All the latest UK technology news, reviews and analysis
|
|
|
21 Aug 2006
Security researchers who demonstrated a so-called vulnerability in an Apple MacBook at the Black Hat conference in Las Vegas have cleared Apple's name in security circles.
David Maynor and Jon Ellch, who work for security firm SecureWorks, performed a 60-second hack on a MacBook earlier this month to demonstrate a vulnerability in the device drivers of several wireless cards, including what was thought to be Apple's.
Although the news was widely reported as an attack on Apple's wireless drivers, the researchers have since posted a disclaimer revealing that the attack was performed via third-party software not shipped with the MacBook.
"This video presentation at Black Hat demonstrates vulnerabilities found in wireless device drivers," said SecureWorks.
"Although an Apple MacBook was used as the demo platform it was exploited through a third-party wireless device driver, not the original wireless device driver that ships with the MacBook.
"As part of a responsible disclosure policy, we are not disclosing the name of the third-party wireless device driver until a patch is available."
Latest stories from Hardware
Related articles
Related jobs
Poll
What is the most important IT priority for your company this year?
Connect with V3.co.uk
This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes
Why good data management at all levels is essential in the modern business (video, 6mins)
A leading global provider of critical information to...
Playstations and table football in the kitchen? Standard...
Systems Engineer - 2nd/3rd Line Support - Microsoft OS...
A leading global provider of critical information to...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?
Michael is right but misses the point
The point of the outcry from the Mac community was not one of "We are invulnerable!" but of "They are picking on us." Yes, it is possible that there are flaws in the Airport drivers, and in fact there are and there was a patch released to prove that, so no Mac person is going to claim that Macs are completely immune to attacks of all shapes and forms. The point is just that they strongly implied Apple as the problem and it was obvious that it wasn't. When inadequate third party hardware or software is required to make an attack work, don't just lay the blame on who you don't like.
Posted by: Josh 23 Sep 2006
Not so fast...
Agreed, they hacked a third party wireless driver. That does NOT mean Apple's driver can or cannot be hacked. Nothing definitive has been released so far. Further, what about other systems? Are they, or are they not susceptible?
Posted by: Michael 22 Aug 2006
the problem with your assumption
is that you give them the credit of the doubt, but here is what they said, , they provoked the audience with, "We're not picking specifically on Macs here, but if you watch those 'Get a Mac' commercials enough, it eventually makes you want to stab one of those users in the eye with a lit cigarette or something." they went so far as to replace hardware, what kind of security firm replaces hardware to get a failure? why did they not use one of the Wintel computers that actually will use this third party card? because they wanted to discredit Apple.... and no other reason... and you can tell by their comments above... these people are frauds. and not stating so in your article gives security firms everywhere a black eye... by associating all of them with these frauds.... which most probably deserve maybe.
Posted by: jon 21 Aug 2006
It's curious...
I find it curious how SecureWorks was so eager to show this exploit on an Apple MacBook, but now that's been revealed that the problem is with a third-party device, their not revealing that manufacture's name. Just another attempt at Apple-bashing. SecureWorks' credibility just sunk.
Posted by: Fred 21 Aug 2006