What a greta quote:

"the presenters said they ultimately decided to run the demo against a Mac due to what Maynor called the "Mac user base aura of smugness on security.""

amanda m - you only need to have your wireless card running for it to be potentially exploited. It doesn't have to join a network. Disable the card when you're not using it.

Thank you for this article. I just went in and told my macbook to ask before joining any wireless network. I did have it set to automatically join.

I only insert my Wi-Fi card if I need to be on a network. Of course that doesn't solve this problem, but it does mean the notebook is not a constant target.

Unfortunately as PC card slots are reduced in number and most notebooks have built-in wireless, disabling it actually requires a thought process that most of us won't make time for.

Maybe protecting against driver hacks are the next opportunity for the firewall industry. Thanks Brian!

Does this security flaw affect desktop computers running on home wireless networks?

So, this actually has nothing at all to do with it being a Mac, other than an opportunity for a windows user to crack a smirk. When that smirking guy actually reads the article, he/she/it will realize that this exploit is there for whatever operating system is running on the effected hardware. It is an exploit for specific third party hardware. I guess actually this is a testament to OS 10.4, that someone has to go to such great lengths to hack it.

Good job sticking it to those stuck up Mac users!

"Still, the presenters said they ultimately decided to run the demo against a Mac due to what Maynor called the "Mac user base aura of smugness on security."

Eh? We use Mac's because they're lovely machines to work with. Smugness implies that we think we are somehow better than the people that use Windows? Well, that's not the case. We are better off than most computer users for security. Smug? No. These guys should point out the inevitable flaws in systems - not make some tired tirade against Mac users. Boring.

It's worth remembering
1. There are over 25 million mac users out there. That installed base is certainly large enough to propagate an attack
2. When the Vista beta came out, to fewer than 10,000 people a virus appeared for it within a week

So much for the security via obscurity myth.

To date no virus, no worm, no malware, no spyware has been successfully launched and spread against OS X.

There ARE viruses for Word of course..but these have no effect on the OS itself and are easily removed with free software.

Hackers and script kiddies have switched in recent times to more lucrative pursuits with less malice and more profit in mind. Hence the targeting of those systems most commonly used in business. Follow the money.

If macs were used heavily in business they would likely be attacked more frequently...but it's not worth it MONETARILY.
If it were only about "hacker pride" wouldn't infecting 3 million or 5 million or 25 million users be something worth bragging about?

Mac people rag on PCs because they are less secure, but that doesn't make PCs inherantly inferior. There are many aspects to consider when judging a computer or operating system. Both Mac and PC fanatics are missing the point.

Most Mac users realize that their computers are vulnerable to hackers. That is not the same thing as saying that Macs are vulnerable to viruses.

Brian, anxious to denigrate Mac security, fails to put this exploit in perspective. The target of this exploit has to be within wireless range of the hacker. Compare that to an exploit where the target has to be connected to the internet.

Michael: They would not be doing a talk at Blackhat with the world watching if they didn't have a working exploit. If it is all bunk, their reputations are gone.

Its tough to say exactly how this attack works without all the details, however drivers are software, software is vulnerable to exploitation (i.e. buffer overflows, etc...), which leads to total system control.

This is merely a different vector for an attack.

This whole debate got me switched to Mac. There is no doubt the OSX is secure, besides being rock solid, easier to use and prettier. I don't care if the Mac gets a few vulnerabilities as I'm confident Apple will fix them swiftly. After all Apple doesn't have the huge problems Microsoft has with Windows and Office.

I'm delighted with my switch to Mac and from what I see the Mac community isn't made up of hackers and swindlers. Its made up of honest decent people like me getting on with their lives.

ever wonder why macs aren't targeted nearly as much as pcs? it's the same reason why firefox is a safer bet than internet explorer: user base. there are far more pc users than there are mac users. therefore there are going to more attacks on pcs based on sheer numbers. i myself want a macbook pro so i'm not speaking out against mac users, i just feel that this goes to show that they have a false sense of security. but then again so do all computer users.

PC users...just give it up already. No one who is "in the know" ever said Macs are completely invulnerable. The fact is, they are as invulnerable as you can get and that's all that matters. If you prefer 200,000 viruses to none (or a handful at best depending on your definition) or an OS that's much mre likely to be hacked than not, then by all means keep your Wintels. If you want a much more secure system, then get a Mac. But if you think that a single or even a handful of exploits makes a Mac as vulnerable as a PC, then your just trying to make yourself feel better about your choice to stick with a PC.

Let's just assume that there are fewer viruses, malware etc. for the Mac because of the much smaller userbase (I know it's not the reason, but let's just assume). At what percentage of marketshare or a what userbase number will the Mac be interesting for hackers/crackers to start writing viruses or other malware? Will it be at 20%, 25%, 40%, 50% marketshare? Who knows?

What I do know is that the Mac will not reach a significant enough increase in marketshare or userbase over the next 5 years. In other words, the Mac will remain to be uninteresting for malware writers for many years, if the criteria for writing malware is marketshare or userbase.

It's safe to buy a Mac in the next 5 years for sure. If you want to be safe and not have to deal with malware, your next computer should surely be a Mac!

What does "seize total control over the machine" mean? Does this mean they can seize control of the OS? Can they simply shut it down remotely? We need more information about what they can actually do once they "seize control over the machine."

I have heard enough hackers brag about what they can supposedly do and have it turn out to be the most trivial exploit. Tell us what they can actually do when they have control. I doubt they have full control of the Mac OS using this exploit.

What does "seize total control over the machine" mean? Does this mean they can seize control of the OS? Can they simply shut it down remotely? We need more information about what they can actually do once they "seize control over the machine."

I have heard enough hackers brag about what they can supposedly do and have it turn out to be the most trivial exploit. Tell us what they can actually do when they have control. I doubt they have full control of the Mac OS using this exploit.

you don't understand the point...when apple's user base grows, the potential for mac hackers grows. that's why firefox isn't as safe as it used to be. people continue to migrate to firefox and in turn firefox now is as much a target as internet explorer.

winblows isn't the only os dealing with security weaknesses:
http://blog.washingtonpost.com/securityfix/2006/08/apple_issues_bundle_of_securit.html

For crying out loud, John. You Mac people just don't get it. There are no hacks for Mac because no one cares about hacking Macs. Why would I design a virus that works on less than 10% of all computers? That would be dumb. The very nature of a virus means that it has to spread in the wild, and you therefore need to target the largest number of machines. How well do you think a virus targeted at Commodore 64 machines would do? Same scenario here, my friend.

I agree about the user-base issue. I also agree that the Mac OS has its security issues in general; this is just a consequence of Apple making the switch to Unix. Still, until things change, the Mac OS is stil the most secure OS out there. If and when things change so that the Mac becomes more of a burden to maintain than a PC, then I'll be the first to say enough is enough. Until then, I see no point in continually saying "things might get worse." When I actually see them getting worse to the point where it's a practical concern, then I'll make a move. And I'm not talking about something that affects a few dozen users before they updated their OS (as was the case with an Airport issue a while back); a proof-of-concept hack; or something someone claims to have working in a lab somewhere. Let's be realistic.

My house isn't 100% secure. If someone wants to break in, they'll get in. Does that mean I should install a security system, get a watchdog, bar my windows, etc.? I have to assess the probability of an actual break-in.

Oh Gee...wireless is less secure than wired. DUH! Oh Gee, if I have my computer set up to blindly connect to any network, it's a security risk. DUH! So here are my default settings for my wireless. I use a minimum of WPA personal security and only connect to specified networks by name. My wireless network is also MAC address filtered. This should be the minimum level of security used by all wireless networks. If that were the case, I'm just a little bit curious about how this hack could break in.

