Home Messages Index
[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index

Re: Hijacking a Macbook in 60 Seconds or Less

  • Subject: Re: Hijacking a Macbook in 60 Seconds or Less
  • From: Roy Schestowitz <newsgroups@xxxxxxxxxxxxxxx>
  • Date: Fri, 04 Aug 2006 09:12:12 +0100
  • Newsgroups: comp.os.linux.advocacy
  • Organization: schestowitz.com / ISBE, Manchester University / ITS
  • References: <1154672009.513707.79090@m79g2000cwm.googlegroups.com>
  • Reply-to: newsgroups@xxxxxxxxxxxxxxx
  • User-agent: KNode/0.7.2
__/ [ nessuno@xxxxxxxxxxxxxxxxxxx ] on Friday 04 August 2006 07:13 \__

> Quote:
> -------------
> If you want to grab the attention of a roomful of hackers, one sure
> fire way to do it is to show them a new method for remotely
> circumventing the security of an Apple Macbook computer to seize total
> control over the machine. That's exactly what hackers Jon "Johnny
> Cache" Ellch and David Maynor plan to show today in their Black Hat
> presentation on hacking the low-level computer code that powers many
> internal and external wireless cards on the market today....
> The video shows Ellch and Maynor targeting a specific security flaw in
> the Macbook's wireless "device driver," the software that allows the
> internal wireless card to communicate with the underlying OS X
> operating system. While those device driver flaws are particular to the
> Macbook -- and presently not publicly disclosed -- Maynor said the two
> have found at least two similar flaws in device drivers for wireless
> cards either designed for or embedded in machines running the Windows
> OS. Still, the presenters said they ultimately decided to run the demo
> against a Mac due to what Maynor called the "Mac user base aura of
> smugness on security."
> -----------
> End quote

I think that some subsequent articles argued the vulnerability could
potentially expose all platforms. This also reminds me of:


,----[ Quote ]
| Public exploits of this vulnerability on either of the other two are yet
| to emerge, so let's not panic just yet. The other two flaws covered a
| privilege escalation vulnerability involving device drivers and
| information disclosure bug involving Intel PROSet management software.

[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index