If you've been following the drama over the hackability of a MacBook's wireless driver your head is probably spinning. The latest news is that the MacBook's wireless device driver is indeed hackable with the exploit demonstrated at the Black Hat conference in Las Vegas on Wednesday.
First, some background is in order. Washington Post blogger Brian Krebs first reported at 7:30 a.m. on August 2nd that a pair of hackers had developed a "new method for remotely circumventing the security of an Apple Macbook computer to seize total control over the machine."
Then at 6:45 p.m. Krebs amended his post with the actual video shown at the conference clearly showing that the MacBook in question was in fact using a third-party wireless card connected via a USB card reader. At several points in the video Dave Maynor disclaims this fact, even stating at the beginning "Don't think however just because we're attacking Apple, the flaw itself is in an Apple, we're actually using a third-party wireless card."
In his follow-up post at 9:00 a.m. ET on August 3 Krebs mentions that the exploit does indeed work with the default MacBook wireless device driver and that Apple had pressured the hackers to use a third-party wireless card in a USB card reader attached to the MacBook.
During the course of our interview, it came out that Apple had leaned on Maynor and Ellch pretty hard not to make this an issue about the Mac drivers -- mainly because Apple had not fixed the problem yet. Maynor acknowledged that he used a third-party wireless card in the demo so as not to draw attention to the flaw resident in Macbook drivers. But he also admitted that the same flaws were resident in the default Macbook wireless device drivers, and that those drivers were identically exploitable. And that is what I reported.
So, it turns out that MacBook users aren't are safe from the exploit as Apple's PR machine would have you believe. If you want to stay as safe as possible keep your Airport connection turned off when it's not in use and never connect to an unknown WiFi access point.