Hacker Publishes Notorious Apple Wi-Fi Attack 114
inkslinger77 writes "It's been about a year since David Maynor claimed to have found a way to take over a Mac using a flaw in a Wireless driver. He's now published his work for public scrutiny. Maynor had been under a nondisclosure agreement, which had previously prevented him from publishing details of the hack, but the NDA is over now and by going public with the information, Maynor hopes to help other Apple researchers with new documentation on things like Wi-Fi debugging and the Mac OS X kernel core dumping facility."
Really good sleuthing (Score:3, Interesting)
First he bombards the network with random packets. Then the actual packet in question may not cause a crash for up to 5 minutes. Then he tracks down which packet it was and how using the contents of that packet he can use another packet to set up a code execution exploit.
Really good work. And no cookie for Apple whose driver choked on data.
Re:An object lesson (Score:1, Interesting)
The naïveté of this post made me laugh! +2 Humor of Stupidity!
Author: If you didn't get that, let me explain. Traditional Unix(TM) based operating systems are notorious for being highly proprietary, and their sources closely guarded secrets. Recently, of course, some unix-like vendors such as Sun have decided to open-source those OSes, but this is the exception, not the rule.
Let me further inform you that Apple's OS X most definitely *IS* a unix-like OS as well, being based on the Mach kernel hosting Darwin, which is a variant of BSD and thus open-source. Thus, Apple's kernel, at least, is open-sourced to a degree, though the overlying GUI, and probably the network driver involved here, are not. What you probably meant to refer to in your elitist rant was GNU/Linux, and/or BSD. To that end, vulnerabilities in both do arise occasionally, so don't think that FLOSS is a magic safe-guard against imperfect code.
Re:This WASN'T an "Apple WiFi hack"! (Score:5, Interesting)
Some Apple fans got a bit rabid. Not because a security flaw was found - there have been a good number of those since OS X started, and resposible disclosure has never caused users to go apeshit before - but because of the way the flaw was publicised without any real information. On top of that, he made that crack about stabbing Mac users in the eye with a pencil. What was that about? Who says these things and expects no reaction whatsoever?
Then he started saying he'd had death threats. Still haven't seen the threats and apparently they were serious enough to publicise but not enough to call the police in. I lost touch with the story when it seemed to be just poor reporting with low information content and pissy blog wars.
And now a secret NDA is up and he can talk about it. Well, good for him. It's about a year too late, but there's still publicity to be made I see.
Re:This WASN'T an "Apple WiFi hack"! (Score:3, Interesting)
Granted, I certainly think he was trying to maximize the publicity and that statement certainly set the stage for the reaction that was to come. However, at least to me (and I'd assume many others) it was the reaction which was a bit surreal and made it interesting.
And now a secret NDA is up and he can talk about it. Well, good for him. It's about a year too late
I have seen many saying the same basic thing in response to this release of information, which I find a bit strange. A bit simplified view of what happened (at least in my eyes):
David Maynor: We found a successful attack which effects Mac OS X and this deomonstration will show it to you!!!! BTW you Apple guys are losers.
Apple supporters: Give us details on the attack or you are a liar!!!!!
David Maynor: I'm legally unable to at this time.
Apple supporters: Your a dirty liar!!! I knew it!!!! My Mac isn't vulnerable!
David Maynor: It is but I really cannot talk about it right now. I've shown it in action but cannot yet release details
Apple supporters: Shut up and die you lieing maggot!!!!!
Apple supporters: We don't care about your stupid details! Shut up and go away!!!!
Re:This WASN'T an "Apple WiFi hack"! (Score:3, Interesting)
If this guy ever hacks a MacBook's built in wireless with typical user settings, then this would be an Apple story. As it is now, it is a story about how insanely obsessed the anti-Mac crowd is with trying to break OS X and only lends further credence to Apple's claim of OS X's excellent security (good enough for the Department of Defense and the NSA, in some cases).
Re:An object lesson (Score:3, Interesting)
This flaw can be exploited on Unix, Linux, BSD, Windows, OS X. If the Olsen-twins made an OS using the same hardware and code base for network drivers, their Olsen-twin-OS would have the same flaw as well. In fact, the wide application of this flaw is the main reason it is truly newsworthy.
I politely recommend reading the article, and studying the problem in more depth before your next post.
Re:This WASN'T an "Apple WiFi hack"! (Score:3, Interesting)
Re:Correct me if I'm wrong.. (Score:2, Interesting)
When does Jon "Daringfireball" Gruber apologize? (Score:3, Interesting)
It was true. He owes them a laptop...