I'm a mac user. I'm not one of the morons that the presenters are referring to. This isn't even about a Mac. This is about Atheros, Intel, and others.

People should avoid stereotypes.
I'm at BlackHat but going to skip this presentation because it just lost merit in my eyes.

>There are no hacks for Mac because no one cares about hacking Macs. Why would I design a virus that works on less than 10% of all computers? That would be dumb.<

Yup, according to IDC, Mac's current USA market share is a whopping 4.8%, and their worldwide market share is somewhere below that of (who?) Fujitsu/Fujitsu Siemens.

Smithers, I do get it. As you can see in my last post, I do agree with the user-base issue. But that's only part of it...

Look at application installation as one example of security. On a Mac, in order for an application (real or malicious) to be installed, the logged-in user has to be an admin user and THEN the user has to enter the admin password for the installation to proceed. Windows makes the user an admin user by default and no password is needed. So right there, you have a major Windows security flaw. Also, by default, the Mac OS has most of its ports closed while Windows has most of its ports open.

Sure, an admin user can change these things, but for the average user, they know nothing about this.

Anyway, while market share is an issue, these things are not related to that.

Also, WHATEVER the issues are, if one system has virtually no issues while another has many, I'll go with the first system. Until things change, the reasons behind the security issues don't matter much.

To stick with car analogies as the Mac/PC debate often uses...People sometimes consider theft statistics when getting a car. If I heard that there was an increase in the number of thefts of car X in some remote part of the country and that the increase in thefts of car X MIGHT be increasing and MIGHT be spreading, would that deter me from getting car X if I really liked the car, it was everything I wanted in a car, and I never heard from anyine I know with car X that they experienced a theft? Probably not.

I'll be the first to call there bluff, for one to say it gives total control is highly unbelievable. A video proves nothing, just merely someone can manipulate it.

I have watched videos of the beta apple ipod videos that I would of thought where real unless told otherwise.

Sorry this just does not add up. I'll need hard proof before I belive these two clowns are out for nothing more than name recogntion.

Bear in mind that the presenters at Blackhat were more grumpy about Apple's current *marketing* push on security than they were about Apple's users.

Someone up there wrote: "I don't care if the Mac gets a few vulnerabilities as I'm confident Apple will fix them swiftly."

Apple has not done a great job of delivering working security fixes for OSX in a thorough, timely fashion. Part of their problem is that doing so would be admitting there are as many security issues as there are. Apple's PR budget is invested in not doing that.

OSX is based on freeBSD - and freeBSD is a very secure system. A lot of porn sites use freeBSD because it is so secure. So, there's money to be made on freeBSD exploits, because there are databases of credit cards at the porn sites.

Problem is, if someone develops something clever that's primarily designed to go after freeBSD and it's either trivial to include OSX in the exploit, or OSX simply is included because of the shared code base, Apple may have a long process to address it.

One possibility: the exploit doesn't take freeBSD systems down, but it does take OSX down, and it spreads as a worm.

The fix requires either boot from CD or boot to command line mode, and takes several days to emerge.

Today, on another web site, it states:

"Apple Computer issued on Tuesday updates for its Mac OS X operating system to fix 26 security flaws, some serious."

So much for claims that Mac OSX is oh-so-perfect, and security-flaw-free.

The thing is, who wants to put a virus out on a system that won't spread? It won't spread not because the OS is more secure, but no one uses the OS in the first place.

Secondly, even if someone does make a virus or hack a mac. What are they going to do, shut down the system? There's hardly any software to do anything malicious anyways.

Let's take a look at one of the mac commercials. The commercial involves entertainment. The mac commercial poses a normal PC having no sorts of real, fun entertainment while a mac has video editing software of the sort. Great, you can do videos, so can the rest of the world. And guess what? The rest of the world can play the millions of "fun" games on the PC's while the mac can't.

Thanks for the warning. My husband just bought me an external wireless card for my PC. I was not aware my PC could be hacked this way. Now I will limit the amount of time my card stays in my PC, just as I now unplug my network cord when not on line.
My motto: If they can't see it; they can't hack it.

Most Mac users realize that Macs can be hacked. Their is a big difference between being vulnerable to hackers and being vulenrable to viruses.

Brian, anxious to denigrate Mac security, fails to put this exploit in perspective. The target of this exploit needs to be within wireless range of the hacker. Compare this to an exploit where the target needs to visit a website, receive an e-mail, or just be connected to the internet.

Admittedly, this exploit is potentially more subtle than a Trojan horse.

anon,

Pleaser read some of the earlier posts.

As for the other "arguments" you present, while each camp can present specific examples about the availability and quality of software that bolsters their point of view, in general, these arguments are both fallacious and about 10 years old.

Mac vs PC. PC vs Mac.

Nonono people.

Mac = PC. PC = Mac.

Same fnording hardware! The only real difference to the end user is the OS you slap on the thing. MacOS, Windows, Linux, BSD, what-have-you.

I just wish all the "sides" beating their chests over how superior their "side" is would just shut the hell up. Your computer is a tool. Not a lifestyle statement. Just use the tool and put it away when you're done!

>Most Mac users realize that their computers are vulnerable to hackers. That is not the
>same thing as saying that Macs are vulnerable to viruses.

Crooks don't target macs for the same reason that most game companies don't: the user base is too small to warrant the effort.

If Macs ever have a user base that's large enough to justify the effort to attack it, we'll find out how secure it is.

Brian, any FBI takedowns yet?

Mac users aren't "better" -- Macs are better.

There's a hospital where virtually no one dies of infections. Some say it's because hardly anyone goes there. They get great care there and have all the services that anyone needs. AND no one ever dies from infections. Infections just don't exist there.

There's another hospital where there is a very high infection rate and many people die there.

Many people say it's a more popular hospital and almost *everyone* goes there -- so I should go there. They have a very large support staff to fight infections and they say they can fight off their 200,000 infections that are roaming the hallways or are coming in with the people.

And the fact that so many people die there is simply because it's such a popular hospital. I guess you just take your chance at that place -- and your chances are not very good.

No thanks, I'll go to the hospital that has virtually no infections and no one dies.

I like the "better" hospital, thank you -- not the more popular one.

I like my peaceful and nice existence -- not one of fighting off all the diseases every day.

This comment area seems to have become a forum for MAC vs PC.

Your Point?

For $12,000 less than I could have built it with a MAC - I have a fully operational to code recording studio with which I am producing my music on a pro level without selling my home.

God bless the folks that design productivity software/hardware for PCs.

Oddly enough, a lot of the really creative people in this world aren't able to channel their energies towards making the really big money. Some of us spend too much energy being creative. I love my PCs.

Maybe if they make me enough money, I'll replace them with MACs.

Peace In Our Lifetime...

If Macs have 10% of the user base of Windows, shouldn't it have 10% of the number of viruses? No. It has zero. Because it is better designed. There are more Mac users than Linux users, and yet there are lots of exploits that take advantage of Linux.

And Eliakim is right: Who cares /why/ there aren't viruses. There just aren't any. That's an advantage.

And millions of people use Macs, not "nobody."

When you look at /home/ users instead of bulk corporate buyers, Macs have a much higher market share. Apple sold 15% percent of all laptops last quarter, for instance. Laptops are purchased more by individuals than by IT departments. If the know-nothing, MSCE-ridden IT departments of the world actually knew a thing or two about computers, they'd all be on Linux, Free BSD and OS X in a heartbeat.

