteen million registered OS X users). Lots of them are running the same software, the same browser, at the same OS rev.
Looking at the cost of renting botnets on the grey market those millions of computers represent millions of dollars of revenue, even if you crack just a percentage of them. So the question is why would someone leave that money on the table?
The answer is obvious - because it's a lot harder to hack a Mac to use in such a way. So it's not really numbers that are preventing the serious development of attacks today so much as a stronger security model. This would potentially be true even beyond the 80% marketshare point.
Basically the reason the Mac is safer today and will continue to be so even as market share climbs is the same philosophy behind avoiding being eaten by a bear - you just have to be able to run faster than the guy next to you. Windows is puffing something fierce.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
I have done enough debugging work to know that there is always a chance somebody screws up and screws up badly... That goes for Apple just like anybody else (I'm one of their customers by the way). Just because these hackers may have slipped up (at the moment I only have your word for it) and explicitly claimed that built in Apple Wifi cards were vulnerable without checking on it first (which incidentally violates one of the golden rules of professional bug-hunting: Never claim a vulnerability must exist on operating system A because it has been demonstrated on operating system B. Create tests and prove it!) So don't get to carried away in your 'Schadenfreude' Apple is no more incapable of fucking up any more than IBM/Lenovo,HP or any other high end PC manufacturer.
Only to idiots, are orders laws.
-- Henning von Tresckow
Yet its Microsofts fault for being 'unstable' every time Nvidia, ATI, or Creative's buggy drivers crash (pretty much the only reason you'll see XP crash under normal use).
Apple is god though..
Okay Einstein, then why did people make viruses for Mac prior to OS X, when there was even *less* marketshare?
Like another poster said, not all security models are built equal. Add up all the BSD, Linux and Mac marketshares, and there is still no exploits. The *nix crowd has a higher server marketshare than desktop, which makes them even more attractive for people to crack.
And btw, not all of 'em do it for money.
As for Apple zealots turning into "Intel Zealots" at WWDC05, well, you have to admit the new Intel Core is quite a step-up from their previous CPUs. And the Core 2 is (again) a big step-up too.
Just because something was good/bad in the past doesn't mean it's gonna be good/bad in the future (i.e. Mac OS 9 sucked but OS X is really good, Apple used to suck with their proprietary hardware and software (ADC, Apple-specific PICT screenshots that won't even load correctly in regular programs, etc) but now they're supporting standards (DVI, USB2, Wi-Fi, Bluetooth, PDF, PNG, etc).
The fact is, the two guys that showed off this exploit didn't actually exploit Apple hardware but claimed they did. Apple's just saying people should look at this fact. Is Apple untouchable? Probably not. But, until somebody proves otherwise, I'd say they have the ability to truthfully say they are. As of right now, there appears to be no threat whatsoever to Macs. People can complain about arrogance all they want, but right now the arrogance appears to be well founded.
-mrxak
Onions Will Kill You
Some how I think all this current bull shit about Mac users being "smug" about security is simple sour grapes. Linux users are similarly "smug" about security, but that is only if you define "smug" as simply stating the fact that there are certain things in place in the OS either by design or decision that make it inherently more secure out of the box. That in NO WAY means we should take any threat lightly, however stating the inherent higher security of these OS' is far from "smug" it is a simple fact. If no one likes it, then tough shit. I refuse to apologize or be meek about heightened security of my OS preference simply because windows users are pissed off because they are still struggling with exploits and viruses that should have been rendered impotent years ago.
Sorry, I don't see Microsoft building their own hardware and installing their own drivers. Microsoft pretty much doesn't have a choice in using outside drivers, where as with Apple's gear (at least with wifi connections) you have to go out (way out) of your way to use 3rd party hardware and drivers.
I've had XP crash just browsing around in the Explorer, I'd consider that "normal" use.
Anyway, my original point was, don't say "no Apple users ever use third party hardware / drivers" but few do. And in this specific case very few would as wifi is 99% of the time already in your laptop so there is no need for a 3rd party wifi card/driver. In addition 3rd party wifi cards and drivers are damn rare for Macs. Well, you can pick up any USB wifi adapter, but try to find vendor supplied/supported drivers for the mac (there are plenty of open-source drivers trying out there).
Let's face it, the security team wanted to get noticed and bashing Apple's security was an easy way to do it. They got their 15 minutes of fame. Now people are looking at what they said and did and finding the flaws in what they did. If someone had looked at what they were doing beforehand the whole thing would have been laughed off..
abcdefghijklmnopqrstuvwxyz
There's a really, really legitimate reason for not doing the demo live: they'd basically be releasing the exploit. After all, they were giving the talk to a large room full of people with notebooks, and if they started doing a demo, you know damn well that at least a fourth of them would start a wireless packet capture.
Apart from the obvious DV/audio/video usage where FW outperformes USB? Hmm, and how would I else use my non-externally powered FW drives? The measly 500mA in a USB port sux. I'd take FW over USB in any situation.
Bikers.....The only people that understand why a dog hangs his head out a car window.
1) Apple stands to lose a lot more than the researchers have to gain. The researchers gain credibility for discovering a remote-code execution bug in an Apple product--big deal. There have been other remote-root bugs in Apple products. Do you remember any single person who discovered it? Do you even remember the flaws? Apple is building a reputation for being rock-solid and secure, but it's pretty unreasonable to believe that there are NO remote code executions in their products.
Come on, Apple's rep is not hurt at all but one vulnerability - after all there have been others found and patched before - the claim to fame is that there are no exploits in the wild.
Furthermore again I have to ask, what hold does Apple have over these people that they would have held off? Given all the grief they have received over this you'd think they would come out and demonstrate the flaw using only the airport card.
It's far, far easier to believe some very smart guys stretched the truth a little to make thier claims more notcable than a VERY heavily used dirver in OSX has that kind of open flaw that has remained undiscovered to this point. It's very hard to believe that Apple leaning on them had any effect, because Apple simply has no leverage over them.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
It depends on which Steve Jobs you want to believe. Jobs from 5 years ago spouting off about how "clock cycles aren't everything" and "IBM and Motorola chips are far superior to any Intel chips" or the Jobs of today with "Our new Intel chips make our old chips look like solid state transistors".
I'm convinced slashot is filled with people who just enjoy not being willing to understand the simplest of things.
The PowerPC G5 processor is an absolutely superior design to anything Intel was putting out in the 90s. I don't know of any hardware geek who disagrees, although they may disagree on real-world performance with available complete systems.
That Intel is putting out well-designed power-efficient processors today does nothing to change the past. That IBM is uninterested in desktop computer processors NOW and is allowing the G5 to languish does nothing to diminish the fundamental superiority of the processor design, or the performance advantage it had years ago during active development.
You may as well complain that car buyers today are just fanbois, because beack in the 60s everyone knew Japanese imports were lousy, cheap machines that barely stood up to American cars. Yet now people say Japanese cars are great and reliable -- I mean, gosh, make up your minds, guys, flip-flop much? Once something is bad or good, it has to stay that way FOREVER, Mister Whirly said so!
Recursive: Adj. See Recursive.