Mac Wireless driver Security vulnerability revisited



A couple weeks ago the hot story was about the demonstration of a vulnerability in a 3rd party wireless card driver on a Mac. The individuals that demonstrated the vulnerability (in a video taped presentation) also claimed that many wireless drivers were vulnerable to this same flaw and it included the MacBook native drivers (among others.) There was immediate controversy over the fact it was a video demo. I thought their explanation for that was reasonable. (They didn’t want to give a room full of crackers a chance to sniff the wireless traffic and get TOO much detail on the exploit before vendors had a good chance to give updates.) Well… at this point it sounds like among other things, they have not yet demonstrated to Apple an effective use of this exploit against the wireless drivers on the macbook.


It seems that Apple has strongly refuted their claims and frankly it’s sounding more and more as though there was a good deal of “smoke and mirrors”. According to the latest update, Atheros (the company that provides the wireless device for the macbooks) hasn’t been notified of any issues either.

Apparently earlier in the year, SecureWorks (the company that presented the supposed vulnerability) had alerted Apple to a wireless vulnerability in the FreeBSD system (which OS X is based on) which related to a vulnerability in the discovery of wireless networks. It’s unclear if that patch had been made in Apple’s OS X.

This really sums it up…

“SecureWorks has not be able to exploit this for us,” Fox said. “No one has been able to show us a way to exploit our internal [wireless] device drviers with that flaw.”

–Update 8/24/06–

It seems the blogstorm over this has not quit. Some are REALLY giving Brian Krebs a hard time over what he reported. Many are jumping to conclusions fairly quickly. George Ou is following some of the “debate”. (Earlier post at this link.) It’s clear from his article that there are things that aren’t publicly known YET. It will be interesting to see how things develop. It sounds as though the situation will hang around a while. The research group that presented the vulnerability apparently didn’t share any code with Apple over the issue, but the way I read it – it is quite likely that Apple’s driver is vulnerable to a similar issue, JUST AS THEY TOLD BRIAN KREBS.

It sounds like the next few days may see some real sparks flying on this story. (Up until now, we’ve only got the “shock and outrage” over the “admission” that it wasn’t an Apple vulnerability…..) Just wait and prepare to read (and think it through), this will be interesting.

   Send article as PDF   

Similar Posts