Wireless Macbook Security Exploit?

[MacRumors]

http://www.macrumors.com/images/macrumorsthreadlogo.gif

A blog notes that two hackers are demonstrating a security flaw in the Macbook's device driver that would allow them to "seize total control over the machine".

Quote:

...this attack can be carried out whether or not a vulnerable targeted laptop connects with a local wireless network. It is, they said, enough for a vulnerable machine to have its wireless card active for such an attack to be successful.

Similar vulnerabilities have also been found in corresponding Windows wireless drivers but the two are demoing the vulnerability on the Mac due to Apple's recent advertising on Mac OS X's security.

The vulnerability has not been described to be "in the wild", and the two have been in touch with Apple, Microsoft and other companies responsible for the drivers.

[ModestPenguin]

Dirty whiney windows users messing with our macs.

Back off.

[spicyapple]

In under a minute, no less.

[bigmc6000]

In response to the advertisements my @$$! Figures they'd try to go after something that isn't written into the OS since we all know how hard that is. So big deal - put out a firmware update for the AirPort Extreme card and it's fixed - Next please!!

[Mammoth]

It's nice to know that they're trying to rid this problem.

[dizastor]

Quote:

Originally Posted by Mammoth

It's nice to know that they're trying to rid this problem.

The wireless hack or the onslaught of windows switchers?

[longofest]

The exploit is apparently in the device driver, and so its more of an issue with Atheros than with Apple. I mean, a vulnerability is a vulnerability, and it still needs to be fixed, but the compromised code is most likely not Apple's at least.

[ebuc]

So what happens when the owner of the MacBook closes the computer?

[yellow]

Quote:

Originally Posted by longofest

but the compromised code is most likely not Apple's at least.

I concur. They simply chose a Mac to be a cock. How's that for smugness?

Quote:

Originally Posted by ebuc

So what happens when the owner of the MacBook closes the computer?

Exploit defeated.

[Compatiblepoker]

Saw that one coming. I cringe everytime I see an Apple security commercial. It's like spitting in the hackers face.

[bluetorch18]

Quote:

Originally Posted by ebuc

So what happens when the owner of the MacBook closes the computer?

That'll show the bastards...

[Derekasaurus]

Quote:

Originally Posted by bigmc6000

Figures they'd try to go after something that isn't written into the OS since we all know how hard that is.

Do you know what a computer without drivers is? A paperweight. The OS is not a single monolithic thing; it's made up of many components. The notion of what is "written into the OS" is more complicated than you seem to think, and it's childish to dismiss a vulnerability because it's in a driver.

Quote:

Originally Posted by yellow

They simply chose a Mac to be a cock. How's that for smugness?

Actually it's the smug attitude of so many Mac owners that makes them such satisfying targets. You reap what you sow. I've been using Macs since 1984 (and PCs about as long) and Mac users get on my nerves sometimes.

[yellow]

Well, which is it?

There aren't enough Macs and Mac users out there to count as anything, or they're all smug and worthy of a slap in the face?

People can't have it both ways.

[gauchogolfer]

So have they shown this homemade video yet? It's midnight where I am, so I guess I'll just find out the results in the morning. It would be funny if today's updates patched the exploit, though.

I'm interested what kind of control over the machine they can achieve, or if it's only to make it turn off/reboot, etc.

[schenz]

Quote:

Originally Posted by Derekasaurus

Do you know what a computer without drivers is? A paperweight. The OS is not a single monolithic thing; it's made up of many components. The notion of what is "written into the OS" is more complicated than you seem to think, and it's childish to dismiss a vulnerability because it's in a driver.

Well... but at least it's not Apple's fault, because they didn't produce the driver. Therefore it's actually not a concern of Apple's but of the driver's producer's.

On the other hand Apple did include it into it's OS seemingly without testing it thorougly, and that is, of course, a concern of Apple's. So they will have to work together to get rid of that - and I'm sure they will - and I may be smug again.

[WildCowboy]

Quote:

Originally Posted by schenz

Well... but at least it's not Apple's fault, because they didn't produce the driver. Therefore it's actually not a concern of Apple's but of the driver's producer's.

On the other hand Apple did include it into it's OS seemingly without testing it thorougly, and that is, of course, a concern of Apple's. So they will have to work together to get rid of that - and I'm sure they will - and I may be smug again.

It doesn't really matter if wasn't "Apple's fault." It's their machine that ends up being compromised and so it's their responsibility to take care of the problem. How they do that is up to them...getting Atheros to patch things is the first step, but then they could evenutally switch vendors, move to an in-house solution entirely if they aren't happy with the job Atheros is doing.

It's the end-product with a big honkin' Apple logo on it...it most certainly is their concern.

