Mac Hack Saga Gets Even Weirder
Regular readers of TechSmec.com may remember that back in August we brought you reports of the Apple notebook hacking demo that caused a stir at the Black Hat USA 2006 conference. Apple dismissed the demo as unproven at the time and the Mac community rallied against the two SecureWorks reseachers, David Maynor and Jon “Johnny Cache” Ellch. Hell hath no fury like a Mac-lover scorned.
The two were due to present at the ToorCon hacker event on Saturday, but only Ellch turned up. His accusation was thinly veiled, to say the least.
“I can not give this talk without Dave,” Ellch said. “Dave very much wanted to be here. The fact that SecureWorks and Apple managed to compel him not to, means that they must have had something very compelling to stop him.”
So, what is going on? TechSmec.com puts on its deer-stalker hat and looks at the evidence, Sherlock-style…
What started all of this?
Two respected, but hardly famous, hackers demonstrate on video their hacking of the WiFi connection on an Apple notebook.
Why on video? Isn’t that a bit suspicious?
Those security-conscious chaps realised that someone in their knowledgable audience might be able to intercept the packets over WiFi and reverse engineer the process.
Oh right. And did everyone believe them then?
Most people, those who could normally be categorised as ‘Windows users’. Mac users were somewhat more sceptical. In fact they were downright angry.
What got up their noses so much?
Didn’t you know? Macs are unhackable, never get viruses, and are the only way of ensuring world peace.
Really?
Of course not! But Apple would have you believe so and 5% of the computer owning world has fallen for it. In fact they probably aren’t much more secure than a PC running Windows XP, but until now no one could be bothered hacking them.
So Maynor and Ellch wanted to expose this lie.
Actually no. The researchers stressed that the exploit was not specific to Mac wireless cards, but to wireless cards in general. They used a Mac for the demo because OSX is considered a more secure operating system that Windows and wanted to show how powerful the hack was.
Storm in a teacup.
Not if you are Apple. They got a little upset as well and debunked the demonstration. They don’t like having their un-hackable image tarnished, even if it is a third party piece of hardware that’s causing the problem.
What did Maynor and Ellch do?
They announced a LIVE demonstration. The world waited with baited breath until…
Yes?
Apple released a patch for the ‘not really a hack, hack’. Maynor didn’t show up after his company, SecureWorks, pulled him from the event and Ellch went on the war path. “That’s funny,” he said. “I thought there was no bug, and I thought SecureWorks provided no useful information to Apple.”
So Mac notebook users can breathe again?
It appears so. The hack, that never actually existed according to Apple, has been patched….by Apple.
But if the fault was in third party hardware doesn’t that mean that lots of non-Mac notebooks are vulnerable?
Exactly…..
Add comment October 1st, 2006