“The Washington Post’s Brian Krebs reports on a supposed wireless networking exploit that allows a MacBook to be hijacked,” John Gruber writes for Daring Fireball. “I smell bullshit, though — if you watch the video, the exploit apparently requires the MacBook to be using a third-party wireless card. Given that all MacBooks come with built-in AirPort support, how many MacBook users are actually susceptible to this? Any?”
Gruber writes, “Worse, Krebs’s post makes no mention of this, instead making it sound as though the exploit works against MacBooks using their built-in wireless cards and drivers. If it’s truly the case that this particular exploit only works if a MacBook is using a third-party Wi-Fi card and driver software, it’s sensationalism at its worst — a case of supposed security experts impugning Apple’s reputation for the sole purpose of drawing attention to themselves.”
Full article with links here.
“I’d like to respond to the people who commented on yesterday’s post about the video’s depiction of the use of a third-party wireless card on the Macbook. I spent more than an hour with Dave Maynor watching this exploit in action and peppering him with questions about it,” Brian Krebs reports for The Washington Post.
Krebs reports, “During the course of our interview, it came out that Apple had leaned on Maynor and Ellch pretty hard not to make this an issue about the Mac drivers — mainly because Apple had not fixed the problem yet. Maynor acknowledged that he used a third-party wireless card in the demo so as not to draw attention to the flaw resident in Macbook drivers. But he also admitted that the same flaws were resident in the default Macbook wireless device drivers, and that those drivers were identically exploitable. And that is what I reported.”
Full article with the video of the MacBook hijacking here.
Related article:
Hijacking an Apple Macbook in 60 seconds – August 02, 2006