Most of you users out there are assuming that Mac=osx and PC=Windows...
I have found aLinux to be very stable on my desktop and have not had any virus or spyware trouble. Aside from that, it come with all kinds of security features, and I don't have to pay anyone. I have open office and even have all of my hardware supported.

The argument that Macs are too rare to attract viruses doesn't make sense to me. UNIX and Mac are just more secure.

Apache runs a majority of web servers and a minority run on Microsoft software, yet virtually all virus attacks on web servers go after the Microsoft software, because it's vulnerable. Even though it has a smaller user base.

Why can't they demonstrate it live? They have to do it via videotape? I think that somethings fishy...

1. Most of the know nothing IT departments are running purchased software that is certified by the vendor to run on certain platforms. If it isn't certified for Linux, FreeBSD or OS X, then very few IT managers are going to go out on the limb to try to make it work.

2. I love people trying to make healthcare analogies to IT. If I told you there is a hospital that, by design, is less susceptible to patients receiving infections, would you jump at the chance to go there? Now if I tell you that it is a psychiatric hospital (with few patients with infectious diseases), would you still be jumping? Just because the Mac is better-designed to withstand viruses and worms (something I'm not prepared to accept as fact) doesn't mean it does what I need it to do. Just like I'm not going for heart surgery at a psych hospital.

"It's worth remembering
1. There are over 25 million mac users out there. That installed base is certainly large enough to propagate an attack
2. When the Vista beta came out, to fewer than 10,000 people a virus appeared for it within a week"

sure, and guess how many people will have vista installed when its released? a lot more than 10,000. and the virus that appeared for it will already be fixed, but what about the viruses that people are coding for it and being smart enough not to release them yet? they'll be hitting alot more than 10,000 users because millions will have it loaded.

the people who are making viruses for the "obscure" vista were still making them for a larger user base

Jim,

In response to your second point, of course. And I would say the same to Jordan with respect to Linux on PC. I think it's safe to say that most people are talking about the general user. Most people do basic stuff on their computer. Most people who have a PC run Windows. And so on.

I would also say that with Intel-based Macs, using Boot Camp or Parallels now gives a user the best of both worlds.

I am a (preferred) Mac user, using both OSX and XP Pro on the job. Though neither programmer nor hardware geek (most of the time), I noted the target is the Mac with Intel "core" (single or duo). Would the vulnerability be applicable to a Mac with the G5 chip and a wireless card, running v 10.4?

Just wondering.

I switched my business from powerful Windows machines to MAC Dual Processor G5 systems in 2004. At the same time I purchased some Apple stock. I have spent 0 minutes maintaining the OS of these systems since that date. I have processed 50% more graphic-rich business content, received more customer service compliments, and reaped substantial business and investment profits as a result. Apple is a market-driven solution to the Microsoft monopoly.

Actually, one of the fundamental propositions of this supposed attack I believe is false. The default Airport card setting isn't to automatically join ANY available network, but to ask before joining an unknown network. You can however set it to join any, which you would then need to reverse in order to disable this vulnerability.

I've been wireless for almost 5 years now, and my normal setup procedures do not involve disabling the default behavior, which is to quote from the control panel for the "Automatic" setting: "Airport remembers the networks this computer has joined. If none of the remembered networks are available, AirPort will ask before joining an open network."

According to Consumer Reports, 9/2006 ed., Consumer Reports National Research Center, "State of the Net":

Viruses infect PCs at the same high level as last year. 1 in 4 had a major, often costly problem. Economic fallout per incident $109, total damage $5.2 billion.

Spyware infections, in the last six months, prompted nearly a million U.S. households to replace their computer. 1 in 8 had a major, often costly problem. Economic fallout per incident $100, total damage $2.6 billion.

My question: how much of these enormous costs have been incurred by users of Mac OS X since its release?

Should a person considering the purchase of a Mac factor in the cost of virus protection now, or should that person hold off purchasing virus protection until some virus actually affects, oh, over a dozen different Macs? What about spyware protection? Should the Mac user install what is recommended for every PC owner, two anti-spyware progroms? Or should the potential Mac owner wait until, oh, over a dozen of the 15 million Mac OS X users actually have spyware installed surreptitiously?

How many years have we heard these predictions of "Just you wait, you Mac users will get yours." I've heard the sky is falling for the four years I've been using OS X. Please, come into the sunshine. It's nice and bright and refreshing out here. When the weather changes, then I can invest in all the apps the PCs have to run to protect themselves, and the concomitant processing power those programs consume. Until then, Chicken Littles...

Someone wrote;

"...for crying out loud, John. You Mac people just don't get it. There are no hacks for Mac because no one cares about hacking Macs. Why would I design a virus that works on less than 10% of all computers? "

Because you would be famous beyond your little hacker imagination. Write a PC virus...who cares join the thousands! Write the first out in the wild mac virus, you're on the front page of the CNN web site!

Duh!

So did it work? It's 4PM on the east coast and I haven't heard yet.

Yea, these are so confident they'll only do it at home and videotape because they know in REAL LIFE situations - the Mac is pretty impervious.

Here's an analogy even the Washington Post might understand. Macs are US Army Rangers. PC's are sleepy tourists with a camcorder poking out of their bag under their feet. That's not to say you can't take down a US Ranger ever but if you're a pickpocket, who is the much, much easier target?

Is it possible somewhere on this planet there is mac user with his firewall off and his wireless left wide open? of course, there are 25 mac users but it's much harder work because there are layers of protection ... most Pc's - all protection off ... you do the math.

These guys are pulling a fast one on you - what's next, will they hack into the DOD and give you area 51 files?

"Apple Computer issued on Tuesday updates for its Mac OS X operating system to fix 26 security flaws, some serious."

So much for claims that Mac OSX is oh-so-perfect, and security-flaw-free.

-------------------

Uh, nobody said that.

The majority of such security flaws are in Unix utilities, many of which the average user never uses. Does it count against the platform as a whole? Sure. Does it mean a large portion of the userbase was exposed? No, because they don't utilize that utility.

John

Maybe, but when I think why the people I know, and why I am using a regular PC, I find myself using them not because of security, tech support, or the like. I use them because the market uses them. If the mac market was dominating, I would use a mac instead. There's no if, but, or and about that. Many of us (friends, family, and other people I know) don't use macs because in a way, they are useless to us. I agree that being useless to us, doesn't mean it is useless to everyone -- it's not. But the fact is, the things I want to do, the things I can do, and the things I look foward to doing on my PC, I can't do on the mac. This goes with most people I know.

People use specific OS for different situations. Here at work, we use unix for servers, while most other regular machines run windows. We had one apple machine that we purchased for one of our artist and when he left the company, the mac was up for grabs. Even though the mac machine was faster, no one wanted it. Not because they didn't know how -- they could learn -- but because their windows machines were compatible. Albeit compatible with virii, trojans, worms, and the like, but still compatible. I think that's the biggest here. Compatibility. If I can move all the programs that I'm using right now over to a mac machine w/o problems, I'd be more than happy to do so.

Wanted to add

So this whole thing about security on mac/PC/etc and why one is better than the other is because of this is total BS.

Hmm. 1 in 8 chance of losing $100 vs. 100% chance of spending... how much more for a Mac? I would sooner take my chances behind my router and the free AV software from my ISP.

Whatever, the choice was made to present it on Macs to show that the problem is driver-related and OS-agnostic (and because the ads ARE obnoxious. My pie charts are much more colourful than that).

