Maynor demos MacBook Wi-Fi hijack, admits mistakes

Maynor demos MacBook Wi-Fi hijack, admits mistakes

Summary: Looking to put to rest one of the most bizarre vulnerability disclosure disputes in recent memory, hacker David Maynor offered an apology for mistakes made, provided a live demo of the controversial MacBook Wi-Fi takeover and promised to release e-mail exchanges, crash/panic logs and exploit code to clear his tarnished name. Maynor kicked off a presentation at the Black Hat DC 2007 with a demo of the attack against a MacBook running Mac OSX 10.

SHARE:
Looking to put to rest one of the most bizarre vulnerability disclosure disputes in recent memory, hacker David Maynor offered an apology for mistakes made, provided a live demo of the controversial MacBook Wi-Fi takeover and promised to release e-mail exchanges, crash/panic logs and exploit code to clear his tarnished name.David Maynor with MacBook

Maynor kicked off a presentation at the Black Hat DC 2007 with a demo of the attack against a MacBook running Mac OSX 10.4.6, proving that he was able to crash the machine via a device driver flaw in Apple's AirPort Atheros.

He then ran the exploit against a fully patched MacBook to prove that Apple did fix the exact issue he reported, even if the company opted not to credit him, his co-presenter Jon "Johnny Cache" Ellch or his then employer [SecureWorks].

"I screwed up a bit [at last year's Black Hat in Las Vegas]. I probably shouldn't have used an Apple machine in the video demo and I definitely should not have discussed it a journalist ahead of time," Maynor said in an interview after his demo.


 
  Black Hat Gallery: Hackers discuss weaknesses in Wi-Fi drivers, RFID proximity devices and hardware-based forensics. Images in our gallery.  

 
"I made mistakes, I screwed up. You can blame me for a lot of things but don't say we didn't find this and give all the information to Apple.

"They claimed we had nothing to do with their patches but I'll release all the crash and panic logs that we gave to them. You can look at it and decide for yourself," Maynor said. "I'll give you crash/panic logs if you want."

The only difference from the 10.4.6 and 10.4.8 machines is the changes to the Airport code," he said, offering examples of e-mail exchanges he had with Apple's security response team discussing the severity of the threat. For legal reasons, Maynor said he could not share e-mails sent from his SecureWorks address.

He said the code, logs, e-mail exchanges will be published on the Errata Security blog.

Here are the slides from Maynor's presentation (PPT). 

Topics: Collaboration, Apple, Hardware, Wi-Fi

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

200 comments
Log in or register to join the discussion
  • What a joke

    Let's recap:

    1. Maynor demos what he claims is a hack to Apple's airport drivers. It soon turns
    out that it's a third-party card that works in any machine, and that Maynor hates
    Apple and Mac users in general because they are smug about how secure their
    computers are.
    2. He gets called on it and spins like a top.
    3. Ou joins forces with Maynor because Ou also hates Apple, probably for the
    same reasons.
    4. Ou declares that he has the dirt that will vindicate Maynor and prove Apple is
    the lying scumbag dirtball corporation he knows it really is, and he'll tell all in a
    few days.
    5. Weeks go by. Apple patches their airport drivers after crediting Maynor for
    getting them to dig in the code, but claim their patch does not affect Maynor's
    hack, which is non-existent.
    6. Maynor goes to ground.
    7. Ou loudly proclaims Apple is a lying dirtbag scum corporation trying to
    discredit Maynor because Maynor had the guts to Speak Truth to Power, and that
    Ou has the dirt that will vindicate Maynor and prove to the world that Apple is a
    lying dirtbag, scumball company.
    8. 8 months go by.
    9. Maynor crawls out into the light of day and says: Hey, Apple did patch my flaw
    and didn't give me credit for it. See, I'll show you. Here's my hack before the
    patch, and see, it doesn't work after the patch. What? Is it the same hack I did the
    first time? Well, uh, yeah. Because I say so. Just trust me.
    frgough
    • And your point IS????

      All I heard while reading your post was blah blah blah blah blah blah blah blah blah. There was no point and nothing of interest there.

      Care to come again with something a bit more coherent?
      andrej770
      • That's OK

        You don't need to feel badly that you can't understand that this is more Maynor
        theatrics.
        frgough
      • His point is . . .

        oh, never mind. You obviously wouldn't get it anyway.
        brian ansorge
      • and your point?

        idiot!!
        Arm A. Geddon
    • Maybe

      Maynor and Ou still want to put out a light cigarette in all Mac users eyes. ;)
      Rick_K
      • Henceforth, let the one-eyed smiley be the symbol for all Mac users

        If Maynor and Ou smoke, I wish them healthy and productive cancer cells.
        YinToYourYang-22527499
    • Your kind is beyond hope.

      So your theory is that although Maynor got his ass chewed out by the low likes of you the first time because he didn't squeal right away, that now hes back to take a real horrible beating because hes saying so much this time that if he is lying even he knows he would get caught. I suggest hes not lying and facts are facts and you just don't like them. GO cry me a river of Apple red tears.

