News, info, and opinion by Mac users, for Mac users.

September 19, 2007

security

MacBook hack saga resurfaces, Mac community groans

Posted Sep. 19, ’07, 5:19 AM PT by Derik DeLong
Category | Security

MacBook hack Perhaps motivated by winning an award for most hyped hack, David Maynor has finally revealed details of the MacBook hack that dragged on and on as Mac fans wanted proof and information about the hack while Maynor and Ellch stonewalled. The situation got worse as Mac advocates demanded more strongly that the duo put up or shut up, while they responded with “you guys are a bunch of know-nothing jerks”. The act got old real quick. Eventually, Ellch accused Apple of employing lawyers in a black helicopter.

Since then, we thought the whole thing died out until Maynor promised the source code back in February, only not to deliver. He’s finally given the details. I read through the article, which doesn’t skimp on the detail (a refreshing change of pace). I’ve read through it and all it all seems kosher, but without the equipment and time to reproduce it, I can’t very well verify. Luckily, Glenn Fleishman has some colleagues that have volunteered to do so.

The entire exploit seems to have been based on the lack of bounds checking in the part of a wireless access points response about available speeds. While this may settle whether the hack was real (unless you want to be really paranoid and conclude that the release of this article was delayed because Maynor spent all this time finding a real exploit), it still doesn’t explain the bizarre behavior or even speak to whether Maynor/Ellch or Apple’s Lynn Fox was telling the truth about disclosure.

Maynor says the delay was due to an NDA with an undisclosed company and that a third party card was used in the video because he was told (by undisclosed people) that it would be less offensive. Uh huh.

Further, the wireless driver source code Maynor uses for comparison (because it’s so similar to Apple’s) already had a range check that wasn’t present in Apple’s binary. That check would have defeated the exploit, meaning Apple’s patch could have independently fixed the issue without any input from the duo. There, clear as mud.

[via Macworld]


4 Comments

Turtle Heart said:

What is this story about. I have never heard the hype and have no idea what you are writing about. Generally you guys often have a literacy problem and a coherance one as well. What seems obvious to you is a disservice to your readers and this incoherent, out of context articles appear way to often, Strange that the internet has made communication more evolved than ever, while the writers seem to be going in the opposite direction...that is towards a shallowness and lack of detail. Though you guys do it all the time, it surprises me never the less....William

September 20, 2007 3:05 AM
Derik DeLong Author Profile Page said:

I linked the last update to this story, which in turn links the first story in the saga. I also tried to sum it up in the first paragraph. If you'd like more detail, feel free to scan security archives. We assume for longer running stories some level of familiarity and awareness of news in the Mac community or news we've previously run on the blog. We try to keep stories short and sweet and had I documented the entire saga in detail before diving in, the story would have been too long for display on the main page, leaving only backstory on it, leaving the actual meat of the story buried in the extended portion. It just doesn't work for our format.

I'm sorry I confused you.

September 20, 2007 4:21 AM
flint said:

No confusion here - it would be far too boring to rehash it all over again...and be a sad reminder of how much time I wasted reading the stuff.
I still smell a rat even knowing that Apple are certainly capable of heaping excrement on their own PR doorstep. But who is worse? Maynor/Ellch, Brian Krebs of the Washington Post whose sloppy inaccurate reporting stroked the bonfire or the ranting George Ou(CNET) who seems incapable of rational thinking where apple is concerned?
'While this may settle whether the hack was real (unless you want to be really paranoid and conclude that the release of this article was delayed because Maynor spent all this time finding a real exploit)'...
Perhaps you should strike paranoid in the light of John Grubers(Daring Fireball) challenge with a macBook as the prize if the exploit was demoed to his satisfaction, which was issued on the 5th September. The offer was later doubled by Jim Thompson(Sex, Drugs and Unix) and Gruber even joked about making it a gold-plated macBook....don't ya just love overconfidence.
Maybe this explains the story's resurrection?
As always, there's no such thing as bad publicity for teflon Apple.

September 20, 2007 5:20 AM
Anonymous said:

Maynor choose to demo this on a mac since he knew it would get more attention that way, and it certainly did. It sounds like sour grapes today for him to complain about the backlash. As for the NDA, he could have EASILY calmed the rhetoric that ensued a year ago about his silence by telling people that he had an NDA to abide by. To he honest I don't think he recognizes how his actions around this single event hurt the public's perception of him and his industry. Apple didn't do themselves many favours either but from what I get back from my clients is that Maynor and friends could have done a far better job at disclosing this.

September 21, 2007 5:08 PM

Leave a comment

 



Visit other IDG sites: