Slashdot Mirror
Apple Denies Wi-Fi Flaw, Researchers Confirm
Glenn Fleishman writes "Apple tells Macworld.com that the Wi-Fi exploit demonstrated at Black Hat 2006 in a video doesn't show a flaw in their hardware or software. A third-party USB adapter with different chips and drivers was used, and Apple says the two researchers haven't provided Apple with code or a demonstration showing a working exploit on Apple equipment. The researchers added a note at their Web site confirming that only an unnamed third-party adapter was used. This doesn't mean the researchers have no flaw to show, but rather that their nose-thumbing at Apple users who were too secure in their security was misplaced, at least at present. The researcher's claim that they were providing information to Apple now seems off-base, too."
We were told that all Macs are vulnerable. And not only all Macs, but also all Linux machines, and all Windows machines. It seems this was not the case. Apparently there is no exploit at all against a bog standard Macbook with built-in wireless, and that covers about 99.999 percent. Using an external card was essential to the exploit, the claimed "pressure from Apple" was just made up. Remember, these guys _did_ claim that a Macintosh with built-in wireless adapter was vulnerable, and they didn't demonstrate that because of pressure from Apple! I didn't believe it then, nobody should have ever believed it without evidence, and now they have been caught with their lies.
Shame on everyone who reported it without checking the facts.
I'd like to know if the fact that a third-party driver was used was reported when the exploit came out, or if this senior researcher at SecureWorks withheld that information deliberately. He stated he doesn't want to reveal the name of the device for legal reasons, but I don't know if this is just an excuse to hide behind or not. It sounds like he set out with a purpose, that is to make Mac users feel less "smug" about security, rather than point out vulnerabilities to increase security in the long-run. Sort of like a scientific researcher who comes up with a conclusion and will do anything to reach it.
Allow me to provide some background on one of the researchers. David Maynor has never been credited with the discovery of a vulnerability, even after several years at ISS X-Force. I have seen him present at three security conferences (two Blackhats and CANSEC) and not once have I seen him support his claims with any evidence. I am acquainted with a number of his former coworkers in the vulnerability research community and have been told by all of them not to place any stock in his caims. Based on that on the refusal to provide proof, I question this whole situation.
Good vent, these people that constaly jump any any apperance of weakness in OS X are far worse (nad more numerous) than the mythical user who thinks the Mac is invincible to any attack.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
I never said OS X was without flaws. The fact that I got a kernel panic is evidence of a significant bug somewhere. I just see them -much less often- on Mac OS X than on other PC based OSs I've worked with (since 1978, when I bought my TRS 80 Model 1).
;-)
I get a kernel panic on my MacBook Pro around once a month or so - usually caused by very different things. I tried enabling wireless on a train once, just to see how many networks were zooming past - and then tried connecting to a network to see what happened. Oops. Kernel panic. That's me taught! Also, even iPhoto's also caused one (the problem-reporting thing which appeared on startup reckoned there was a problem with the ATI graphics drivers), I've even occasionally had ones out of the blue while web-browsing (see photo)...
The bugs responsible might be in the process or being patched out every time there's a MacOS X update, but I've no real way of knowing. It's still a pretty stable machine, although worse than my old iBook (which still locked up every so often with the multilingual messages). But, embarrassingly, it's nowhere near as stable as my Windows XP desktop machine - which I do Half-Life 2 mod development stuff on, so seriously stretch the graphics card, memory, processor etc.
My crashy-crashy-shite-machine is that same PC running Linux. Rock-solid in Windows XP, it locks up all the time in Linux. A recent-ish 64-bit SUSE release. And yes, I've updated everything, downloaded new nVidia drivers, blah blah blah, and it still locks up at random whenever I do anything graphics related.
Kind of a turn-around from some years ago, when I reckoned Linux was uncrashable, Windows a disaster and Macs I could crash by standing nearby...
Tedious Bloggy Stuff - hooray?
Huh? I don't know what you're talking about, because I fired up a fresh VMWare machine a few weeks ago, installed a bare WinXP system onto it, and just for fun started using Internet Explorer to browse the 'net. I let this go for a day, with a couple of people using it just for web browsing, and the thing got totally infested with viruses and spyware. I had originally thought it would be interesting to try and decontaminate the system without reformatting it, but eventually I just gave up and rolled back the VM. A few more days and I probably would have been spewing a million penis-enlargement emails a minute.
The only thing that keeps most Windows users' computers in a useable state is the piles and piles of anti-adware, anti-spyware, anti-intrusion, anti-virus software. The bare OS and browser are still pretty horrible. All you have to do is click on that "This page requires an ActiveX control, do you want to install it?" button once, and you're totally infested with popups and spyware.
"Ladies and gentlemen, my killbot features Lotus Notes and a machine gun. It is the finest available."
The idjits at SecureWorks cheerfully slammed Apple for a presumed, and now disproven, vulnerability discovery. But when asked to identify the "third party" of the USB wifi device they actually cracked, they suddenly get protective of the third party's reputation. The company name should be changed to SecureDorks.