Wireless Macbook Security Exploit?

MacRumors · Aug 2, 2006

A blog notes that two hackers are demonstrating a security flaw in the Macbook's device driver that would allow them to "seize total control over the machine".

...this attack can be carried out whether or not a vulnerable targeted laptop connects with a local wireless network. It is, they said, enough for a vulnerable machine to have its wireless card active for such an attack to be successful.

Similar vulnerabilities have also been found in corresponding Windows wireless drivers but the two are demoing the vulnerability on the Mac due to Apple's recent advertising on Mac OS X's security.

The vulnerability has not been described to be "in the wild", and the two have been in touch with Apple, Microsoft and other companies responsible for the drivers.

ModestPenguin · Aug 2, 2006

Dirty whiney windows users messing with our macs.

Back off.

spicyapple · Aug 2, 2006

In under a minute, no less.

bigmc6000 · Aug 2, 2006

What a load

In response to the advertisements my @$$! Figures they'd try to go after something that isn't written into the OS since we all know how hard that is. So big deal - put out a firmware update for the AirPort Extreme card and it's fixed - Next please!!

Mammoth · Aug 2, 2006

It's nice to know that they're trying to rid this problem.

dizastor · Aug 2, 2006

Mammoth said:
It's nice to know that they're trying to rid this problem.

The wireless hack or the onslaught of windows switchers?

longofest · Aug 2, 2006

The exploit is apparently in the device driver, and so its more of an issue with Atheros than with Apple. I mean, a vulnerability is a vulnerability, and it still needs to be fixed, but the compromised code is most likely not Apple's at least.

ebuc · Aug 2, 2006

So what happens when the owner of the MacBook closes the computer?

yellow · Aug 2, 2006

longofest said:
but the compromised code is most likely not Apple's at least.

I concur. They simply chose a Mac to be a cock. How's that for smugness?

ebuc said:
So what happens when the owner of the MacBook closes the computer?

Exploit defeated.

Compatiblepoker · Aug 2, 2006

Saw that one coming. I cringe everytime I see an Apple security commercial. It's like spitting in the hackers face.

bluetorch18 · Aug 2, 2006

ebuc said:
So what happens when the owner of the MacBook closes the computer?

That'll show the bastards...

Derekasaurus · Aug 2, 2006

bigmc6000 said:
Figures they'd try to go after something that isn't written into the OS since we all know how hard that is.

Do you know what a computer without drivers is? A paperweight. The OS is not a single monolithic thing; it's made up of many components. The notion of what is "written into the OS" is more complicated than you seem to think, and it's childish to dismiss a vulnerability because it's in a driver.

yellow said:
They simply chose a Mac to be a cock. How's that for smugness?

Actually it's the smug attitude of so many Mac owners that makes them such satisfying targets. You reap what you sow. I've been using Macs since 1984 (and PCs about as long) and Mac users get on my nerves sometimes.

yellow · Aug 2, 2006

Well, which is it?

There aren't enough Macs and Mac users out there to count as anything, or they're all smug and worthy of a slap in the face?

People can't have it both ways.

gauchogolfer · Aug 2, 2006

So have they shown this homemade video yet? It's midnight where I am, so I guess I'll just find out the results in the morning. It would be funny if today's updates patched the exploit, though.

I'm interested what kind of control over the machine they can achieve, or if it's only to make it turn off/reboot, etc.

schenz · Aug 2, 2006

Derekasaurus said:
Do you know what a computer without drivers is? A paperweight. The OS is not a single monolithic thing; it's made up of many components. The notion of what is "written into the OS" is more complicated than you seem to think, and it's childish to dismiss a vulnerability because it's in a driver.

Well... but at least it's not Apple's fault, because they didn't produce the driver. Therefore it's actually not a concern of Apple's but of the driver's producer's.

On the other hand Apple did include it into it's OS seemingly without testing it thorougly, and that is, of course, a concern of Apple's. So they will have to work together to get rid of that - and I'm sure they will - and I may be smug again.

WildCowboy · Aug 2, 2006

schenz said:
Well... but at least it's not Apple's fault, because they didn't produce the driver. Therefore it's actually not a concern of Apple's but of the driver's producer's.

On the other hand Apple did include it into it's OS seemingly without testing it thorougly, and that is, of course, a concern of Apple's. So they will have to work together to get rid of that - and I'm sure they will - and I may be smug again.

It doesn't really matter if wasn't "Apple's fault." It's their machine that ends up being compromised and so it's their responsibility to take care of the problem. How they do that is up to them...getting Atheros to patch things is the first step, but then they could evenutally switch vendors, move to an in-house solution entirely if they aren't happy with the job Atheros is doing.

It's the end-product with a big honkin' Apple logo on it...it most certainly is their concern.

bigmc6000 · Aug 2, 2006

Point being...

Derekasaurus said:
Do you know what a computer without drivers is? A paperweight. The OS is not a single monolithic thing; it's made up of many components. The notion of what is "written into the OS" is more complicated than you seem to think, and it's childish to dismiss a vulnerability because it's in a driver.

