Daring Fireball’s John Gruber writes, “With a headline like ‘Hijacking a Macbook in 60 Seconds or Less,’ or his quote from exploit co-discoverer David Maynor saying ‘if you watch those ‘Get a Mac’ commercials enough, it eventually makes you want to stab one of those users in the eye with a lit cigarette or something,’ where would anyone get the idea that the point of Krebs’s post was to pick on Macs? Or, more accurately, to generate a sensational amount of attention by playing off the Mac’s sterling reputation for security?
Gruber asks, “Did Krebs see the exploit work against a MacBook’s built-in AirPort card? He says he stands by his reporting, but he did not report that the exploit works against the MacBook’s built-in AirPort driver; he reported that Maynor and Ellch told him that it works against the MacBook’s built-in AirPort driver. ‘I stand by that they told me the built-in driver is expoitable’ is very different than ‘I stand by that the built-in driver is exploitable.’
Gruber writes, “If it’s true that this exploit does work against the MacBook’s built-in AirPort driver, it’s one of the most serious security exploits ever discovered against Mac OS X. Basing their demo video on a third-party card makes matters worse, not better, because it creates the perception that the majority of MacBook users are safe because they aren’t using third-party cards.”
Gruber writes, “Krebs’s shoddy reporting leaves nearly all the important questions regarding this exploit unanswered. What about other models? Are MacBook Pros exploitable as well? PowerBooks? iBooks? Desktop Macs that use AirPort? Is a Mac vulnerable in its default out-of-the-box configuration? For example, by default, Mac OS X is configured to ask for confirmation before joining an unknown open Wi-Fi network. Does this exploit require that this setting (in the Network panel in System Preferences) be changed to allow joining unknown open networks automatically? Are any other changes to the default networking configuration required to allow this exploit to work? Is there anything Mac users can do to protect themselves other than completely disabling AirPort?”
Full article here.
[Thanks to MacDailyNews Reader “Rainy Day” for the heads up.]
MacDailyNews Take: What exactly is going on here? Any ideas?
Related MacDailyNews articles:
Hijacking an Apple Macbook in 60 seconds video posted online – August 03, 2006
Hijacking an Apple Macbook in 60 seconds – August 02, 2006
To Hmmm…
Thank u, couldnt agree more
MDN Word: “stop”….
stop!
The Report is accurate but the story is shoddy.
If the Hacker says it will work on an Airport then the reporter is conveying the story.
He used a 3rd party card, it worked, he SAYS it will work also on an Airport WiFi.
However that doesn’t mean it’s true, we don’t know and the blogger did no follow up to test the accuracy or truth of the statement that it will also work on an Airport, much less the Apple pressured the hacker not to show it on an Airport. So at this point, it is probably a valid hack IF you stick a wireless USB on your MacBook, which has about zero chance of happening in the real world.
And the claim Airport is just as vulnerable may or may not be the usual F.U.D.
But to lead with a sensationalist headline and prominent display of an Apple in the video demoing the Mac seemingly so open to attack while downplaying the 3rd party card issue makes it seem to be just sensationalist FUD by the Blogger and possibly also by the Hacker.
Hmmmm, Interesting question here.
Can wireless hacking cause problems? It sounds like it could since the hacker would be getting in from between a network and the computer.
As far as 3rd party wireless? Hmmm, I have an iBook and the ONLY dongle I can find is the Dlink 122. Period. The rest are not working becasue of driver issues. Maybe the Macbook can use some because of the intel chip. But on a recent trip to the “toy” store, I could not find a SINGLE dongle wireless that indicated Mac operation. That leaves the apple wireless card.
Now, the real question is if you have a legit local wireless network, and some smuck drives his wireless truck near your business, can he link in and drop his “load” of software without you noticing??? Would this work with motels, etc?
More details are needed by someone in the know. Please.
N.
MP. Thanks. A good set if info. Good link.
One thought. Wi fi is less that say 100 feet. So someone has to be very local to make this work? Right??
N.
It is a shame that the stir this caused will not be brought back down by critical thinking. Well for most people.
This is definatly an attack on Macs. These guys were sitting around looking for a reason to break in. Putting a wifi USB card on a laptop that is already wireless proves they prepped the Mac to fail, and possibly the Dell. Did they mention that Mac portables do not need one of these cards? To PC users they may not question a wifi card sticking out of the side, so potential switcher could have been turned away. I have never seen a mac portable use one. They may as well taken down the firewall and granted root access to everyone. This is not a realistic everyday situation for Mac users.
I guess it is a good sign that Apple is growing though.
The security update doesn’t solve the problem – it will take new drivers, which are only included in OS updates. These two dudes claim that it works with Apple’s built-in Airport card and the drivers that come with it.
But, as I posted yesterday, he only rooted the home directory. Does this exploit work with other directories? He never changed directories in the demo.
This is Krebs recent response to my email:
Thanks for reading and for sharing your thoughts. I was pretty up front in the article about why they were using Macs as an example, so I can’t really argue with you there. One reason I focused on that at the beginning was I felt it would give the issue the attention it deserves, because this is a very serious industry-wide flaw,and I took GREAT pains to make that clear.
Still, I love how you and so many others refuse to accept that this IS a real problem for Macbook users. The internal wireless drivers in all recent Macbooks are indeed exploitable, despite the fud that various mac-centric publications are spreading. It happens that there are some really smart people here at Defcon who are probably working on releasing an exploit for this. But don’t let that scare you. Continue to bury your head in the sand whine about how people are picking on the poor Mac users and you’ll be fine, I’m sure.
Have a nice day.
Bk
Bluetooth range is 10 meters; 33 feet.