Slashdot Mirror


Johnny Cache Breaks Silence On Wi-Fi Exploit

Joe Barr writes, "Johnny Cache — aka Jon Ellch — is chafing under the cone of silence placed over him and co-presenter Dave Maynor about the Wi-Fi exploit they presented at Black Hat and DEFCON last month. So he has finally broken his silence on NewsForge in hopes of ending the personal attacks coming from what he implies is a smear campaign started by Apple." (Newsforge and Slashdot are both owned by OSTG.)

Johhny Cache writes, "If you're going to post a news story that is a rehash of my post to a mailing list, I would much prefer it if people actaully just read the post in its entirety."

5 of 288 comments (clear)

  1. So..? by ericdano · · Score: 4, Interesting

    So, is he going to take Daringfireball's challenge or not? I think his whole thing has tarnished him, and he won't recover.

    --
    It's either on the beat or off the beat, it's that easy.
    I moderate therefore I rule!
    --
  2. "Implies" my fanny. He says it right out. by Shayde · · Score: 4, Interesting

    If that's just an 'implication', I'll eat my hat. It's pretty obvious that his going silent is the result of Apple putting the thumbscrews to him. He states that the ONLY reason he's saying something now is because he's talking about Intels drivers, not Apples. It's blatantly obvious that Apple's lawyers have come down on him like a ton of bricks, forcing him to be quiet until they get a patch out. This way no one can report about the 'insecurity' of the OSX platform - there are no exploits, see? As long as you're patched and up to date!

    --
    Event Management Solutions : http://www.stonekeep.com/
  3. Re:"Implies" my fanny. He says it right out. by Anonymous Coward · · Score: 5, Interesting
    So Apple is supposed to patch someone else's drivers for a wi-fi card that would never be used with a Mac?
    Apple probably looked at these guys and laughed. </blockquote>

    Silly rabbit! What the author is inplying, very transparently, is that they found an exploit in the Apple driver that is very similiar to the one in Intel's driver.

    Due to his NDA with his company he can't say what he might know about Apple's driver, but he can certainly point out a similar bug and exploit with a similar Intel driver and let you infer what you will... namely that a very similar bug exists in the Apple driver.

    Now, whether that's true or not... that's another story.
  4. It's not tech details, it's proving it works by eggboard · · Score: 4, Interesting

    Ellch misdirects attention very clearly. The "Mac bloggers," which include a lot of non-Mac bloggers, have generally said, look, if what Ellch and Maynor showed Brian Krebs is true, then just demonstrate the real Apple exploit without revealing details.

    The article above states, "He also went on to explain that while the debate was centered in the Mac blogger community, it made no sense to discuss it because most of them wouldn't understand the explanation if he gave it, adding, "Since this conversation has moved into a venue of people who can actually grasp the details of this, I'm ready to start saying something." "

    Thanks for the condescension! It's not necessary. I will note that no one sensible, including myself (over at wifinetnews.com) has asked for the code. Rather, we've asked for Maynor and Ellch to either state that they mislead Brian Krebs, that Apple lied when they stated the company wasn't presented with credible evidence, or that they have material that Krebs saw and Apple hadn't seen yet.

    John Gruber did a face-off, not asking for the code, but asking for a simple demonstration with a $1,099 plus sales tax prize.

    How does Gruber not understand the technical details when he isn't asking for them? He's asking for a black-box showdown.

    --
    Freelance tech journalist for the Economist, MIT Technology Review, Macworld, and others
  5. Re:Macjihad by OmnipotentEntity · · Score: 4, Interesting

    Umm... something having a bug isn't an incredible claim. Sure, it's not a good thing but it happens to everyone. It's nothing to be ashamed about. Just get the bastard fixed and stop dicking about.

    This isn't about a perpetual motion machine or an entropy reducing device, or even P vs. NP or Riemann's Hypothesis. This is code. This isn't world changing. Bugs happen, then they get fixed. If they want to stay silent to dodge liability let them. If there is a bug it'll be patched, if there isn't they'll fade into obscurity.

    --
    "Build a man a fire warm him for a day, set a man on fire and warm him for the rest of his life."