08-03-2006, 08:31 AM

Bottom line - even if OS X is fully patched/up-to-date, the Macbook (and several Windows wireless adaptors) are at risk of allowing someone root-level access via flaws in the devices' drivers. The story is at http://arstechnica.com/journals/apple.ars/2006/8/2/4856 and http://blog.washingtonpost.com/secur...60_seco_1.html

08-03-2006, 08:47 AM

Yeah, but you have to be using a 3rd party wireless adapter and driver, so it won't affect 99% of macbook users...

08-03-2006, 09:06 AM

Quote:

Originally Posted by Aptmunich

Yeah, but you have to be using a 3rd party wireless adapter and driver, so it won't affect 99% of macbook users...

I think you may have mis-read the article...all the drivers for the macbook are written by 3rd party, not Apple. Apple farms it out to these other companies. The article states that this affects macbooks, not "macbooks where users added/changed drivers from the default drivers supplied by the factory."

08-03-2006, 09:17 AM

Quote:

Originally Posted by Article

The demonstration today is being presented by video tape, due to the fears that a live demonstration might allow for attendees to intercept code which would run the risk of the code being exploited.

....or because it is less likely that their charade would work.

Quote:

Originally Posted by Blog article

...there is not a single shred of evidence that these flaws have been exploited

So until there is, I will just file this with all of those stories and reports of "viruses" on Mac OS X.

08-03-2006, 09:21 AM

The first of the two articles is misleading - it says that they got into the machine "by hacking the "low-level" computer code that communicates between the machine and internal & external wireless solutions" whereas the other one doesn't say that. Until I read the other one, it sounded very much like they'd released compromised drivers masquerading as an update or something.

I always find lower level hacking interesting, because it moves the focus. All the firewalls, network scanners and encryption in the world can't save you if an exploit operates beneath them all. This is the reason I always maintain that the record and movies industries will never beat piracy. At some point, that DRMd, locked down, region encoded, encrypted stream has to be reduced to the raw bits and bytes in order to be sent to the screen or speakers. Hijack it at that point, and everything built on top is a waste of time.

08-03-2006, 09:29 AM

I am with devilboy on this one, lets see it actually done. Till then....

08-03-2006, 09:30 AM

Quote:

I think you may have mis-read the article...all the drivers for the macbook are written by 3rd party, not Apple. Apple farms it out to these other companies. The article states that this affects macbooks, not "macbooks where users added/changed drivers from the default drivers supplied by the factory."

I didn't read this article, but most sites that covered it got it wrong initially and have since corrected the stories:

(http://www.macworld.co.uk/news/index.cfm?NewsID=15435)

Quote:

The researchers stressed that the flaw isn't specific to Apple and the Mac OS, and also chose to use a third-party wireless access device rather than the built in AirPort card on the Mac.

http://biz.yahoo.com/ap/060802/wirel...lity.html?.v=2

Quote:

The MacBook used in the demonstration was not using the wireless gear that shipped with the computer. Instead, they used a third-party wireless card that they declined to name.

Given that the company I work for hasn't sold a wireless USB adapter for 10.4. for quite some time now, because all the products on the market had flaky drivers at best, this doesn't really surprise me.

EDIT: I just watched the video:
http://blog.washingtonpost.com/secur...n_60_seco.html

He specifically states several times that the flaw is in the 3rd party hardware, not the OS.

I agree that it is serious (I mean, just because I use a specific peripheral device, I shouldn't be that vunerable...) but not Macbook related in any way. (It could be a Dell laptop, powerbook, or any other laptop) The story is just being completely overhyped, as it's a laptop with an apple logo.

08-03-2006, 09:44 AM

Good info Aptmunich.

08-03-2006, 10:07 AM

Quote:

Originally Posted by Aptmunich

He specifically states several times that the flaw is in the 3rd party hardware, not the OS.

Ok...I do have it wrong...I'm leaving the below only for historical purposes of what I wrote...

I fell victim to the hype...sorry. Who on this planet would use a 3rd party wireless adapter on a MB (or any other laptop for that matter)? The only reason I could think of, for every-day use, is if the built-in adapter is dead.


{Begin original text of this post}
I'm trying to understand this....

They state that all drivers for the wireless interface are third-party drivers...none are written by Apple (including the drivers "built-in"). Drivers are not a part of the OS on any OS...so...while the your quote is accurate about it not being Mac OS, it still leaves to question what they mean by "3rd party." Does that refer to the "3rd party" drivers that ship WITH (as in provided by Apple) the MacBook or does it mean something along the lines of "4th party" drivers (as I'll call it) that are installed by the user? Both the 2 guys in the story and the story aurthors make it sound like this happens from a DEFAULT configuration of the laptop from the drivers supplied by Apple (with regard to the MB specifically). I think it means the drivers that ship with the laptop...otherwise this really would be a non-issue. How many Mac owners are going to install "some driver" off the web instead of using the one provided by Apple?

I'm not trying to stir up an hornets nest, but at the same time, just because it hasn't been done by someone else at a public wifi hot spot doesn't mean it can't happen.

08-03-2006, 10:30 AM

Quote:

Originally Posted by jc1350

Does that refer to the "3rd party" drivers that ship WITH (as in provided by Apple) the MacBook or does it mean something along the lines of "4th party" drivers (as I'll call it) that are installed by the user?

The drivers as shipped by Apple for Apple hardware would not be considered 3rd party. Many card manufacturers use other development houses to develop drivers for them. This is especially true of wireless network cards, because there are a small number of chipsets and a large number of manufacturers. Trying to claim that the Apple drivers for the Airport card somehow falls under "3rd party" just adds to the confusion and will make articles like this even harder to understand properly.

08-03-2006, 10:31 AM

It was stated elsewhere (can't find the source, was linked on slashdot) that the internal AirPort card is vulnerable, and that Apple urged them to use a third-party wireless card for the demonstration. The vulnerability is in the specific wireless chipsets, and a bad implenetation of it's drivers.

08-03-2006, 10:41 AM

http://www.itwire.com.au/content/view/5182/53/

They were able to hack into Linux and Windows systems also the same way.

08-03-2006, 10:42 AM

With all the misinformation going around (even the article Aptmunich linked to said one thing in the text and another in the video) it's probably best to leave uncited slashdot links at 'rumour' status.

08-03-2006, 10:45 AM

I have read pretty much every article I can find and nothing said that it could be done with the Built In Apple Airport and drivers. In the Video with the dood doing the hacking he makes it clear he is using a 3rd party card and even shows it being plugged in to the side of the MacBook. So far I have found nothing saying Apple begged them to use an external card. Still looking!

Remember this, this is not JUST A PROBLEM on the Mac. They got into Linux, Windows systems this way also. It's a problem with a lot of 3rd party drivers for WiFi Cards.

08-03-2006, 10:53 AM

Even though I leapt to apple's defense there, I do think it's important for flaws like this to be shown: The fact remains that they had complete user file access from another machine without authorisation.

Whilst this was an unlikely scenario, I am beginning to get the feeling that with all the extra attention OS X is getting, more flaws like this and more serious ones will be discovered.