That it, comparitively speaking, won't be as hard to apple to plug the vulnerability since all they have to do is limit the control granted via the card and/or just update the driver... You can get off your high horse now...

ChrisA · Aug 2, 2006

longofest said:
The exploit is apparently in the device driver, and so its more of an issue with Atheros than with Apple.

The drivers are part of the OS.

Apple did not write all of the OS much of it comes from BSD UNIX and some more of it comes from CMU's Mach. Many (most?) of the hundreds of applications that ship with Mac OSX are Open Source that Apple did not write.

We shouldn't care much about if Apple employees wrote the code or if they hired the job out of it the downloaded an Open Source application off the Internet. If the software has a problem it needs to be fixed.

ifjake · Aug 2, 2006

so is a paperweight with drivers a computer?

shadowfax · Aug 2, 2006

yellow said:
Well, which is it?

There aren't enough Macs and Mac users out there to count as anything, or they're all smug and worthy of a slap in the face?

People can't have it both ways.

Actually, I would say it's the easiest thing in the world to have it both ways in this case, because the scenarios you describe aren't mutually exclusive. Remember, the hacker world is not monolithic. While the majority of hackers may consider mac users a waste of time, it only takes one with some time on her hands and a beef against (smug) Mac zealots to write a virus for OS X, and that's that. I can tell you as someone who works with hackers (half of my buddies are at BlackHat this week) that OS X is NOT inherently secure, and that there are plenty of vulnerabilities that surface on it that are well-known in the "hacker" community long before they are made "public," and also long before they are also repaired by Apple.

OS X is definitely inherently more secure than Windows, but the near-complete lack of viruses/use of other exploits for them is definitely not because they are ironclad in terms of security. That should be abundantly clear from a cursitory reading of the kbase article on the latest security update. Many of those fixes were to rootkit holes! As in, god-sized sized security holes...

I'm not trying to rant or anything, but I've definitely realized in the last few months of my internship that OS X is not nearly as secure as I'd previously assumed, and also that there are a growing number of hackers that are pissed off--or at least find it amusingly laughable-- that Apple and followers are so brazenly smug about security. I hate Symantec just as much as the rest of you for their shameless plugs of their USELESS mac software, but that doesn't mean that OS X is anywhere near impenetrable, especially if you use simple word passwords--and you bet your butt the average mac user does this, if he even sets a password at all.

gekko513 · Aug 2, 2006

ebuc said:
So what happens when the owner of the MacBook closes the computer?

The computer goes to sleep, I suppose. If the attacker has installed something like a rootkit on the computer before that, the MacBook will still be compromised when it wakes up.

swingerofbirch · Aug 2, 2006

Let my voice ring clear, loud, and somber: this is not the time to be an Apple apologist. To sit back and blame a component manufacturer is to lose the point of power which comes from taking total responsibility for a shipping product, a feat which no PC manufacturer or Microsoft have ever attempted or likely will.

We and Apple should take our lumps as they have been served to us, thank these people for pointing out a weakness, apologize, strengthen and move on.

longofest · Aug 2, 2006

ChrisA said:
The drivers are part of the OS.

Apple did not write all of the OS much of it comes from BSD UNIX and some more of it comes from CMU's Mach. Many (most?) of the hundreds of applications that ship with Mac OSX are Open Source that Apple did not write.

We shouldn't care much about if Apple employees wrote the code or if they hired the job out of it the downloaded an Open Source application off the Internet. If the software has a problem it needs to be fixed.

The danger of only quoting part of a post is that you will miss the fact that the poster said pretty much the exact same thing. I was pointing out that it wasn't Apple's code, but I pointed out that they still needed to fix it.

ChrisA · Aug 2, 2006

bigmc6000 said:
...all they have to do is limit the control granted via the card..

What? How to do that? This is likely a buffer overflow exploit where a small part of the driver gets overwritten with hacker-incerted code, this code then runs inside the kernel at that point nothing can be done.

They will have to fix the defect that alowed the buffer to overflow. No other option.

This really shows the value of Open Source. So many peopl have loked for this type of stuff in Linux and other OSes that I'm sure most of it is been found and fixed but closed souce drivers are so hard to examine that there could be a hundred more of these waiting to be discovered.

MattyP · Aug 2, 2006

I wonder...

I think the question of fault is moot, if there is a security problem it needs to be fixed, and if it is a simple fix, that happens before any real life security problems occur, then all the better! What I wonder is are macbooks the only macs with the issue, or only intel macs with wireless cards, or all models using a wireless card. -for example would my powerbook g4 be vulnerable.

hmm...

Wireless Macbook Security Exploit?

macrumors bot

macrumors 6502

macrumors 68000

macrumors 6502a

macrumors 6502a

macrumors 6502a

Editor emeritus

macrumors regular

Moderator emeritus

macrumors regular

macrumors regular

macrumors member

Moderator emeritus

macrumors 603

macrumors newbie

Administrator/Editor

macrumors 6502a

macrumors G5

macrumors 6502a

macrumors 603

macrumors 603

macrumors 68040

Editor emeritus

macrumors G5

macrumors member

Our Staff