“By now you’ve likely read much coverage regarding the now infamous ‘MacBook Wireless Hack’ — a video that was publicly exposed at the Black Hat security conference purportedly showing a standard MacBook (with a third-party wireless card) being compromised by a Dell laptop within wireless range,” MacFixIt reports.
“In a nutshell, the controversy regarding this video is such: The security flaw exploited in the video is performed using a third-party, USB-based Wi-Fi card, not the MacBook’s native, built-in AirPort hardware/software. However, the creators of the video claim that the MacBook’s hardware is similarly susceptible, but no demonstration was carried out using the native hardware due to ‘pressure’ from Apple,” MacFixIt reports. “Without an explanation of the actual exploit, and in the absence of any commentary from Apple, it is impossible to speculate whether or not the MacBook’s native hardware is actually vulnerable to this flaw as claimed.”
“Another point of consideration is the level of access afforded by this hack. In the video demonstration, the hostile Dell machine was able to access user-level functions only. There was no indication as to whether any admin or root-user level tasks could be accomplished,” MacFixIt reports.
MacFixIt offers an easy recipe to plug this “security hole” – never join untrusted wireless access points:
• Open System Preferences and navigate to the Network pane
• Select Airport, and click “Configure”
• Go to the Airport tab
• From the “By default join” menu, select “Preferred Networks” rather than “Automatic”
• Next delete all non trusted networks from the list.
MacFixIt explains, “This will cause your portable to connect only to trusted networks, refraining from automatically joining networks without user permission.”
More in the full article here.
See also MacFixIt’s “10 simple steps for securing your Mac“
Related articles:
Is your Wi-Fi vulnerable to attack? – August 04, 2006
Re: Brian Krebs’ reporting on supposed MacBook Wi-Fi exploit – August 04, 2006
Hijacking an Apple Macbook in 60 seconds video posted online – August 03, 2006
Hijacking an Apple Macbook in 60 seconds – August 02, 2006
I’s like to see the instructions on how to protect yourself if you are on PC laptop. “Now, step # 27-K…”
Flank-bottom hound hole jiggery titter moo.
How to hack a Windows PC in 60 seconds:
1. Log in to windows in Safe Mode
2. Disable the welcome screen
3. Reboot
4. Log in as “Administrator”
5. Change the passwords to all the other accounts on the computer
I did this to my computer when I forgot the password. Woops.
An appendix to my previous entry:
The account “Administrator” comes preinstalled with no password, and has all administrative privileges. In order to change other accounts’ passwords, you do not have to enter the existing password for that account.
Exploding Macs
Don´t leave your Macbook unattended:
http://blog.wired.com/cultofmac/index.blog?entry_id=1533636
Carry a fire extinguisher at all times!
This will cause your portable to connect only to trusted networks, refraining from automatically joining networks without user permission.
IMO a setting to automatically join any network is a remarkably DUMB idea!
Forget about Wi-Fi for a minute. Would you want your Mac to link up with any server that it comes across (or worse yet, with any server that finds your Mac)? Of course not!
Sounds like time for a security update to clear this behavior.
Atleast a Mac didn’t kill Jenny.
http://www.consumeraffairs.com/news04/2006/08/dell_fire.html
By golly, that’s just how I had my Airported iMac already set. Bully for me! Looks like it’s not too hard to do it right with a bit o’ common sense. BTW, I have two neighbors with WiFi. Sometimes our RoadRunner goes down (big surprise) and I just pick a name from the drop down menu and leech. Mac life be so easy.
Wow…
That powerbook picture brings a tear to my eye.
Ka-Boom!:
As any idiot could plainly see and read in the article you linked to, that was a PowerBook with a defective battery, not a “Macbook”.
Nice try though.
Those Dells that caught on fire died of the same reasons that the PowerBook did: they had defective batteries. Apple issued a massive battry recall – did Dell?
Stories like this one don’t give ordinary people any valuable takeaway: most people don’t realize it’s a vulnerability in the Atheros wireless device driver, and can also be similarly exploited on Windows and Linux. They just think we’ve got some issue of unknown practical severity on “MacBooks” (oops, it also affects MacBook Pro and any other Intel Mac that uses the Atheros chipset, not to mention any other platform in the planet using this chipset). What does that mean?
It means we have a feeding frenzy for misinformation (deliberately obscuring the whole truth of an issue), with Apple as the latest victim.
Now we have a bunch of people telling everyone to disable the MacBook’s ability to automatically connect to access points. Whether or not that is a good issue anyway is beside the point: the end result is that people think there’s some kind of problem with just “MacBooks” because of the way the story was presented.
Frankly it amazes me that some of these people are even writers, because it took me about 45 seconds to understand from the presentation that this could affect any platform and any OS, but that they CHOSE to use Mac OS X on a MacBook. Much of the coverage doesn’t reflect this, and the sensationalistic headlines certainly don’t.
The reason MacBook was chosen has nothing to do with the Mac or OS X. It has to do with the fact if the hack was shown on any PC the reaction would have been “Dh’o”, who cares, one more: no news. But stick it Mac or Apple with it and it makes the news. So much so for “Macs not interesting” “Apple not on the radar” etc.
