Linked by Thom Holwerda on Thu 3rd Aug 2006 22:14 UTC
Privacy, Security, Encryption An attacker could gain complete control over a laptop by sending malformed network traffic to a vulnerable computer, David Maynor, a senior researcher at security service provider SecureWorks, said in a presentation at the Black Hat security event. Maynor, along with researcher Jon 'Johnny Cache' Ellch, showed a video of a successful attack on an Apple Computer MacBook. However, the attack is possible also on other computers, both laptops and desktops, and not just MacBooks, the researchers said. The recent security fixes issued by Intel are not related to this issue.
Order by: Score:
Simpler wireless systems?
by ma_d on Thu 3rd Aug 2006 22:23 UTC
ma_d
Member since:
2005-06-29

Should we be simplifying wireless to make security more attainable with fewer driver upgrades? Driver updates can be a very very nasty thing on any system if not done correctly (beware the drivers on Windows update ;) ). So, I'd imagine that due to the complexities and importance of reliable drivers it'd be better to make the devices simple to a fault rather than complex to a fault.

What's worse, people sniffing your packets or scanning your hard drive after they exploit your wireless driver? And how long is the typical cycle to get updated drivers installed (typical user)?

An alterior motive would be the hope that simpler and more secure devices would allow for better free drivers.

Reply Score: 1

OpenBSD unlikely affected
by Bink on Thu 3rd Aug 2006 23:20 UTC
Bink
Member since:
2006-02-19

From
http://www.securityfocus.com/brief/271

"Systems running OpenBSD are unlikely to be affected based on that open-source group's refusal to use "binary blobs" in their device drivers, and their subsequent reverse engineering of numerous WiFi chipsets to provide open-source alternatives to manufacturer's device drivers."

Reply Score: 5

Does anyone have an example?
by voidlogic on Thu 3rd Aug 2006 23:28 UTC
voidlogic
Member since:
2005-09-03

Does anyone know where example code is posted to do this? I'm interested.

Reply Score: 1

RE: Does anyone have an example?
by elsewhere on Thu 3rd Aug 2006 23:41 UTC in reply to "Does anyone have an example?"
elsewhere Member since:
2005-07-13

Does anyone know where example code is posted to do this? I'm interested.

AFAIK they have specifically withheld the code. In fact, they opted to use a video instead of doing it live to avoid anyone in the audience from sniffing out their technique.

Of course, that could just be for dramatic effect. They've apparently been in contact with the manufacturers, so if this is really the case, it would probably be a bit irresponsible to release exploit code this early into it.

Reply Score: 1

netpython Member since:
2005-07-06

This is just an example of a 0day exploit.It's naive to think this is the only one:-)

Reply Score: 3

Built in wireless?
by skingers6894 on Thu 3rd Aug 2006 23:36 UTC
skingers6894
Member since:
2005-08-10

Does this issue affect the built in wireless of the Macbook?

Reply Score: 1

RE: Built in wireless?
by elsewhere on Thu 3rd Aug 2006 23:43 UTC in reply to "Built in wireless?"
elsewhere Member since:
2005-07-13

Does this issue affect the built in wireless of the Macbook?

Not sure, they used a third-party card in the Mac, they wanted to demonstrate that the driver flaws were platform agnostic. They weren't specifically singling out the Mac as being insecure itself, that was just showmanship.

Reply Score: 1

RE[2]: Built in wireless?
by eMagius on Fri 4th Aug 2006 04:19 UTC in reply to "RE: Built in wireless?"
eMagius Member since:
2005-07-06

The researchers have stated that the built-in wifi of the MacBook is vulnerable to this exploit.

Reply Score: 1

RE[3]: Built in wireless?
by skingers6894 on Fri 4th Aug 2006 05:19 UTC in reply to "RE[2]: Built in wireless?"
skingers6894 Member since:
2005-08-10

Interesting.

I wonder why they chose to put a card in the macbook when all macbooks already have wireless built in. Certainly that would show that every macbook is affected.

Still. The exploit from what I understand requires the attacker to look like a base station. I think the Mac always asks before joining a network you haven't joined before.

Obviously it needs to be fixed though!

Reply Score: 1

RE: Built in wireless?
by Cass on Fri 4th Aug 2006 02:14 UTC in reply to "Built in wireless?"
Cass Member since:
2006-03-17

Doubt it or else id assume he wouldnt have used a 3rd party card ...

Reply Score: 1

RE[2]: Built in wireless?
by Rayz on Fri 4th Aug 2006 09:19 UTC in reply to "RE: Built in wireless?"
Rayz Member since:
2006-06-24

The exploit will work with the standard Airport cards. Apparently, the hackers were pressured by Apple reps, not to show Airport in their demonstration.

http://blog.washingtonpost.com/securityfix/2006/08/followup_to_macb...

So does everyone use the same code for the drivers?

Reply Score: 4

aent
Member since:
2006-01-25

So why doesn't Novell want proprietary drivers?

Your answer is right here. This is one of the huge problems with proprietary drivers. Open source drivers aren't dependant on waiting for a manufacturers patch for their drivers, and many old cards will probably not receive patches, which again isn't a concern with open source drivers.

Reply Score: 5

Soulbender
Member since:
2005-08-18

"Open source drivers aren't dependant on waiting for a manufacturers patch for their drivers"

Additionally, as anyone who has used Windows for any period of time knows, many many hardware vendor drivers are total junk.

Reply Score: 2

quote
by netpython on Fri 4th Aug 2006 10:41 UTC
netpython
Member since:
2005-07-06

"That 99% of the community thinks that there computers can never be penetrated thus the majority of Max users have no virus or firewall protection. Well hate to say it but welcome to the real world."

Well said:-)

Reply Score: 4