It's not a Mac vulnerability, it's a wireless driver vulnerability. The choice was made to not demo it live because...

IT'S WIRELESS, PEOPLE! At a hacker conference! Using an undocumented and unpatched vulnerability!

Which, of course, will affect no one using a MacBook, because those aren't the kinds of things that will be used in wireless hotspots. And, of course, city-wide wireless networks will do nothing to increase the range of such attacks.

What I hate most about the PC vs. Mac / Win vs. Linux vs. OS X / Closed vs. Open Source security debates is the lack of scientific method to the conclusions. It's called Ascertainment Bias and I've never seen anyone involved overcome it.

This argument is kind of stupid. Yeah, Windows has things on by default while OSX has it off by default. In the end, it's the intelligence of the user that matters. Right now, I think macs tend to attract smarter users. If wholesale Mac adoption happened, I'm sure there would plenty of stupid users giving admin permission to anything and plenty of stupid tech support people who tell users to turn off such and such security setting.

actually, mac os x is more secure, not because of obscurity, but because:

1. it's based on unix and has the same system of privileges.

2. os x comes with most of its ports closed, so there are fewer doors through which an attacker can enter.

3. you have to either have admin access or enter your password before installing software.

4. offers per-user harddrive encryption (in case your computer is ever stolen.

that doesn't mean it's invulnerable. but it does mean there are fewer 'ports of entry'

Anon...From my experience, it's just the opposite: most people don't do anything that requires Windows. The average user uses applications for e-mail, Web browsing, word processing and spreadsheets, and that's about it. That's not to say a lot of people don't need Windows for specific apps. They do. In that case, however, why not use Boot Camp or Parallels. And I would reiterate that in response to what you said: "If I can move all the programs that I'm using right now over to a mac machine w/o problems, I'd be more than happy to do so."

Try outfitting a series of PCs to match the hardware/software included with the Mac line and then factor in the additional costs for third-party apps to secure a PC plus the time/money involved with maintenance. You'll find that, overall, PCs will cost about the same or more.

Well, these guys are lucky they recorded this because the security update that Apple just came out with might put a wrinkle or two in their demo.

I'm interested how far they could take that vulnerability. Can they hijack the whole system or what?

Everyone here seems to be missing the point, correct me if I'm wrong but simply having wireless enabled can make it vulerable to this exploit, it doesn't have to be connected to any network at all. Simply "on" is good enough. Here is a quote from the article:

"But according to Maynor and Ellch, this attack can be carried out whether or not a vulnerable targeted laptop connects with a local wireless network. It is, they said, enough for a vulnerable machine to have its wireless card active for such an attack to be successful."

And as far as the whole Mac vs. PC thing. Just as soon as I can buy a Mac for the same price as a PC and have the same amount of programs and upgrades available as I have for my MS machine and have an upgrade path without having to buy a new machine, I'll think about buying a Mac. If I want limitations I'll install free BSD or Linux on my PC and have as much or more than a MAC, but if I truely want to do it all I'll use my Intel or AMD box with Windows.

A Mac is just an overpriced PC with a BSD or Linux like OS modified by Apple and sold for far too much money.

Atheros is a chipset maker, and thus they design drivers for their chipsets. So for example, if there is a vulnerability in the driver then it's not an Apple or Microsoft vulnerability, but instead it's a vuln in the driver maker's code.

Granted, Apple or Dell or HP or any number of vendors might build in such faulty hardware. But even so, that in no way reflects on the security of OS X or Windows or Linux or Solaris or whatever else.

Tiffany,

I never heard of Parallels before, but I would take a look. Boot Camp on the other hand is relatively new, atleast for me.

The problem is, unless I take the company's mac, I can't scrap a computer together, install OS X and test it like, like I do with windows/vista/linux.

If there is a way to scrap a computer together and install OSX drop me a link and I'll take a look. Otherwise, I'm going to have save a lot of money just to try boot camp.

For us, when a computer gets outdates (really outdated) we tend to turn it into a dummy machine, server, pbx, etx.

So Brian, how'd you get a job writing biased articles to sway the uninformed reader a certain way without knowing all the information? Hmm... I guess that's what the post does best.

Wanted to add

A regular pc's life doesn't die after the use of the OS on the machine dies. These machines will often be retuned for other uses. For example, a personal firewall or maybe a pbx box for an auto attendant. The possibilities is almost limitless.

In Network Preferences is an option to "create computer to computer network" turning the airport card into a "transmitter" or Base Station. Simply having "by default join: Preferred or automatic networks" nay not by sufficient for this hack to work. Until we know some details it's not worth worrying about.

Mac Smug Alert!

Yeah, I guess hacking a Windows PC is so trivial as to be uninteresting any more..

Isn't it rather intriguing that they didn't want to use a LIVE video opting for a RECORDED video instead?

The reason for this stated:

Maynor said he and his colleague opted in favor of a videotaped demonstration versus a live one because of the possibility that someone in the audience could intercept the traffic sent to a potentially live target and deconstruct the attack -- possibly to use the exploit in the wild against other Macbook users.

Funny how their exploit could be exploited by their exploit. Somewhat ironic don't you think?

Also, it would give them a chance to possibly doctor the video or edit it in such a way that it makes it look easy or whatever.

Of course anything that has a computer chip in it has the potential to attract hackers. Be wary of that the next time you're driving your BMW or Mercedes or your standard GPS Navigation systems.

Nothing is 100% safe but then Windows kind of makes everything easier now doesn't it?

"quote"

"It's worth remembering
1. There are over 25 million mac users out there. That installed base is certainly large enough to propagate an attack
2. When the Vista beta came out, to fewer than 10,000 people a virus appeared for it within a week"

sure, and guess how many people will have vista installed when its released? a lot more than 10,000. and the virus that appeared for it will already be fixed, but what about the viruses that people are coding for it and being smart enough not to release them yet? they'll be hitting alot more than 10,000 users because millions will have it loaded.

the people who are making viruses for the "obscure" vista were still making them for a larger user base

Posted by: chris | August 2, 2006 02:35 PM
"quote"

Now, is response to this.

How many pcs will use Vista once it is pushed as a complete OS? Eh? ALL new pcs for one! And as many business and current upgrading home users as MS can convince through the 'security push' they are making. So Vista will obviously have a larger userbase very quickly.

and as far as fame goes... Hackers today don't want fame, they want their huge Windows botnets they install adware through to get their 6-10k a month for putting adware/spyware on pcs.

I just have to say one thing. Everyone knows Macs are much better on security and viruses. Now why wouldn't a hacker write the VERY FIRST major virus for Macs? That would instantly make him famous for the first large scale spreadable Mac virus. Who cares about the small user base, just like this article, the news would spread and he would be "famous."

Anyways I switched from windows and I love macs more by a long shot. (Apple released a security fix today, did this plug up that hole?)

"I guess actually this is a testament to OS 10.4, that someone has to go to such great lengths to hack it."

So basically, this is your logic process: This can be done on any system. Mac users brag that their system is safer than PCs. They are actually equally at risk. Therefore, "someone has to go to such great lengths to hack it."

I guess wen you're a fanboi, you're a fanboi for life!

AeonFlux: "Everyone knows Macs are much better on security and viruses."

"Everyone knows" is a logic fallacy. Whenever you say it, you are probably kidding yourself. Maybe, "Everyone who I hang out with thinks they know" is more accurate.

AyeRocer,

What???

is the video available?

OMFG Macs ur ghey cuz they dont' hav gam3z!!! OMFG BBQ and my daddy sez macs ur ov3rpryst and for dum dumzZZ!!!ELEVENTY!!!11ONE!!

