MacBook WiFi hacker cancels talk

MacBook WiFi hacker cancels talk

Summary: Instead of a planned presentation WiFi hacker Johnny Ellch delivered only a prepared statement at ToorCon, San Diego's annual security conference on Saturday.

SHARE:
TOPICS: Security
7

Instead of a planned presentation WiFi hacker Johnny Ellch delivered only a prepared statement at ToorCon, San Diego's annual security conference on Saturday.

I reported last week that Maynor and Ellch were scheduled to speak at ToorCon, where the inflammatory duo's "complete story" of their infamous MacBook WiFi hack was to be told. The talk was supposed to "offer analysis and commentary of public responses while at the same time giving anyone who has a question a chance to have it answered" according to the hyperbole on the conference Web site.

Boing Boing reports that "at the eleventh hour, the talk was canceled due to pressure from Maynor's employer, SecureWorks, apparently at the behest of Apple." The scathing text of Ellch's remarks are on Boing Boing.

Fellow ZDNet blogger George Ou is all over the story and has posted SecureWorks statement regarding the presentation:

SecureWorks and Apple are working together in conjunction with the CERT Coordination Center on any reported security issues. We will not make any additional public statements regarding work underway until both companies agree, along with CERT/CC, that it is appropriate.

 The plot thickens.

Topic: Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

7 comments
Log in or register to join the discussion
  • Is Apple responsible?

    You seem to have missed this part of the Boing Boing piece:
    "one colleague at the show said she spoke to an Apple employee in the audience who denied that Apple had leaned on SecureWorks"
    tic swayback
    • Ellch's Remarks

      I don't know if Apple is responsible for the cancellation or not, but I did find Johnny Ellch's remarks interesting:

      "Let's recap this thing.

      We give a talk saying that device drivers have lots of bugs.

      We demo one bug in Apple.

      A few days later, when Apple starts flaking on a patch, we tell them we are going to do a live demo of it at ToorCon, so it would be a good idea to get it patched before that.

      Apple says that it doesnt exist, and we didnt talk to them about it.

      A few weeks later (1 week before ToorCon) they patch it, and say we had nothing to do with it.

      One day before the talk, secureworks and Apple get together to and manage to stop dave from coming. They also issue a cutesy press release."

      Hmmm....
      Jason D. O'Grady
      • Someone is lying here

        Ellch is pretty clearly saying that the patches Apple recently issued directly address the alleged exploit he and Maynor claimed to have found (but not demonstrated for anyone other than one journalist). Apple very clearly stated when they released the patches that they were unrelated to anything Maynor and Ellch claimed to have found. Seems pretty contradictory to me, and I still haven't heard a single good reason why Apple would be lying here. They've had an excellent record over the years of working with and crediting security firms. Why all of a sudden throw that all away over something that (if true) could easily be proved?

        ---One day before the talk, secureworks and Apple get together to and manage to stop dave from coming. They also issue a cutesy press release.---

        Actually, this is wrong as far as I can tell. The press release came from SecureWorks, not from SecureWorks and Apple.
        tic swayback
      • Ellch is revising the story.

        They never demoed a bug "in Apple" - they demo'ed a bug in a
        third party driver for a third party card. They allegedly demo'ed a
        bug in the Apple driver to one journalist but given that this
        journalist was incompetent in their write up (and obviously
        ignorant of tech anyway) of this alleged demonstration, there is
        absolutely no way of confirming this to have been the case.

        Apple has also never said that a bug didn't exist. They have only
        ever said that no bug was ever demonstrated to them or
        submitted to them by Maynor and Ellch. The Apple commentary
        on this is on the record and in plain view. Read it and you won't
        find a single instance of them denying that a bug exists.

        All Maynor and Ellch have ever had to do was put their money
        where their mouth was and demonstrate this alleged exploit on a
        MacBook out of the box and running only the native software.
        They've had plenty of opportunity to do it and they haven't. There
        still is nothing to stop them from doing it so why don't they?
        Could it be because they never could do so in the first place?
        They should either put up or shut the f**k up - if you are going
        to throw down a gauntlet, you better have the balls to be able to
        stand there and have it slapped round your face instead of crying
        to tabloid hacks all the time.
        JKT
  • the Golden Rule

    It's the Golden Rule... He who has the Gold makes the rules!
    michael@...
    • Who has the gold then?

      Are you implying that "Apple" has the gold in this case?

      - Jason
      Jason D. O'Grady
  • jegugct 50 azw

    jhjibp,neaoklsd92, cbryq.
    bdfwekrwe65-24378982602337640137675794745148