Linked by Thom Holwerda on Tue 20th Mar 2007 18:41 UTC, submitted by makfu
Apple "Last summer, when I wrote 'Vicious orchestrated assault on MacBook wireless researchers', it set off a long chain of heated debates and blogs. I had hoped to release the information on who orchestrated the vicious assault, but threats of lawsuits and a spineless company that refused to defend itself meant I couldn't disclose the details. A lot has changed since then: Researcher David Maynor is no longer working for SecureWorks, and he's finally given me permission to publish the details."
Permalink for comment 223028
To read all comments associated with this story, please click here.
Contradicts his conclusions
by MonkeyPie on Tue 20th Mar 2007 22:56 UTC
MonkeyPie
Member since:
2005-07-06

In his letter to Lynn, Maynor writes the following:

I want to clarify something about the wifi device driver exploit we demonstrated at Black Hat in Las Vegas a couple weeks ago.

Confusion has mounted as to whether the exploit I demoed at Black Hat and for Brian Krebs of the Washington Post is reliant the use of a third party driver. In short, the answer is yes. The MacBook is not inherently vulnerable to the attack, and I never said that it was.


He says that the stock MacBook is not vulnerable to the attack.

Ou then goes on to say:

So what was the end result of all this? Apple continued to claim that there were no vulnerabilities in Mac OS X, but came a month later and patched its wireless drivers (presumably for vulnerabilities that didn't actually exist). Apple patched these "nonexistent vulnerabilities" but then refused to give any credit to David Maynor and Jon Ellch.

Apple didn't deny that there were NO vulnerabilities in OS X, they denied that this method would work on the stock configuration MacBook.

And, Maynor and Ellch didn't deserve credit for the actual patches. They just triggered and internal audit, and Apple employees found some vulnerabilities/flaws regarding their drivers.

A lot of controversy still remains though, partly due to another quote from Maynor to Fleichman of Wi-Fi Networking News:

Umm..I did release the code, it should be showing up on websites at any time. The code proves you can control both a broadcom based powerbook and an atheros based macbook. The only thing missing from the code is the weaponized shellcode which is part of a talk I am doing in a few months.

So which is it? To Lynn he says it isn't capable to use this exploit on a stock MacBook. But to Fleishman he says that it is. That's pretty contradictory.

*Edit due to gross misspellings on my part. Oops

Edited 2007-03-20 23:05

Reply Score: 5