This Really “Hacks” Me Off (MacBook WiFi Vulnerability Demo Was Rigged)
This original entry from August 3 (”Professionals Hack a MacBook — and Make a Larger Point”) about WiFi card vulnerability, particularly in Apple’s MacBook laptops, was modified based on new information learned. What follows was added at the beginning of the entry.
+++++++++++++++++
August 18 UPDATE: It turns out the “presumably good guy” label in the very first sentence of the original post that begins below was VERY incorrect: (HT Techdirt):
Now it seems SecureWorks is backing away from its suggestion that MacBooks are just as vulnerable as other Wi-Fi-capable computers. The company has posted a disclaimer on its site to make it clear that the demonstration at Black Hat used a modified MacBook.
“This video presentation at Black Hat demonstrates vulnerabilities found in wireless device drivers,” the disclaimer says. “Although an Apple MacBook was used as the demo platform, it was exploited through a third-party wireless device driver–not the original wireless device driver that ships with the MacBook. As part of a responsible disclosure policy, we are not disclosing the name of the third-party wireless device driver until a patch is available.”
This is truly sad, especially in light of the snide comments from Dave Maynor and Jon “Johnny Cache” Ellch about Apple’s alleged security arrogance. It’s a trick right out of the same playbook as the rigged Dateline exploding gas tank in 1993, and it’s sickening.
Since I don’t pull posts, what is below will remain, and I’m coining a new term for people like Maynor and Ellch: MDS, or Mac Derangement Syndrome. The advice at the end of the piece (keep your wireless card off when not using it) is still a good idea, just not do-or-die urgently good.
++++++++++++++++++++
Now I’m the one hacked. As in REALLY “hacked off.” But the record is set straight — until the next MDS partisans try to put one over on us.