[bigmc6000]

Quote:

Originally Posted by Derekasaurus

Do you know what a computer without drivers is? A paperweight. The OS is not a single monolithic thing; it's made up of many components. The notion of what is "written into the OS" is more complicated than you seem to think, and it's childish to dismiss a vulnerability because it's in a driver.

That it, comparitively speaking, won't be as hard to apple to plug the vulnerability since all they have to do is limit the control granted via the card and/or just update the driver... You can get off your high horse now... :-P

[ChrisA]

Quote:

Originally Posted by longofest

The exploit is apparently in the device driver, and so its more of an issue with Atheros than with Apple.

The drivers are part of the OS.

Apple did not write all of the OS much of it comes from BSD UNIX and some more of it comes from CMU's Mach. Many (most?) of the hundreds of applications that ship with Mac OSX are Open Source that Apple did not write.

We shouldn't care much about if Apple employees wrote the code or if they hired the job out of it the downloaded an Open Source application off the Internet. If the software has a problem it needs to be fixed.

[ifjake]

so is a paperweight with drivers a computer?

[shadowfax]

Quote:

Originally Posted by yellow

Well, which is it?

There aren't enough Macs and Mac users out there to count as anything, or they're all smug and worthy of a slap in the face?

People can't have it both ways.

Actually, I would say it's the easiest thing in the world to have it both ways in this case, because the scenarios you describe aren't mutually exclusive. Remember, the hacker world is not monolithic. While the majority of hackers may consider mac users a waste of time, it only takes one with some time on her hands and a beef against (smug) Mac zealots to write a virus for OS X, and that's that. I can tell you as someone who works with hackers (half of my buddies are at BlackHat this week) that OS X is NOT inherently secure, and that there are plenty of vulnerabilities that surface on it that are well-known in the "hacker" community long before they are made "public," and also long before they are also repaired by Apple.

OS X is definitely inherently more secure than Windows, but the near-complete lack of viruses/use of other exploits for them is definitely not because they are ironclad in terms of security. That should be abundantly clear from a cursitory reading of the kbase article on the latest security update. Many of those fixes were to rootkit holes! As in, god-sized sized security holes...

I'm not trying to rant or anything, but I've definitely realized in the last few months of my internship that OS X is not nearly as secure as I'd previously assumed, and also that there are a growing number of hackers that are pissed off--or at least find it amusingly laughable-- that Apple and followers are so brazenly smug about security. I hate Symantec just as much as the rest of you for their shameless plugs of their USELESS mac software, but that doesn't mean that OS X is anywhere near impenetrable, especially if you use simple word passwords--and you bet your butt the average mac user does this, if he even sets a password at all.

[gekko513]

Quote:

Originally Posted by ebuc

So what happens when the owner of the MacBook closes the computer?

The computer goes to sleep, I suppose. If the attacker has installed something like a rootkit on the computer before that, the MacBook will still be compromised when it wakes up.

[swingerofbirch]

Let my voice ring clear, loud, and somber: this is not the time to be an Apple apologist. To sit back and blame a component manufacturer is to lose the point of power which comes from taking total responsibility for a shipping product, a feat which no PC manufacturer or Microsoft have ever attempted or likely will.

We and Apple should take our lumps as they have been served to us, thank these people for pointing out a weakness, apologize, strengthen and move on.

[longofest]

Quote:

Originally Posted by ChrisA

The drivers are part of the OS.

Apple did not write all of the OS much of it comes from BSD UNIX and some more of it comes from CMU's Mach. Many (most?) of the hundreds of applications that ship with Mac OSX are Open Source that Apple did not write.

We shouldn't care much about if Apple employees wrote the code or if they hired the job out of it the downloaded an Open Source application off the Internet. If the software has a problem it needs to be fixed.

The danger of only quoting part of a post is that you will miss the fact that the poster said pretty much the exact same thing. I was pointing out that it wasn't Apple's code, but I pointed out that they still needed to fix it.

[ChrisA]

Quote:

Originally Posted by bigmc6000

...all they have to do is limit the control granted via the card..

What? How to do that? This is likely a buffer overflow exploit where a small part of the driver gets overwritten with hacker-incerted code, this code then runs inside the kernel at that point nothing can be done.

They will have to fix the defect that alowed the buffer to overflow. No other option.

This really shows the value of Open Source. So many peopl have loked for this type of stuff in Linux and other OSes that I'm sure most of it is been found and fixed but closed souce drivers are so hard to examine that there could be a hundred more of these waiting to be discovered.

[MattyP]

I think the question of fault is moot, if there is a security problem it needs to be fixed, and if it is a simple fix, that happens before any real life security problems occur, then all the better! What I wonder is are macbooks the only macs with the issue, or only intel macs with wireless cards, or all models using a wireless card. -for example would my powerbook g4 be vulnerable.

hmm...