No. 1 Story

Construction needs cloud flexibility

Australia’s embattled construction sector could benefit from cloud based information systems that can be switched on and off in lockstep with individual projects – with the exception of those organisations based in remote areas like the Kimberleys.

read more

Related Articles

MacBook, wireless, driver, exonerated, WiFi, hack
Old Macs vulnerable to wireless hacks expert claims
If you bought a Wi-Fi card for your iMac or PowerBook before and up...
Read More
MacBook hack attack the talk of Black Hat
A demonstration of a hack into an Apple MacBook computer on a wireless network...
Read More
Symantec raises alarm on Microsoft Word hack attack
Worries about Microsoft Word attachments in emails have surfaced with the news that hackers...
Read More

Popular Threads

MacBook wireless driver exonerated in Wi-Fi hack

Stan Beer
Saturday, 19 August 2006 11:30

Business IT - Security

View Comments

The company employing two security specialists who caused a sensation in early August at the Black Hat security conference in Las Vegas when they demonstrated how to hack an Apple MacBook wirelessly has been forced to eat humble pie. It turns out that the two hackers did not use the native MacBook wireless driver in their hacking demonstration.

Although the hackers, David Maynor and Jon Ellch, from Atlanta based security company SecureWorks, did not say they were using a third party wireless device driver in their demonstration, they did say that vulnerability was not a Mac problem but a weakness with wireless device drivers in general.

No doubt, however, the folks at Cupertino would have been wanting to know from SecureWorks where the weakness was in the Apple MacBook wireless device driver.

The folks in Atlanta have given Apple its answer on the home page of the SecureWorks website. In its introduction to a video recording of the hacking presentation that was given at Black Hat a SecureWorks statement reads:

"This video presentation at Black Hat demonstrates vulnerabilities found in wireless device drivers. Although an Apple MacBook was used as the demo platform, it was exploited through a third-party wireless device driver - not the original wireless device driver that ships with the MacBook. As part of a responsible disclosure policy, we are not disclosing the name of the third-party wireless device driver until a patch is available."

That sounds very much like the two SecureWorks hackers could not find a weakness in the MacBook device driver. They merely demonstrated a vulnerability found in one particular device driver of unnamed origin. Since MacBook users would have no reason to use a wireless device driver other than the native one, it would appear the two hackers simply used the MacBook for dramatic effect.

The demo was akin to loading Windows XP on a Macintosh, exploiting unpatched vulnerability MS0-060, then saying that this was a demonstration of how a Mac could be hacked.

Perhaps some day, some enterprising security expert will find a way to wirelessly hack a MacBook using its native driver. However, until then surely it would be more helpful to users if security companies demonstrate real life scenarios rather than conjure up contrived events to gain publicity.

Our Services for Technology Professionals

E - mail News SMS Headlines Desktop Alerts News Feeds Job Alerts Technology Events Press-Releases