If you want to grab the attention of a roomful of hackers, one sure fire way to do it is to show them a new method for remotely circumventing the security of an Apple Macbook computer to seize total control over the machine. That's exactly what hackers Jon "Johnny Cache" Ellch and David Maynor plan to show today in their Black Hat presentation on hacking the low-level computer code that powers many internal and external wireless cards on the market today.
Quote -During the course of our interview, it came out that Apple had leaned on Maynor and Ellch pretty hard not to make this an issue about the Mac drivers -- mainly because Apple had not fixed the problem yet. Maynor acknowledged that he used a third-party wireless card in the demo so as not to draw attention to the flaw resident in Macbook drivers. But he also admitted that the same flaws were resident in the default Macbook wireless device drivers, and that those drivers were identically exploitable.
News source:
Quote -
To all of the commenters who complained about why this demo was not shown live, I refer you back to the text of the blog post, which pointed out the dangers inherent in showing this type of exploit live to a room overflowing with curious hackers who would like nothing more than to capture a copy of the exploit wirelessly and experiment with it.
It is important to note that this is not specific to Mac computers, this is a generic vulnerability with wireless card drives. A Mac was used only to add greater interest and excitement to this vulnerability. Maynor shares two excellent quotes though:
Quote -
"We're not picking specifically on Macs here, but if you watch those 'Get a Mac' commercials enough, it eventually makes you want to stab one of those users in the eye with a lit cigarette or something,"
and
Quote -
Still, the presenters said they ultimately decided to run the demo against a Mac due to what Maynor called the "Mac user base aura of smugness on security."
-1 Comments - Add comment