Business IT - Technology for your business

No. 1 Story

Telstra adds one million mobile services, but Sensis plummets

Telstra has revealed the addition of almost one million new mobile services in the six months to December 2011, but Sensis revenues plummeted 24 percent in 12 months.

 read more
StumbleUponSubmit to redditShare this on TwitterShare on facebook | Print |PDF 

MacBook wireless driver exonerated in Wi-Fi hack

Stan Beer
Saturday, 19 August 2006 12:30

Business IT - Security

The company employing two security specialists who caused a sensation in early August at the Black Hat security conference in Las Vegas when they demonstrated how to hack an Apple MacBook wirelessly has been forced to eat humble pie. It turns out that the two hackers did not use the native MacBook wireless driver in their hacking demonstration.

Although the hackers, David Maynor and Jon Ellch, from Atlanta based security company SecureWorks, did not say they were using a third party wireless device driver in their demonstration, they did say that vulnerability was not a Mac problem but a weakness with wireless device drivers in general.

No doubt, however, the folks at Cupertino would have been wanting to know from SecureWorks where the weakness was in the Apple MacBook wireless device driver.

The folks in Atlanta have given Apple its answer on the home page of the SecureWorks website. In its introduction to a video recording of the hacking presentation that was given at Black Hat a SecureWorks statement reads:

"This video presentation at Black Hat demonstrates vulnerabilities found in wireless device drivers. Although an Apple MacBook was used as the demo platform, it was exploited through a third-party wireless device driver - not the original wireless device driver that ships with the MacBook. As part of a responsible disclosure policy, we are not disclosing the name of the third-party wireless device driver until a patch is available."

That sounds very much like the two SecureWorks hackers could not find a weakness in the MacBook device driver. They merely demonstrated a vulnerability found in one particular device driver of unnamed origin. Since MacBook users would have no reason to use a wireless device driver other than the native one, it would appear the two hackers simply used the MacBook for dramatic effect.

The demo was akin to loading Windows XP on a Macintosh, exploiting unpatched vulnerability MS0-060, then saying that this was a demonstration of how a Mac could be hacked.

Perhaps some day, some enterprising security expert will find a way to wirelessly hack a MacBook using its native driver. However, until then surely it would be more helpful to users if security companies demonstrate real life scenarios rather than conjure up contrived events to gain publicity.

Loading comments ...

Sponsored Announcements

Websense #1 in Web Security Fourth Year in a Row

David Bass | For the fourth year in a row, IDC has placed content security provider Websense (NASDAQ: WBSN) at the top of the IDC Worldwide Web Security 2011 –…

You may have missed


Advertisement

- sponsored feature -

The Death of Traditional BI: What’s Next?

How to Make Business Discovery Work for Your Business IP PABX BUYING GUIDE

Business Discovery takes its cues from consumer apps. Like Google, it encourages us- ers to hunt for and explore data without worrying about or even noticing the underly- ing technology. Their entire experience is working within an intuitive interface to get real-time, self-service results with only minimal training. ...more

Our Services for Technology Professionals

E - mail News SMS Headlines Desktop Alerts News Feeds Job Alerts Technology Events Press-Releases