MacBook wireless hacked, not hacked, ok hacked

Summary:If you've been following the drama over the hackability of a MacBook's wireless driver your head is probably spinning. The latest news is that the MacBook's wireless device driver is indeed hackable with the exploit demonstrated at the Black Hat conference in Las Vegas on Wednesday.

owned-macbook.png
If you've been following the drama over the hackability of a MacBook's wireless driver your head is probably spinning. The latest news is that the MacBook's wireless device driver is indeed hackable with the exploit demonstrated at the Black Hat conference in Las Vegas on Wednesday.

First, some background is in order. Washington Post blogger Brian Krebs first reported at 7:30 a.m. on August 2nd that a pair of hackers had developed a "new method for remotely circumventing the security of an Apple Macbook computer to seize total control over the machine."

Then at 6:45 p.m. Krebs amended his post with the actual video shown at the conference clearly showing that the MacBook in question was in fact using a third-party wireless card connected via a USB card reader. At several points in the video Dave Maynor disclaims this fact, even stating at the beginning "Don't think however just because we're attacking Apple, the flaw itself is in an Apple, we're actually using a third-party wireless card."

In his follow-up post at 9:00 a.m. ET on August 3 Krebs mentions that the exploit does indeed work with the default MacBook wireless device driver and that Apple had pressured the hackers to use a third-party wireless card in a USB card reader attached to the MacBook.

During the course of our interview, it came out that Apple had leaned on Maynor and Ellch pretty hard not to make this an issue about the Mac drivers -- mainly because Apple had not fixed the problem yet. Maynor acknowledged that he used a third-party wireless card in the demo so as not to draw attention to the flaw resident in Macbook drivers. But he also admitted that the same flaws were resident in the default Macbook wireless device drivers, and that those drivers were identically exploitable. And that is what I reported.

So, it turns out that MacBook users aren't are safe from the exploit as Apple's PR machine would have you believe. If you want to stay as safe as possible keep your Airport connection turned off when it's not in use and never connect to an unknown WiFi access point.

Topics: Wi-Fi

About

Jason D. O'Grady developed an affinity for Apple computers after using the original Lisa, and this affinity turned into a bona-fide obsession when he got the original 128 KB Macintosh in 1984. He started writing one of the first Web sites about Apple (O'Grady's PowerPage) in 1995 and is considered to be one of the fathers of blogging.... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.