Let it rest already. ALL computers are lame, and people have let technology run their lives. Run for the hills, put on your tinfoil hats, and roast some marshmallows over an open fire.

-he who stacks pork

@AyeRoxor

Macs are NOT at the same risk of security. This is NOT a spreadable exploit across the internet, you would need to be in range of the wireless card. You have 20,000 viruses, Mac has none, they both share one small exploit and you think theyre both at the same security risks? Explain that logic.

You didn't say what operating system the MacBook was running. Was it Mac OS X or Windows? Given the dual-boot capability, it could have been either, so we can't make an assumption.

Mate - this is about security.
Who invited the fanbois out to fight? Who cares?

Good job that these guys have identified a problem for ALL computer users, and are doing something GOOD about it.

And smart enough to get exposure by compromising a Mac. (Who would have noticed if they compromised a PC). Bad news for Atheros too!

Leopold - stop being gay.

hey porkstacker that was certainly a sane post you just made. I've used all three operating systems(windows, os x, unix) and i'd say the best aesthetically was apple, the most logical was unix and the worst yet most readily accesible is windows. so i'm stuck with windows basically, unix has its fair share of problems as well and apples are just too expensive.

please delete my last comment - clean install of Ubuntu & didn't have Flash installed yet.

To see why PCs are better than Macs "right click" [here]

I'm a Mac user - I'm sitting here typing this on a black MacBook identical to the one in the demonstration video.

The point is that these gentlemen have demonstrated the viability of an entire *class* of vulnerabilities in wireless network cards - the victim machine can be running Windows, OS/X, Linux, what-have you, and have one of several different wireless chipsets. That's why they used the USB WiFi adaptor in their demonstration - they were making the point that this issue isn't specific to the WiFi chipset in the black MacBook, but rather is a *class* of vulnerabilities which affect many OS/hardware combinations.

The wireless angle grabs attention because of the prevalence of casual wireless networking, and because many people (I'm not amongst them) always leave their wireless adaptors enabled, even when they aren't connected to a network. I wouldn't be surprised if there's a similar class of vulnerabilities which apply to one or more *wired* network adaptors, as well.

The lesson here is that hardware developers, firmware coders, device driver coders, and OS vendors/coders must all work together and perform much more extensive system-level security testing in order to discover these kinds of vulnerabilities and fix them prior to releasing systems comprised of these various hardware and software components. There's probably a whole lot of unit-testing going on, but not a lot of system-level testing - and that must change.

It's funny how several people remarked about the smugness in the commercial and someone was even quoted about how they would like to put a ciggarette out in their eyes.

Funny they should talk about the smugness of mac users when Mac users have been dealing with the smugness of PC FREAKS for years.

Get a life and grow up. Security problems are not platform specific. Don't take it out on Macs. It's not the Mac populace's fault that for years Microsoft refused to patch any problems until it affected their bottom line. They wrote crappy code over crappy code. (Although I am sure the engineers wanted to fix it but couldn't because of time mandates from the Corporation.)

You're all wrong! Cats are far better than dogs. My cat hardly ever gets a virus and has only been hacked once, by the neighbors cat. Just because more people have dogs, than cats, it doesn't mean I know what I'm talking about. Sure, I could get a dog because everyone else has one. I could get a cat, just to be cool. But I think I'm just going to get me a brand new analogy, so I can be better than all of you, so there!

See jim's post from 5:05pm

The last posters are getting it right. Nobody that uses a MacBook uses a 3rd party card. Wireless is built right in and standard.

Now if they pulled this off with the standard setup like all MacBook users use, then it would be interesting. This is for the PC morons that know nothing about standard fare macs that just can't wait for the mac to get busted big time.

The saddest part of all this is the coverage this story has received via some major news outlets. Are there any journalists left on this earth?

I believe these two have done the responsible thing, in not doing a "live" demo that would have revealed the exploit code to the group probably best able to quickly wield it.

However, the video is silly; it adds nothing. Anyone could have created such a video easily, just by setting up a shell listener on the Mac in advance. Walking around and proving there are no wires has nothing to do with anything.

The only way to prove there is an exploit is to release the code so people can independently verify it. Short of that, either people trust these two (in which case, a presentation with slides is sufficient--revealing all platforms that are vulnerable without singling one out and needlessly provoking an irrelevant flame war), or people don't (in which case the video isn't going to convince them).

There aren't any viruses or trojans that attack the Mac because it's not worth the time or effort to do so. Who cares if you get 25 million Macs if a virus for the PC has a possible audience in the hundreds of millions and the potential to undermine global financial systems?

As to the argument that making the first Mac virus would make one famous: no, it wouldn't. Not even close, because Macs aren't used for anything essential.

"As to the argument that making the first Mac virus would make one famous: no, it wouldn't. Not even close, because Macs aren't used for anything essential."

Oh please. Grow up.

smoke signals

Brian, Brian, Brain.

Nice headline. I am sure that it brought you a lot of hits, but now that I have seen the video, I find some of what you wrote very troubling.

First, you state that these guys found a flaw in "the software that allows the internal wireless card to communicate with the underlying OS X operating system." Instead, the video shows them installing a third-party wireless card (which is more than a bit phony since all MacBooks have built-in wireless).

So, I ask, are Mac users doing the normal thing, using their built-in wireless, vulnerable? They don't say, and we don't know. I think you have some obligation to follow up on this. If the driver for the built-in wireless is vulnerable, I want to know. So far, I have doubt, since these guys say themselves that they used a Mac specifically because Mac users are so smug about security. They could have proven their point much better using a more realistic scenario.

Second, what is with the headline. I know. . . it draws lots of hits. Good for you. From a Mac user's perspective, however, we see a lot of these headlines only to find out that the full story is a lot more complicated. Today's was just one more example.

A better headline "Mac using an unnecessary third-party wireless card hacked in 60 seconds."

wow! integrity? nope. honesty? nope. journalists like yourself maybe bring visitors but in the long run I'll never view or care anything about this publication again. you have done nothing but lie & misrepresent the truth. if the headline where to read windows hacked no one would of cared.

so you chose to use apple only to lead us to a video where these smug, attention seeking, morons show us how to install a 3rd party wireless card. moron alert : the mac book does not need a 3rd party wireless card.

personally you should lose your job for misrepresenting the facts. but I for one will never visit your publication again.

perhaps you should watch the colbert report. he coined a word called: truthiness something you know nothing about.

I got bored after the mac/pc friendly pissing match started a few comments in. It's a driver issue, unrelated to OS. There is no significant mindset difference between OS X and Windows users anymore. On MAC you have extreme ease of use and reliability with UNIX under the hood. Power and Ease of use. It's not 1984 anymore, pick an OS and use it. It really doesn't matter.

I'm a WINDOWS programmer - primarily C# these days. I'm typing this on my MacBook Pro in Safari while taking a break from debugging a problem in MS Visual Studio 2005 running in a Win XP VM under Parallels - it's my favorite combination ever. I have my code mapped out to my OS X file system. When my XP image decides to crap all over itself, I just copy over a backup VM and get back to work.

Operating systems are irrelevant. Use what you want. Patch accordingly. I highly recommend OS X and Parallels.

Cheers!

Adam

A better headline "Mac using an unnecessary third-party wireless card hacked in 60 seconds."

----

Hah. Exactly. I mean, yeah this is a bug, but it's not one that's going to affect too many people. Who doesn't use airport? really REALLY old macs that don't have it built in maybe, or Tibooks which get bad reception with the built-in card. That's it, more or less.

