Slashdot is powered by your submissions, so send in your scoop

 


Forgot your password?
Close
typodupeerror
×
Security Businesses Apple

MacBook Wi-Fi Hijack Details Finally Released 82

Posted by Zonk from the strange-tale-of-patch-10.4.8 dept.
Wick3d Gam3s writes "Hacker David Maynor attempted to put the strange tale of the Macbook Wifi hack to rest, and offered an apology for mistakes made. All this and a live demo of the takeover exploit was made at a Black Hat DC event yesterday. Maynor promised to release e-mail exchanges, crash/panic logs and exploit code in an effort to clear his tarnished name. Said Maynor: 'I screwed up a bit [at last year's Black Hat in Las Vegas]. I probably shouldn't have used an Apple machine in the video demo and I definitely should not have discussed it a journalist ahead of time ... I made mistakes, I screwed up. You can blame me for a lot of things but don't say we didn't find this and give all the information to Apple.'"
This discussion has been archived. No new comments can be posted.

MacBook Wi-Fi Hijack Details Finally Released More

MacBook Wi-Fi Hijack Details Finally Released

Comments Filter:

  • Just an observation..... (Score:2, Interesting)

    by 8127972 ( 73495 ) on Friday March 02, 2007 @11:54AM (#18207294)
    Apple came out with a patch that addresses this issue:

    http://news.com.com/New+Apple+patch+plugs+Wi-Fi+hi jack+flaws/2100-1002_3-6118245.html [com.com]

    The article doesn't mention if the machine he used in the demo had this patch. And if so, that may imply that the patch has holes.

  • I do not undestand the fuzz. (Score:1, Interesting)

    by Anonymous Coward on Friday March 02, 2007 @12:06PM (#18207444)
    What's the point?

    (1) I would and do release immediately security faults I find. (have found some).

    (2) If someone says I did not find it or throws smut at me I'd sue - all the media running such articles which falsify my work or findings.

    So simple.

    Companies do act and correct bugs faster when security faults are released.

  • Re:Crash? I thought the original claim was... (Score:4, Interesting)

    by Rosyna ( 80334 ) on Friday March 02, 2007 @12:12PM (#18207540) Homepage
    Frankly, I wouldn't even be surprised if he did some old-fashioned reverse-engineering of the patch to create the exploit for the older boxes.

    And then used his time machine to go back in time to before the bug was patched and announce the exploit?

    No, his original claim was a farce (hell, look at the video, there was only one wireless device available according to ifconfig). Apple then audited their code, found 3 bugs. He took one of the bugs mentioned, found out how to trigger it, triggered the crash and now claims he was right all along.

    The problem is that what's happening now doesn't support his original claims. The original claims were he could hijack a MacBook in under 60 seconds and gain completely control of it. Now all he's getting is a crash with no control.

  • Re:Crash? I thought the original claim was... (Score:5, Interesting)

    by AchiIIe ( 974900 ) on Friday March 02, 2007 @12:30PM (#18207758)
    That is correct, the original video was faked... They prob were close but did not want to wait.
    Here is a video I made debunking their proof: http://video.google.com/videoplay?docid=1468187717 11399295&hl=en [google.com]
    My guess is that they got a buffer overflow but had not yet found the correct location in memory to write their shellcode. They still have not...

  • Re:Proof in the pudding (Score:3, Interesting)

    by Afecks ( 899057 ) on Friday March 02, 2007 @02:54PM (#18209700)
    You obviously know very little about exploits. If the bug allows remote code execution, which Apple plainly states is possible, the difference in a crash and a hijack is only a matter of a few bytes of shell code. So in essence he has done the hardest part already. Then you come along and claim that since he didn't take it all the way and give you the final easiest 1%, now he's a complete fraud and a liar.

    Even if he had demonstrated the original takeover that still wouldn't prove his story. Yet you claim that because of this it makes him look guilty. Nice logic. Basically, either way you get to claim he's full of shit.

    Many major vendors have a known history for screwing over vulnerability researchers such as Cisco, Apple, Microsoft and others. I just have a hard time believing this is any different.

  • Re:Proof in the pudding (Score:1, Interesting)

    by Anonymous Coward on Friday March 02, 2007 @05:01PM (#18211512)
    So because he says there might be a remote exploit issue, he deserves credit for any and all exploit issues found from now on, no matter what, even though he never provided proof of anything? Oh, ok.

    Say, I think there might be security problems in Windows. I now deserve credit for every single security patch ever from now on.

  • Re:Crash? I thought the original claim was... (Score:3, Interesting)

    by raynet ( 51803 ) on Friday March 02, 2007 @06:50PM (#18212974) Homepage

    Pretty solid video. I just want to add two things. First, the IEEE page says:

    Your attention is called to the fact that the firms and numbers listed may not always be obvious in product implementation. Some manufacturers subcontract component manufacture and others include registered firms' OUIs in their products.

    And second, though not sure about Macbooks and OSX, but often you can change your MAC address, though it would be silly to change it to Apple's OUI.

    So there is a small possibility that the video was real. Perhaps the shot where you see the Terminal.app was filmed at a later time, quite probable if they only used one camera for filming the demo.

    So, most likely a fake.

Slashdot Top Deals

Nothing happens.

Close