Hackers Expose 'Critical' Wi-Fi Driver Flaw

On Fri, 18 Aug 2006 19:01:35 GMT, snipped-for-privacy@earthlink.net (Neill Massello) wrote in :

Sorry, but I don't see it that way, and I think you're using selective quotation.

Follow-up to the Macbook Post

I'd like to respond to the people who commented on yesterday's post about the video's depiction of the use of a third-party wireless card on the Macbook. I spent more than an hour with Dave Maynor watching this exploit in action and peppering him with questions about it.

During the course of our interview, it came out that Apple had leaned on Maynor and Ellch pretty hard not to make this an issue about the Mac drivers -- mainly because Apple had not fixed the problem yet. Maynor acknowledged that he used a third-party wireless card in the demo so as not to draw attention to the flaw resident in Macbook drivers. But he also admitted that the same flaws were resident in the default Macbook wireless device drivers, and that those drivers were identically exploitable. And that is what I reported.

I stand by my own reporting, as according to Maynor and Ellch it remains a fact that the default Macbook drivers are indeed exploitable.

To all of the commenters who complained about why this demo was not shown live, I refer you back to the text of the blog post, which pointed out the dangers inherent in showing this type of exploit live to a room overflowing with curious hackers who would like nothing more than to capture a copy of the exploit wirelessly and experiment with it.

Again, the whole point of this story was not to pick on Macs, but to point to a security issue that affects multiple operating systems and one that is long overdue for some serious code review by the companies that OEMs rely upon to produce this software.

As always, thanks for all the comments. Keep them coming.

-- Brian Krebs

John Navas quoted:

Thanks for providing additional proof of my point. Apple was essentially the only vendor name mentioned by Ellch and Maynor in connection with this exploit. Two weeks later, all other vendors, including the one that actually wrote the driver used in the Black Hat demo, are still being accorded anonymity "until a patch is available".

But Apple's spokesman claims that SecureWorks (Maynor's employer and the de facto sponsor of the announcement at Black Hat) has provided no information to Apple that would be useful in creating such a patch. Maybe Apple's PR flack is spinning or just plain lying, but Ellch's and Maynor's behavior two weeks ago with regard to Apple can't be squared with that "responsible disclosure policy".

On Fri, 18 Aug 2006 20:08:23 GMT, snipped-for-privacy@earthlink.net (Neill Massello) wrote in :

I didn't write that. Kindly do a better job of quoting and attribution.

I disagree:

The Black Hat Wireless Exploit Interview, Verbatim -Brian Krebs on Computer Security

I've received an overwhelming amount of hate mail from Mac enthusiasts over two previous posts on a wireless-device-driver presentation at the Black Hat hacker conference, with people accusing me of all kinds of nasty things. Rather than respond to every wild accusation under the sun, I thought it best to give readers all of the information that I have on this. I am posting here a word-for-word transcription of a taped interview I had with David Maynor of SecureWorks in his hotel room on Tuesday, Aug. 1 -- the eve of his presentation at Black Hat.

I've been asked this many times, so let me make this crystal clear: I HAD THE OPPORTUNITY TO SEE A LIVE VERSION OF THE DEMO MAYNOR GAVE TO A PUBLIC AUDIENCE THE NEXT DAY. In the video shown at Black Hat, he plugged a third-party USB wireless card into the Macbook -- but IN THE DEMO MAYNOR SHOWED ME PERSONALLY, HE EXPLOITED THE MACBOOK WITHOUT ANY THIRD-PARTY WIRELESS CARD PLUGGED IN. [emphasis added] [MORE]

^^^^^^

Kindly do a better job of reading.

On Fri, 18 Aug 2006 21:57:33 GMT, snipped-for-privacy@earthlink.net (Neill Massello) wrote in :

Been there; done that. What you wrote can easily be interpreted as "quoting John Navas," especially in the absence of proper attribution You should have made the attribution clear.