backtop


Print 60 comment(s) - last by Pirks.. on Aug 7 at 7:35 PM

Security experts say poor driver design leaves doors wide open

Two security researchers from Black Hat this week revealed a method in which a MacBook can be broken into and taken control of. In fact, the intrusion method is at such a low level that even firewalls and anti-virus applications can't help. Based on flaws in wireless network driver design, Apple's line of MacBooks -- and MacBook Pros -- allows an attacker to remotely bypass the security of the laptop and the operating system.

Jon Ellch and David Maynor from Black Hat say that drivers for Apple's notebooks are developed not in house, but outside using contracted development companies. Ellch says that often times, these development people are under so much pressure from higher management to get working drivers so that companies can rush our products to market. Under circumstances like this, drivers for devices such as wireless network processors enter "the wild" in an untested state.

However, Mayner said that "we're not picking specifically on Macs here, but if you watch those 'Get a Mac' commercials enough, it eventually makes you want to stab one of those users in the eye with a lit cigarette or something." Mayner cites that many of Apple's commercials claim that Macs don't suffer from the same security vulnerabilities that PCs do but in fact, they do.

The team at Black Hat demonstrated that they could circumvent the Wi-Fi security and OS level security in a MacBook and within just 60 seconds, were able to take complete control of the machine. Black Hat demonstrated the technique through a pre-recorded video to prevent anyone from intercepting the wireless network traffic to deconstruct the attack and release it elsewhere. Black Hat said that it has been in contact with both Apple and Microsoft, because the vulnerability exists on both sides.



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

RE: Amen
By Pirks on 8/4/2006 9:49:59 PM , Rating: 0
quote:
Seriously, who buys a computer with a base cost of $3200USD that only has 250GB HD, 512MB of RAM, and a 6600 video card
sherman, you're getting in the same old trap again and again - you compare modern desktop Wintels with ancient PowerPC Macs. When are you going to stop falling in the same manhole? Can't you see current Intel iMacs are VERY different both price-wise and feature-wise from old museum PPC PowerMacs? I don't even understand why you bother posting here comparing some museum Apple computers with modern Intel PCs - yeah, I CAN TOO compare Win 3.1 with Mac OS X 10.4.7 and you know what? Win 3.1 SUCKS! You don't buy my argument of comparing old technology to new one? THEN PLEASE DON'T USE SAME ARGUMENT YOURSELF, would you pleeaase??!
quote:
It is arguably more secure because, IMO OSX has a very small market share compared to the likes of MS, so they arent target as much
That's another common mistake majority AT readers make, when they ignore OS roots and architecture. Sure it's so easy to forget and even not to know about what Windows ideology is (root for all by default, for most home users) versus Unix and OS X ideology - no root for anyone, even for home users - enter your root password all the time please if you wanna install apps or do something suspicious. Of course for such people OS X only has too small market share - please guys educate yourself first about basic OS security stuff and especially how Unix approaches it, before spitting out another nonsense here.

If OS X were based on the same roots as Windows and on the same ideology, I wouldn't say all that, believe me!
quote:
I do agree the Jorbs and his crew do a good job of keeping us on the edge of our seat sometimes, at somepoint that will get old.
Creativity never gets old. If Apple lails at some time I'm sure someone will step in their shoes instead - there will always be technology pushers and the rest - the followers, like you and me. Someone will invent another Mac Mini which will be immediately cloned by you know who and so on forever and ever - this is never ending process, Apple is just a current symbol of it. Symbol dies, process remains ;-)
quote:
Theres nothing like spending $1000+ on a computer that gets a whole new redesign every other year, or sooner. That will get old, albiet down the road.
Same for this as well - replacing the whole computer will never get old, in fact majority of users do just that - they throw or sell the old PC and use a new one. Apple just follows the mass trend, and reaps solid $$$ in the process. You know you can sell the old Mac on eBay and pick up a new one any time, even on the same eBay - so this argument sounds pretty dumb to me.
quote:
Not to mention, later this year they are likely to have a dual quad... which is just nutsy *drools*, and SUPER insanely expensive.
That's not interesting - Dell sells these millionaire PCs for $10k a pop for a long time already, nothing new - Apple will just join the Voodoo/Alienware/etc crowd. Competition in high end PCs is NOT their place, they'll just participate on "me too" level.
quote:
Their is validity to both sides, but ultimately I feel that Apple users are due for a VERY rude awakening within the next year or so
Yeah, those who bought Mac to run Windows XP will be probably disappointed, but when they switch into OS X they will be okay - if you have regular patches and follow OS instructions (don't do root etc) they you're gonna be okay. Come on, its Unix, what's gonna happen? Your user account will be taken in the worst case - the core system should be free from any malware - that's if you behave sensibly, keep OS updated etc - I behave sensibly on XP and had no viruses since Win98 days. Look, if you can achieve this with XP where everything is root then it's a total piece of cake in OS X, right? ;-)


RE: Amen
By ksherman on 8/4/2006 9:59:10 PM , Rating: 2
quote:
sherman, you're getting in the same old trap again and again - you compare modern desktop Wintels with ancient PowerPC Macs. When are you going to stop falling in the same manhole? Can't you see current Intel iMacs are VERY different both price-wise and feature-wise from old museum PPC PowerMacs? I don't even understand why you bother posting here comparing some museum Apple computers with modern Intel PCs - yeah, I CAN TOO compare Win 3.1 with Mac OS X 10.4.7 and you know what? Win 3.1 SUCKS! You don't buy my argument of comparing old technology to new one? THEN PLEASE DON'T USE SAME ARGUMENT YOURSELF, would you pleeaase??!


Those specs were still for shit when the Quad was released. Not enough hardware for the price, thats all im saying. You spend that much on a dell/alienware, you get a MUCH better Video Card/HD/Base RAM, even then (which was only about a year ago remember)


RE: Amen
By Pirks on 8/5/2006 1:30:22 AM , Rating: 1
quote:
Those specs were still for shit when the Quad was released. Not enough hardware for the price, thats all im saying.
Not enough hardware for PowerPC Quad? Excuse me? COULD YOU BUY PowerPC quad-core computer ANYWHERE ELSE BACK THEN? NO? Then put your sticker back and don't take it off until you understand this: "one can not compare apples and oranges, especially when there is one unique special apple (PPC Quad monster) and an ocean of similar looking oranges (your cheap beige Wintel PCs)"

Do you understand, sherman? You _can't_ compare them - they are WAY TOO DIFFERENT to be compared. Agreed?

If not - tell me why quad-core PPC computer is exactly the same as your standard issue Intel P4 Dell PC, gimme some solid technical arguments please. Thanks.


"If you mod me down, I will become more insightful than you can possibly imagine." -- Slashdot











botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki