MacBook Wi-Fi Hijack Details Finally Released 82
Wick3d Gam3s writes "Hacker David Maynor attempted to put the strange tale of the Macbook Wifi hack to rest, and offered an apology for mistakes made. All this and a live demo of the takeover exploit was made at a Black Hat DC event yesterday. Maynor promised to release e-mail exchanges, crash/panic logs and exploit code in an effort to clear his tarnished name. Said Maynor: 'I screwed up a bit [at last year's Black Hat in Las Vegas]. I probably shouldn't have used an Apple machine in the video demo and I definitely should not have discussed it a journalist ahead of time ... I made mistakes, I screwed up. You can blame me for a lot of things but don't say we didn't find this and give all the information to Apple.'"
Just an observation..... (Score:2, Interesting)
http://news.com.com/New+Apple+patch+plugs+Wi-Fi+h
The article doesn't mention if the machine he used in the demo had this patch. And if so, that may imply that the patch has holes.
I do not undestand the fuzz. (Score:1, Interesting)
(1) I would and do release immediately security faults I find. (have found some).
(2) If someone says I did not find it or throws smut at me I'd sue - all the media running such articles which falsify my work or findings.
So simple.
Companies do act and correct bugs faster when security faults are released.
Re:Crash? I thought the original claim was... (Score:4, Interesting)
And then used his time machine to go back in time to before the bug was patched and announce the exploit?
No, his original claim was a farce (hell, look at the video, there was only one wireless device available according to ifconfig). Apple then audited their code, found 3 bugs. He took one of the bugs mentioned, found out how to trigger it, triggered the crash and now claims he was right all along.
The problem is that what's happening now doesn't support his original claims. The original claims were he could hijack a MacBook in under 60 seconds and gain completely control of it. Now all he's getting is a crash with no control.
Re:Crash? I thought the original claim was... (Score:5, Interesting)
Here is a video I made debunking their proof: http://video.google.com/videoplay?docid=146818771
My guess is that they got a buffer overflow but had not yet found the correct location in memory to write their shellcode. They still have not...
Re:Proof in the pudding (Score:3, Interesting)
Even if he had demonstrated the original takeover that still wouldn't prove his story. Yet you claim that because of this it makes him look guilty. Nice logic. Basically, either way you get to claim he's full of shit.
Many major vendors have a known history for screwing over vulnerability researchers such as Cisco, Apple, Microsoft and others. I just have a hard time believing this is any different.
Re:Proof in the pudding (Score:1, Interesting)
Say, I think there might be security problems in Windows. I now deserve credit for every single security patch ever from now on.
Re:Crash? I thought the original claim was... (Score:3, Interesting)
Pretty solid video. I just want to add two things. First, the IEEE page says:
And second, though not sure about Macbooks and OSX, but often you can change your MAC address, though it would be silly to change it to Apple's OUI.
So there is a small possibility that the video was real. Perhaps the shot where you see the Terminal.app was filmed at a later time, quite probable if they only used one camera for filming the demo.
So, most likely a fake.