WiFi Hacking Demo Causes a Stir
It’s not often that a video-taped demonstration of a hacking technique causes a stir, but that’s exactly what happened when David Maynor, a SecureWorks researcher and Jon “Johnny Cache” Ellch showed how they could take control of an Apple notebook at the Black Hat USA 2006 conference.
In the demo, the two researchers used a Dell laptop running XP to take control of an Apple notebook running OSX. Nothing unusual there, but what made this technique jaw-dropping for the conference delegates was that the Apple wireless card wasn’t looking for a connnection and involved no authentication whatsoever. With a fuzzing attack (throwing wireless packets at a laptop with a Wi-Fi card), the Dell was able to take control of the Mac by installing a root-kit. Then Maynor easily created and deleted files from the Mac desktop in real time.
The demo wasn’t performed live at the conference to prevent malicious delegates intercepting the packets and revese-engineering the attack for their own evil deeds.
Maynor and Ellch were reportedly mobbed after the video was shown by delegates keen to understand how they had acheived the hack.
The researchers stressed that the exploit was not specific to Mac wireless cards, but to wireless cards in general. They used a Mac for the demo because OSX is considered a more secure operating system that Windows and wanted to show how powerful the hack was. Nevertheless, the fact that a Mac was used for the demo has attracted the wrath of Mac fanatics, keen to point out that the wireless hardware inside a MacBook is not made by Apple, as if that makes any difference.
You can watch the video at the Washington Post website.
Add comment August 4th, 2006