Apple MacBook hacked through wireless card
/v3-uk/news/1967256/apple-macbook-hacked-wireless-card
03 Aug 2006, Will Head , V3
A security researcher showed how an Apple MacBook can be compromised through poorly coded wireless drivers.
In a presentation at the Black Hat security conference in Las Vegas, David Maynor, senior researcher at SecureWorks, showed a video demonstration of how a MacBook could be hacked by a nearby Dell laptop.
The demonstration was done via video, rather than live, to prevent anyone in the audience capturing the method of the attack.
"Don't think, however, just because we're attacking an Apple that the flaw itself is in an Apple. We're actually using a third party wireless card," Maynor said.
For the demonstration, Maynor set up a fake access point on the Dell laptop for the Macbook to log on to. However, he stressed, for the attack to work, the victim's machine doesn't need to be associated or authenticated with an access point.
The attack exploits poorly coded device drivers on the Apple system.
After running a script on the Dell machine, Maynor had complete control of the MacBook and was able to read, create and delete files on the compromised system.
"Although we attacked an Apple, the flaw's not specific [to] the Apple operating system as we used third party hardware," Maynor commented.
"This type of flaw will by systemic across all operating systems and hardware and the only way to prevent it is proper testing."
The full video of the Apple MacBook hack is available on the Washington Post Security Fix blog.
Do you agree?
Is it Apple's fault?
Is the flaw in code written by Apple?
>The attack exploits poorly coded device drivers on the Apple system.
Or is the flaw in the 3rd party driver? If so, then why mention Apple? Every Apple now shipping comes with Apple brand wireless.
It's an important distinction that the author leaves unmade.
>"This type of flaw will by systemic across all operating systems and hardware and the only way to prevent it is proper testing."
How will testing prevent anything? Fixing the code might help.
Posted by Lee Campbell, 03 Aug 2006
OS X or Windows
The story didn't say whether the MacBook was running OS X or Windows.
And it didn't say who was responsible for the poorly written driver? Did the driver come from the Bootcamp CD?
If the machine was running Windows and the driver was written by a third party, what have you proved? That a motivated computer could infect his own computer?
Posted by get this get that, 03 Aug 2006
So mac is no more secure than anything else
What a shock!
Apple will be forced to eat its words after claiming that it does not suffer security problems like other OS's.
If Apple had the same installed base as windows they would find allot more flaws.
Posted by Neil, 04 Aug 2006
Wrong, you do have to join!
Please watch the video again, he clearly had to voluntarily join the hostile network. He can poll a machine that is seeking networks and even find out information about that wireless card but he could not have done ANYTHING unless the user actually engaged the network.
Thanks for the generally unbiased review unlike other idiots although a more apt title would be "Computer hacked through wireless network" I know it doesn't carry the same weight but he is clear in the video that this is a universal wireless driver issue.
Posted by Ed Crelin, 04 Aug 2006
Sheesh! Why does everyone miss this?
"We're actually using a third party wireless card"
Why is that? Oh yeah, won't work with the PRE-INSTALLED card!
They took this beautiful machine, opened it up (voiding the warantee), removed the $100+ Airport Card and replaced it with some off brand piece of crap that was only barely compatble with the drivers for the Airport card. These drivers were custom made to connect the Airport Card to OS X. This security flaw he just had to dmonstrate on a mac will not work on a mac that hasn't been internally misfigured. Grow up!
Posted by John M Sage, 16 Aug 2006