      You know, enough is enough, its time for you to at least attempt to accept reality. People who are not wearing "APPLE COLORED GLASSES" said ages ago that Apple hasn't ever denied the vulnerability even once. They just don't give credit where credit is due and rely on the over sized loud mouths of their all too SMUG users to create enough flying FUD to drown out the real questions. YOU LOSE. GET USED TO IT.
      Cayble
      • HWta I don't understand

        Is why Maynor would show the "exploit" on 10.4.6 when 10.4.7 was already out at
        the time, and then show it not present in 10.4.8, later, despite the fact that 10.4.7
        was around when he demonstrated the exploit?

        Does it exist in 10.4.7?

        If not, Maynor has demonstrated nothing.

        What am I missing here?
        Lettuce.Pickles
    • What a Joke - Author or programmer?

      People who really cares who get's credit for fixing a flaw in an OS. Seems Maynor made a mistake by not showing his work initially and now wants credit. The Author of this talkback wants everyone to think Apple is the BOmb. Who cares if you nif you Apple or Microsoft. All I care about is that fixes are fixed. BOTH OS's have issues and I only want them fixed. I have used them both and know of some quirky things as a user in both OS's.

      I have kids who use Mac's (strickly because of school) and I use Microsoft. I want my Kid's computers to as hacker proof as possible. Let's just get things fixed and stop complaining about who gets what credit and what OS is better.
      palo905@...
  • Oh boy - here we go.

    These Apple fan boys are more zealous and fanatical than Al Qaeda, and operate on about the same tolerance level. Let the ranting posts begin!
    ejhonda
    • Ah the irony

      The second post up here is from a Windows fanboy whining about Apple fanboys. Funny how insanely obsessed you guys are with users of Apple's computers. Why do you care so much?
      tic swayback
      • jumping the gun

        EJHonda made no references to any OS except state something about Mac fanboys. How exactly can you come to a conclusion from this post that he is a Windows fanboy. Seems like he just made a comment about Apple fanboys.
        code_Warrior
        • It's real simple

          EJHonda has posted Pro Microsoft Anti Everything else posts on ZDNet before. He/
          she (it) has shown a certain [b]Zealotry[/b] for Microsoft.
          Rick_K
          • and so...

            there are Windows Zealots, Linux Zealots, and Mac Zealots.... big freakin deal... it seems most of them hang out on ZDNet just waiting for a story to get posted so that one can blast the other. Perhaps you should all just have a party, and settle your disputes with rock 'em sock 'em robots.
            Badgered
          • I just don't get it

            ---there are Windows Zealots, Linux Zealots, and Mac Zealots.... big freakin deal... ---

            Exactly. I'd bet there are more posts complaining about zealots, or accusing others of being zealots than there are posts by zealots. Boring.
            tic swayback
          • These people are

            Zealot zealots.
            Prime Detailer
          • Plus, the other givaway is

            He dare speaketh against the Creator. He who blasphemes against Apple, shall be punished by Apple.
            John Zern
      • Nice try

        Just cant wait for the first claim of straw man to come flying off your fingers rattling through your keyboard. Ignore the fact if you will that you let your big mouth run on far too long near the end of this controversy and now you would just as soon have everyone who found themselves reading your outrageously biased point of view forget you wrote some of the things you did by deflecting the now fair commentary by claiming Windows users are " insanely obsessed....with users of Apple's computers"

        All I can say is nice try. Its not going to work. Not even a little bit. The likes of you had to be stubborn, ignorant, biased and had little interest in reason when honest questions were asked about Apples lack of forthcoming statements and instead you just turned up your SMUG noses and decided that if Apple was avoiding telling all that that would be a lie, and Apple would never lie so anyone who asked fair questions was just a jerk according to the likes of you.

        Now you can live with the results of being so smug, and don't think claims of strawman(which you have repeatedly proved you have no true concept of)or claims that WIndows users are obsessed, its you Apple users that are obsessed, you purposely chose to ignore any possibility that Apples refusal to deny the vulnerability existed left open the possibility that it did exist. You chose to bluntly ignore simple straightforward logic that literally dictated that given every fact publicly know that it was still quite possible that the exploit existed and now all you have to say for your sorry self is "Funny how insanely obsessed you guys are with users of Apple's computers. Why do you care so much?"

        NICE TRY. Today you get some of your own back. Choke on it if you don't like it you insulting...
        Cayble
        • It's all still true

          Your arguments, and the arguments of others were strawmen, and many Windows users are oddly obsessed with Macs and Mac users. Sorry if you can't handle the truth. Here's another one:

          ---you purposely chose to ignore any possibility that Apples refusal to deny the vulnerability existed left open the possibility that it did exist---

          Please find a quote where I said there's no possibility the vulnerability existed. I repeatedly said that the evidence does not support the claim, and that no back up was offered for the claim so I won't believe it until it is offered. There's a big difference there.

          Apple's systems have lots of vulnerabilities. Always have, still do despite the recent patches. I've never denied that. That's the big strawman you and others keep repeating, that we smug Mac users are so unaware of reality we can't realize that.

          Keep obsessing over our behavior, it only proves my point further.
          tic swayback