So yeah, they have to fix this, and maybe/hopefully it'll inspire them to audit all drivers a bit better. But this isn't really much of a threat.

Look at the following article.

http://abcnews.go.com/Technology/wireStory?id=2266507

It has the following line.

"Maynor said the MacBook used in the demonstration was not using the wireless gear that shipped with the computer."

Not to say that macs are invulnerable, but they are definitely in usage far safer to use than PC's. What do I care whether that security is due to a smaller installed base, or years of bugs being wringed out of UNIX? Besides, as corporates are never going to adopt macs on a widescale, their marketshare is destined to remain in single digits, for a very long time.

I'm not loyal to any OS as long as I get my work done. With that said, I work around Mac users everyday, and i Must say They are smug and look down on the rest of us. I do applaud Vista for trying to make sure that hardware work they way it was intended. Most windows issues are from hardware problems.

On the side of security and viruses. Statistics can help.

Lest say windows is about 85% of the desktop market and Mac is about 6% and we take a sample of 100 computers. Now the face that people who write virues want to affect as many computers as possible for bragging rights.

The Question: Would they write a virus that affes 85 out of every 100 computer or 6 out of every 100??

Discuss :-D

Does this exploit succeed against a specific wireless card, or is it specific to one manufacturer?
The demo is interesting but need further evidence using other manufacturer's cards, and even better if you can own a Mac via the built in Airport card, which I suspect you won't. To say that the default MacBook drivers are exploitable is sensationlism at best, given that (as has been pointed out already) no MacBook owner is going to be using the so called "exploitable" "default" driver.

Jesus christ. You freaking Mac fanatics get your panties in a bunch every time someone makes the slightest insult toward your beloved OS. The point of this article was NOT to belittle the Macintosh. I mean, the guys even made sure to point out that they got the exploit to work with multiple Windows machines as well. If they tried hard enough, I'm sure they could have gotten it working under just about every OS that has support for wireless cards. It sounds like this is a fairly common driver bug, and the guy specifically mentions Broadcom. If you own a laptop, and it has wireless, I'd be willing to bet you $5 that it's based off a Broadcom chip. I'd make a crapton of money, too.

Guess what? My OS is insecure. So is yours, and so is just about everyone else's. Your Macintosh is not a unique and beautiful snowflake. It's a goddamn computer, just like mine. RDF destruction complete. Welcome to Real Life.

-Yoweigh

BTW, a lot of the arguments from Mac users in the OSX vs. Windows wars sound a lot like the Mac vs. Intel/PowerPC vs. x86/RISC vs. CISC processor architecture arguments back in the days of yore.

Guess which one you use now? I'll give you a clue. It's not the first one, and it's not the one you used to root for.

-Yoweigh

I'd like to respond to the many people commenting here about the video's depiction of the use of a third-party wireless card on the Macbook. I spent more than an hour in Dave Maynor's hotel room last night watching this exploit in action and peppering him with questions about it.

During the course of our interview, it came out that Apple had leaned on Maynor and Ellch pretty hard not to make this an issue about the Mac drivers mainly because Apple had not fixed the problem yet. Maynor acknowledged that he used a third party wireless card in the demo so as not to draw attention to the flaw resident in Macbook drivers. But he also admitted that the same flaws were resident in the default Macbook wireless device drivers, and that those drivers were identically exploitable. And that is what I reported.

I stand by my own reporting, as according to Maynor and Ellch it remains a fact that the default Macbook drivers are indeed exploitable.

To all of the commenters who complained about why this demo was not shown live, I refer you back to the text of the blog post, which pointed out the dangers inherent in showing this type of exploit live to a room overflowing with curious hackers would like nothing more than to capture a copy of the exploit wirelessly and experiment with it.

Again, the whole point of this story was not to pick on Macs per se, but to point to a security issue that affects multiple operating systems and one that is long overdue for some serious code review by the companies that OEMs rely upon to produce this software.

doesn't this have nothing to do with Mac OS X? sounds like it's the Linux guys who are "smug" by using a Mac to showoff a Windows vulnerability.

This is not a MacBook exploit, it's a driver exploit for the third party wireless LAN adapter.

Also, seeing as all MacBooks come with an Airport built in as standard, how many are going to be compromised? I expect none.

This article is just full of sensationalism and miss-information. Please correct or delete.

I wonder how many MacBoook owners out there are using a third party wireless card? Since they come pre-installed with a built in card they have to be few. If he could have done the same experiment with the built in card he definittely would. Sensationalism! And it works to! I just wonder how many extra viewers the MacBook name attracts? Count me in.

I wonder if this hack took into account the new security update from apple that was released yesterday.

Yoweigh: Oh man, you totally convinced me of the error of my ways. That's it, I'm switching to Vista. Thanks!

BK: Yeah? That's stupid. Apple can "lean" all they want, if it's a real problem, they should've demonstrated it in a real fashion, not added an extra level of complication that made the video seem completely improbable. Real exploit or not, the whole thing smacks of showboating to gain attention for the company, and the external card makes it look like they're desperate for that attention. Let's see it without the card.

Ah, Mac trolling -- last refuge of the chronically ignored.

Wow, so as soon as I feed the need to use some third party wireless card instead of the built-in wireless in my laptop, I'd better be careful.

Why would I be doing that again?

They're hyping this video as evidence of something its not. The MacBook's hardware is not vulnerable.

They use a third-party wireless device, when the MacBook has its own wireless card. If they could have broken into the driver that 99% of MacBook users use, they would have shown that. Instead, they connect a 3rd party device that is redundant. So the flaw lies with the company making the device, not Windows, Linux, Mac, or the MacBook.

first person to actually create a virus/serious exploit (no wireless hijacking... that's lame) would be famous, is that not enough reason to do it?

hmm, maybe it's just too difficult, or maybe hackers, being tech savvy and generally knowing-what-the-hell-they're-doing USE macs and so wouldn't want to dirty themselves by trying to exploit it... a mac is like a friend to you, it treats you good if you treat it good

windows is like having termites, annoying, useless and expensive

Come on, guys. The social retards told Brian that the exploit would work with the native Airport cards so it must be true. I mean why would they lie? To get lots of attention or something? Lay off Brian, everyone. It's not like a good journalist (or thinking human being) would demand to see proof of the exploit working in a real-world scenario. He or she would certainly take the big Star Wars nerd's word for it.

Maynor said the MacBook used in the demonstration was not using the wireless gear that shipped with the computer.

"We did that so we're not singling out Apple," Maynor said.

http://abcnews.go.com/Technology/wireStory?id=2266507

Many hackers, crackers & virus writers are based in Eastern Europe, no doubt running pirated Windows copies on cheap pcs. the chances of them writing expoits for macs are pretty uch zilch. off topic, but worth considering

Interesting that the key issue has been largely missed in the article. This issue is, that it needed a second third party WiFi card to work! Yes, the driver for that third party card does work on a mac, but who in their right mind is going to do this when it has an inbuilt card in the computer already.

This would strongly imply that the standard Apple is not vulnerable in the way shown!

Brian Krebs, misdirects the reader by implying that the Apple card was used, I quote,

"Apple -- like many computer manufacturers -- outsources the development of its wireless device drivers to third parties. In Apple's case, the developer in question is Atheros, a company that devises drivers for a number of different wireless cards, each designed with drivers specific to the operating systems on which they will be used."

What a Hack!

