MacBook wireless driver exonerated in Wi-Fi hack

By Stan Beer
Saturday, 19 August 2006 11:30

The company employing two security specialists who caused a sensation in early August at the Black Hat security conference in Las Vegas when they demonstrated how to hack an Apple MacBook wirelessly has been forced to eat humble pie. It turns out that the two hackers did not use the native MacBook wireless driver in their hacking demonstration.

Although the hackers, David Maynor and Jon Ellch, from Atlanta based security company SecureWorks, did not say they were using a third party wireless device driver in their demonstration, they did say that vulnerability was not a Mac problem but a weakness with wireless device drivers in general.

No doubt, however, the folks at Cupertino would have been wanting to know from SecureWorks where the weakness was in the Apple MacBook wireless device driver.

The folks in Atlanta have given Apple its answer on the home page of the SecureWorks website. In its introduction to a video recording of the hacking presentation that was given at Black Hat a SecureWorks statement reads:

"This video presentation at Black Hat demonstrates vulnerabilities found in wireless device drivers. Although an Apple MacBook was used as the demo platform, it was exploited through a third-party wireless device driver - not the original wireless device driver that ships with the MacBook. As part of a responsible disclosure policy, we are not disclosing the name of the third-party wireless device driver until a patch is available."

That sounds very much like the two SecureWorks hackers could not find a weakness in the MacBook device driver. They merely demonstrated a vulnerability found in one particular device driver of unnamed origin. Since MacBook users would have no reason to use a wireless device driver other than the native one, it would appear the two hackers simply used the MacBook for dramatic effect.

The demo was akin to loading Windows XP on a Macintosh, exploiting unpatched vulnerability MS0-060, then saying that this was a demonstration of how a Mac could be hacked.

Perhaps some day, some enterprising security expert will find a way to wirelessly hack a MacBook using its native driver. However, until then surely it would be more helpful to users if security companies demonstrate real life scenarios rather than conjure up contrived events to gain publicity.