This very silly story – as it has been presented – is the evidence that Macs and OS X are very much in the radar of crackers and malware writers. Very much so. Obscure my ass.
That nothing yet has surfaced is one more evidence that OS X is very secure.
Artisticulated,
My Road Runner NEVER goes down, at least during the day when I’m home. I’ve had it 2 years now and I think it went down once during a big thunderstorm. I love it.
New Macbook secure! I love it!
As I’ve said before, I don’t really mind imitators (re: the impostor in thread number two) as long as you are going to be either heavily sarcastic or funny. You were neither. Just like cheap box makers that have tried to capitalize on Apple’s designs, iimitation is the cheapest form of flattery.
MDN MW: Indeed.
Well all these new computers have ways of disabling the security features. In Mac it is called System Preferences. On PC’s it’s called the On Button.
Thank you. Thank you. I’ll be here all week.
MDN word ‘served’: Windoze morons, you’ve been served.
@Nick “…that was a PowerBook with a defective battery, not a “Macbook”.”
Oh good, that makes it better.
“Mr. Insurance agent and Ms. Fireman it was a Powerbook, not a Macbook that burnt my house down.”
Still caught on fire, idiot.
“…did Dell?”
Yes.
ishufflemyfeet:
Down three times in six months. Restart the router and go. One time it was down for a few hours. Our TV goes to 5 seconds of static about once a day lately. TW cable in Charlotte is not stellar. Mild annoyance, but I’m glad you’ve got a good hookup.
If what the Black Hat presenters claim is true (there is not enough information available to know) then MacFixit’s solution will not work. They claim that it is a Layer 2 attack and doesn’t use IP or TCP and that it doesn’t require joining a WiFi network. They claim it is a bug in the Atheros WiFi kernel driver itself which gives very low level access the computer.
There is sufficient doubt that this hack is real that I wouldn’t spend too much time worrying about it right now. I suspect Apple will make some sort of statement soon and we will have a resolution on whether or not is real and how to work around the problem until there is a patch.
Why when there is any problem (real or potential) with Macs, Mac owners here give the Windows excuse:
“Yeah, but (fill in blank with favorite Windows company) does it (fill in blank with negative comment).”
As if that makes the Mac problem okay. That they are somehow connected.
Strange.
Ka-Boom!
…so some PowerBooks and Dells had defective batteries last year. How does this relate to MacBook wireless security?
Yeah, Hank G., I imagine if you go to the Ford Daily News website forum and people complain about their Fords, loyal Ford owners speak out, “Well, you think the timing chain on the Ford Escort is bad, you should see the sparkplug gap on the Chrysler LeBaron!!!”
LOL.
Nick: “How does this relate to MacBook wireless security?”
Nick, I don´t know, however you keep wanting to discuss it. (also See hank g comment.)
“Another point of consideration is the level of access afforded by this hack. In the video demonstration, the hostile Dell machine was able to access user-level functions only. There was no indication as to whether any admin or root-user level tasks could be accomplished,” MacFixIt reports.
Hahahaha, those MaxFixit fools
They only showed user level access, much like they tried to deceive folks that only 3rd party wireless cards responded to the crack.
The fact of the matter is this, if I got user level access, I will have root access very very shortly and the user will give it to me if all else fails.
MacFixIt offers an easy recipe to plug this “security hole” – never join untrusted wireless access points:
MacFixIt explains, “This will cause your portable to connect only to trusted networks, refraining from automatically joining networks without user permission.”
Duh, it’s a flaw in the driver software, what idiots.
Like I said before, anything that’s created is bought by Uncle Sam and reversed engineered to find the coded, electro and mechanical flaws.
This information is circulated amongst the very elite hackers and makes it’s way into public circulation.
Unless Apple spends billions of dollars like the US Government does to find these flaws and correct them, they will always exist and we h@xx0r’s will always have the upper hand.
Apple’s security is a joke, it’s less of a joke than Microsoft’s, but that’s about all.
Whatever. You truly sounds like you believe what you say. What a tool.
Billon of $ for what? Currently, as said by the hackers themselves, the problem is that most wireless devices embedded in laptops these days are switched on by default and are configured to continuously seek out available wireless networks.
If they do not go “Automatically”, ie, actively seeking for network, the machine is not ‘visible’. Ellch (who is currently pursuing his master’s degree in computer security at the Naval postgraduate school in Monterey, Calif.) told people about a new tool he’s developing that can remotely scan and figure out the chipset and driver version of a wireless device on a target computer. So far, Ellch said the tool currently recognizes 13 different wireless device drivers, breaking them down by operating system and firmware version.
“I’m getting this tool to the point where it can tell you not only how many people in a room are running, say, Centrino or Broadcom devices, but that ‘x’ number are running them on a Windows box with a specific version of the driver,” Ellch said. “The userful thing for that information is that if you have a device driver exploit and it’s version-specific, you could tweak [the exploit] before you launch it.”
In order to to the above, the wireless must be active and seeking for a network. On the Mac this can be avoided easily with the options on Airport.