Its pretty funny reading all of the no-nothing comments about Macs from Windows users. If, as is claimed by many, the Mac is so insignificant that no-one would ever bother writing a virus for it, why are they so excited to even point it out. If it was the truth, why do they even care. They sound like the rantings of people who are desperately angry that they have been sucked in by Microsoft, would love to find a way out, but just can't bring themselves to admit that they have made a mistake. The answer is simple:-
1. Take that windows machine to the tip along with its virus collection
2. Buy a Mac

Okay, here's why i'm not scared by this -

The 'attacker' was setup as an AP. The 'victim' had to join that AP, if you were already signed into an authentic AP then this attack couldn't happen.

So news flash everyone - if you join an AP with an open SSID and you can't verify it's authenticity you might get in trouble.

I guess most of the comments reflect the fact that Mac users become a bit passionate about their Mac/OS combination whereas PC users rarely get so worked up about their machine - just Windows.
Macs are a statement in industrial design, which often used to frustrate those who liked to rip apart their computers and install all manner of PCI cards or whatever. Ever tried to upgrade components in a fruit coloured iMac? However, 99% of people got on with video editing, phoot processing or whatever on their Macs. And they were productive. Just like an awful lot of PC/Windows users.
Just that Mac users were 'smug' because they didn't get viruses, their machines rarely crashed, their laptops wake just about instantly from sleep every time, they look gorgeous and they seem to have a much longer useful life than some other machinery I have had to use.
OK, I am smug and I don't really care. Mac users have almost without exception used PC/Windows combinations at some time as well as a Mac. And they make an informed choice based on their experience.
How many PC/Windows 'fanbois' have actually used, or been forced to use a Mac?
I wonder what their choice might then be. Maybe the Intel Mac/Parallels/Boot Camp combination might turn some heads around.
As for expensive, in 1995 (I know, I am older than 18) I bought a blazingly fast 486 DX4-100 for AU$2050 dollars. And then added a 2 speed CD-ROM drive and soundcard for another AU$385. And I won't even mention the pitiful (today) RAM and HD specs. Adjusting for inflation, I reckon I could just about get a Quad processor G5 with a 30" LCD monitor for that today!

Anyhow, enjoy your platform of choice. I do.

Can someone explain who the mac could be vulnerable when they use a USB wireless card and a non os x software to connect to the acces point. So if it s a device driver hack, It is a hack for the usb card.
When this hack will work with the internal AirPort Card and the normal OS X Software, then I will begin to give a damn.
They just use a mac to get attention. Otherwise it would be one of a million lame hacks.

The Macbook comes with a built in wireless card. If they had hacked that - it would be a result.

But instead they are showing that cheap third party USB wireless cards have cheap third party drivers. Wow what a surprise!

Forget Apple. The article should reveal the maker of the card.

The problem is more all the security experts looking for attention and using apple for that then mac insecurity.

1. Numbers do not necessarily mean that you get most of the attention from hackers. As pointed out earlier, Apache runs majority of the web with IIS getting a fair share. How come vulnerabilities are often found on IIS and not on Apache? Reason - it is secure by design!

2. Macs are NOT 100% safe and secure. It has its share of vulnerabilities that are being patched by Apple - the verdict on whether Apple is fast enough or not is still not out.

3. Most of the vulnerabilities can be corrected by USER EDUCATION. The thing with these vulnerabilities - as long as you continue to apply patches as they are released and not be so trusting as to open practically any email/IM attachment or go to any website sent even by a friend, then you have a better chance of not having your system, whether it is a Mac or Windows or Linux, infected.

4. As for the Hack, why the need for an external USB wlan adapter when you have airport extreme installed? External adapter may need a driver (that is not built-in) and this driver is the vulnerable one.

Who puts a 3rd party wifi card in an macbook with standard Airport?

Who, using a OSX, has been afected by those handfull of so-called malware?

Why letting believe the whole world that they hacked a Mac (OSX) while they used a bug in some 3rd party wifi?

My macs keep on running wireless, what is the chance someone will hack them if I keep on using OSX on them?

All my friends, non-IT people, just keep on having problems with there Windows. Open your eyes people, hours of maintainance on Windows and almost nothing on OSX, isn't that obvious! Or .... if you never worked on a OSX, then don't say a thing.

My computer is better than yours, and my dick is bigger as well.

Mac sucks. The end.

Theres only one main point to remember:"Mac is Crap". Its' that simple.

Signed:PHYSICIAN THOMAS STEWART VON DRASHEK M.D.

-->>"seize total control over the machine" mean

Troy, it means they got root access.

You're welcome!

about the cost of macs, see the earlier post about this.

Brian, you really need to clarify this point of dispute. Why did they use a 3rd party WiFi card instead of the Mac's built-in Airport? If the flaw only affects 3rd party cards then it's pretty damn bogus to claim Macs are vulnerable "by default".

Hey I stuck a screwdriver in a brand new MacBook, pried it open and got access to the harddrive and Motherboard! See I've proven beyond doubt that Mac superior security is a myth! Can I get my video on the internets too?

LOL, he stuck a 3rd party Wi-Fi card in a brand new MacBook and that proves exactly what?! Who in the World would ever do that, and if you do that proves the 3rd party card is hackable, so what?

In the tape, they use a THIRD-PARTY wireless card on the Mac. All Mac laptops come with wireless (Airport) built in. If their so-called "exploit" truly works on Macs, why the need for the third-party wireless card in their taped demo?

Fact is, if their explot only works on drivers for third-party wireless cards, then Mac laptops are ARE NOT AFFECTED by this exploit.

Sounds like they (and the Post) were trying to sensationalize their demo as much as possible by finding some way to tie it to the Mac.

I dont like the term "PC"

Macs are macs, everything else is called "computers"

PCs are a term only used when talking about a computer in comparsion to a mac.

regular computer users dont go around calling their computers PCs, only in the presense of a mac user.

in fact, mac users use "PC" as a derogatory term for regular computer users.

Ive used windows for 10 years, switched to macs last month, and i seriously cant stand being associated with mac users.

I would say that most people that have read and commented have no idea what they are talking about and are prone to FUD (Fear, Uncertainty and Doubt for the uninitiated). If you think your pc is secure because it's locked up in your house, it isn't. Some platforms are more secure than others -- these are generally not consumer systems. Consumer systems are built around ease of use, not security (or stability for that matter). Would I load Linux or BSD on my mom's computer? Hell no, she has a hard enough time running Windows. Would I give my mom a Mac? Sure, it's fairly straight forward and tries to protect the user from themself. Those that have run the Vista beta and OS 10.4.x will probably notice some similarities when doing anything the local administrator would have access to, but regular users do not. This is probably because people do without thinking. As long as you're willing to be sheep, you're always going to be prey for the wolves.

"Since we demand dirt-cheap PCs, the one easy way to cut costs is to cheapen support. That lowball price means nothing when you have a problem with the product and can't get help. I've said it many times: computers are too complicated for non-technical people to own. You should not buy one if you aren't going to be able to act as your own technical support."
--Hyde and Geek (blogspot)

Moral of the story...take some time to learn some security basics and make yourself less of a target.

If wireless users realized how incredibly easy it is to break into their networks, I believe most of them would be shocked. WEP is worthless. Any hacker with average skills and one of the many tools freely and easily available on the Internet can break into a 128-bit WEP network in less than 10 minutes. Schemes such as limiting MAC addresses are similarly weak. The tools to launch a man-in-the-middle attack using ARP poisoning are also freely available (see Ettercap for an example). Mac or PC, your best bet is to use wireless only when necessary, and only for as long as necessary. Turn the card off when you're not using it.

I agree about those Mac ads, by the way. I own a couple of PCs and a couple of Macs, and every time one of those ads comes on television, it makes me want to smash my Macs. When's the last time you saw a Microsoft ad that attacked Apple? Try never.

That dell looks so much nicer than the macbook...
can not wait to use it with Vista...

manual trackback

A friend of mine pointed me to a video of the presentation at the CNET site which rose his eyebrows.... First of all, the presenter plugs in a USB third party adapter into his Macbook.... All Apple laptops have had built in wireless adapters for the last few years. Why pplug in an external one??

Now my friend has a real problem with this from the demonstrations standpoint. A non-critical observer will not catch that the presenter is not using Apples's built in wireless adapter, but rather a third party external adapter to demonstrate this flaw. I think that the presenter tried to imply that Apple's hardware/software has the flaw but in fact if you listen carefully to the presentation, it is the third party cards and software that have the problem, or so I hear it. Most people won't catch this.

What my friend sees is that Apple gets tarred with the same vulnerability brush, when in fact the issue may be/is third party cards and drivers used with macs, something that Apple has no control of.

My argument with my friend was that the presenters are describing an issue that affects Apple hardware/software though indirectly, and that because of that, the information is valid and useful, none-the-less.

Having said that, you have to wonder why the presenter did not clarify and be more direct as to what was required to reproduce the vulnerability on the mac. Which leaves me wondering, what was the presenters real agenda?? Is it about the vulnerability, or is it about the mac.

The advert campaigns are extremely obnoxious, theyre not just saying macs are good - "apple are actively misleading people", and that makes me angry for the average family man who wants to buy a computer and doesnt know any better.

herm, what part of the guy inserting a third-party wireless card and saying that the attack is on the drivers didn't you get?

all macbooks have internal wireless cards, why use a third-party external one? oh, to appear on the post hacking an apple computer!

to add insult to injury, the "journalist" clearly lies in the "article" by explicitily saying this attack is on the internal wireless card and drivers!

i'd expect something like this coming from dvorak, but to see this in the post (in my tabloid list from now on) is simply sad.

Ohhh noes! They created a user on the mac with no password and enabled SSH.. and the proceeded to install a 3rd party wireless card and 3rd party buggy driver (Need I note that the macbook has built in wifi?)... And then they make an access point on another pc, connected to this pc from the macbook using the buggy driver and used crappy 'hacking' tools to find the unsecured ssh shell running on the macbook on port 22... Oh boy, that's real hard :sigh:

Seriously, this represents about as much of a threat as giving your password and IP address to someone and telling them you're running an ssh shell and asking them to create and delete some files. Whoopeeee, *gaping security flaw!* I hope you can sense my sarcasm...

And seriously, creating and deleting files? big whoop. They could have at least done something interesting like use the 'say' command to make the macbook talk ;) (Text to speech :))

I believe this is a third party driver, and not an Apple driver (or wireless card). Does the author wish to verify this? Probably not.

Make note, the vulnrability is only on Intel macs. We will likely see more software exploits of intel macs -- because the people in the security industry largely only understand intel processors. Combine that with the relitive ease at exploiting stack overflows on intel compared with PPC, and you have a recipe to turn OSX into the next Windows.

I think they just wanted free advertising to their website.

Doing my best to sidestep the religious war raging on in the above posts, I'm curious as to the comment about 'total system control'. The wifi card in most laptops is just that - a card. It talks over a system bus to the CPU and behaves like any other peripheral. Given this, you would need to construct a firmware attack for the card (which basically has it's own cpu) that causes it to misbehave in such a way as to trigger something nasty in the main cpu's operating system. Maybe there is the possibility of a bug in the firmware allowing a buffer overflow in the driver in the main system that might cause a crash of the kernel. But anything more worrying - such as information leakage - would be harder than doing a double back summersault through 2 burning hoops while typing out the complete works of Shakespeare in Cantonese one-handed, blind-folded and drinking a cup of tea. I'd love to see them do it ;) I also don't think you can draw any comparisons with the recent bluetooth bugs that allowed access to a person's "shared" folders because, unlike bluetooth (which has 'obex push' and 'object pull' profiles as part of its spec.), wifi doesn't have a "mode" for data sharing - it is nothing more than a physical alternative to the wired ethernet layer of normal ethernet networks. I've never heard of a firmware attack that works on a wired ethernet network that manages anything more annoying than a denial of service. Packet snooping doesn't count, obviously.

Man, these comments just show the zealot-ness of the MAC community. As soon as someone says something bad about there little OSX what do they say? "but but windows sucks even more..."

The funniest part is that most of you don't have a clue about security. Yeah windows has a HORRIBLE track record for security...that's because they don't care about security. Well guess what, Apple doesn't care about security either. If they would care they wouldn't use closed source drivers and they wouldn't put things like "connect automatically to any unknown-unsecured network you can find".

What is it then, Brian? These FUD-packers either had the hack to the native Apple WiFi hardware

A) but were "leaned on hard by Apple,"
B) used the bogus USB dongle so as to not be "singling out Apple;"
C) didn't want some yahoo at Black Hat to actually exploit their exploit, or...

D) ...were simply blowing smoke up the arse of a journalist in attendance.

I'm going with "D." And I wasn't anywhere near Vegas.

Are you people all on crack?!!

These bozos bypassed the Macbook's own built-in Apple wireless card.

They imposed BOTH the 3rd party wireless card, the 3rd party driver, and therefore created the vulnerability out of whole cloth, as it were.

Can you say, TOTAL SCAM?

Krebs, you should voluntarily resign for leaving out this little detail.

Hey, here's a thought- why don't I take the Honda-issued tires off my car and put known-defective tires on it. Then, when I have a blowout, I can sue Honda for millions!!

Thanks, Krebs!

I have seen some people ask what "seize total control means" and if you watched the video you would understand. This exploit allows you to get the level of access to the shell as the driver, which I imagine is kernel level. This would let you do anything to the same that you would want to.

And it is indeed a problem with the operating system, but it's a problem with most operating systems. If you run drivers on anything other than user level then you create the potential for an exploit. And while OS X is more secure than Windows, it is far from being safe. Windows is much more backwards compatible than OS X, and this creates holes because of the nature of working with old interfaces. I prefer the compatibility and flexibility of Windows over OS X though, so I accept these inherent problems. However, the larger problems are created by programmers, and both Microsoft and Apple used flawed people to program.

You are not safe when you hide under a rock.

The point is, this vulnerability does NOT exist on a stock Mac! They added the vulnerability, the hardware and the driver.

"Watch while I ignore the safe hardware and deliberately add hardware that's vulnerable. OMG, THE MAC IS VULNERABLE! GET THE WASHINGTON POST ON THE HORN!"

Everyone involved in this should be embarrassed, ESPECIALLY the gullible members of the press.

Having watched the video, I am fascinated :) Let me put forward a theory and see if anyone who is actually interested (rather than just mac / pc bashing) has their own thoughts. I propose that the exploit actually triggers a debug mode in the firmware that opens a basic serial channel into the driver - allowing for monitoring of the firmware while testing. This used to be very common practice and serial ports (virtual or real) are still an essential fallback for server admins. From what I could see in the video, I suspect the debug mode is triggered by the use of a precisely formatted WEP / WPA seed, ssid, session key seed or similar. How you get from a simple shell to full telnet is another interesting problem :)

mac os x has better security record than window, but t doesn't mean it has no seurity flaws.

there is no software without bugs or security flaws. it is all relative

robert,

it's not just macs. watch the video.

as for the rest, it's not worth it anymore. PC users...enjoy your PCs. Mac u