Submitted by “Last summer, when I wrote ‘Vicious orchestrated assault on MacBook wireless researchers‘, it set off a long chain of heated debates and blogs. I had hoped to release the information on who orchestrated the vicious assault, but threats of lawsuits and a spineless company that refused to defend itself meant I couldn’t disclose the details. A lot has changed since then: Researcher David Maynor is no longer working for SecureWorks, and he’s finally given me permission to publish the details.”
and some people try to paint Apple as a saint in comparison to Microsoft.
At least Microsoft never crushed any individual like this.
He didn’t actually produce any evidence in that artical
To me it sounded like a rant. Poor kid told a joke and noone laughed… bless him
He didn’t actually produce any evidence in that artical
To me it sounded like a rant. Poor kid told a joke and noone laughed… bless him
Exactly and that’s why it’s on his BLOG and not an actual news site. How this sort of drivel gets on OSNews is beyond me.
also microsoft may not have crushed many individuals only entire companies. Now that was nice of them
that’s called competition. going after individuals is assault.
Behaviour like this is why I don’t consider Apple any better than MS.
May be that Microsoft haven’t crushed any individual this way, but they do have a long history of patenting or attempting to patent other persons creations (think grouped taskbar button or BlueJ).
At least Microsoft never crushed any individual like this.
“At that point, Mr. Ballmer picked up a chair and threw it across the room hitting a table in his office,” Lucovosky recounted, adding that Ballmer then launched into a tirade about Google CEO Eric Schmidt. “I’m going to f***ing bury that guy, I have done it before, and I will do it again. I’m going to f***ing kill Google.”
http://news.com.com/Court+docs+Ballmer+vowed+to+kill+Google/2100-10…
“The result was that Apple was forced to patch 62 vulnerabilities in just the first three months of 2007” – he sounds like an angry kid.
Right, like having these things UNpatched would be better. So much for retaliation, the MOAB people actually worked for Apple – for free!
Not exactly. Mac comes out looking bad because of all the vulnerabilities in the SW (Public perception is all in security). MOAB people get their revenge (see above). And the user wins by getting more secure software.
I say that was an optimal result.
I actually said this all along– there was no case of fraud, because the hackers had admitted from the first second they were using third party drivers to hack the MacBook. I’m obviously not sure about the whole puppet master stuff in this article, but I’m inclined to believe it. Why?
All I can say is that I know how Apple responded to my slightly negative review of the MBP.
… sorry for not being up on my TLAs, but what is a MBP in this context?
MacBook Pro
why on earth did someone mod this poster’s question down? He/She/It didn’t know what an acronym meant and asked for clarification. Wheres the beef?
+1
What did they do? It would be good to finally expose these iCons for what they are: cyber bullies.
Apple is the Scientology of the tech world. People thinking Microsoft is bad don’t really know Apple and are ignorant of this company history.
Edited 2007-03-20 19:53
If Apple is to Scientology then for damn sure Microsoft is to The Vatican and it’s history of destroying progress.
By iCons, are you referring to Maynor et al? Oh right, you’re talking about Apple.
All I can say is that I know how Apple responded to my slightly negative review of the MBP.
And why ? perhaps because you are almost always anti Apple.
I remember one of the staff tired of your anti apple bullshit not long time ago on the comments on osnews.
And why ? perhaps because you are almost always anti Apple.
Sure. I wrote raving reviews of Mac OS 10 Tiger, the iMac G5, and the MBP (I was very positive about it in the review, actually!), and have made many of my friends switch or at least think about the switch. But yeah, I’m really anti-Apple.
Yes, I indeed do not like the iPod (I explained why often enough), and yes, I dislike how Apple treats bloggers and journalists. If that makes me anti-Apple, than so be it.
I don’t care.
Edited 2007-03-20 20:33 UTC
If you don’t care, why you answer ?
Maybe you should post Apple’s (hugely negative?) reply on your (slightly negative) review to ZDNet’s blogs…
just kidding!
How did they respond? I never saw that…
I actually said this all along– there was no case of fraud, because the hackers had admitted from the first second they were using third party drivers to hack the MacBook.
Sure, but why show it on a MacBook to begin with, since they all of them have built in wireless and using a third party card on them doesn’t make any sense? Sure they are not “directly” responsible for the misleading “Hack a MacBook in 60 seconds or less” article, but they *had to know something like that would happen. Also, they didn’t simply said “we used a third party card, we didn’t find a vulnerability on the built in card” at first. No. They said (paraphrasing, they were *very* vague in everything relating the whole issue) “We used a third party card because Apple threatened to sue us.”, which implied that they did. HUGE difference.
I’m obviously not sure about the whole puppet master stuff in this article, but I’m inclined to believe it. Why?
All I can say is that I know how Apple responded to my slightly negative review of the MBP.
Sure, big conspiracy orchestrated by the puppet master, Apple! Of course, it couldn’t have anything to do with the fact that the Mac community is very vocal, particularly when someone says things like wanting to “stab one of those [Mac] users in the eye with a lit cigarette or something,”. Yeah, bloggers everywhere needed a puppetmaster pushing them…
Also, about that last sentence you wrote “All I can say is that […]”: That’s exactly the problem here. Everyone involved, including Ou, claims they have evidence, so to speak, but instead of showing it and let everyone arrive to their own conclusions are asking us to take their word, and trust it to be unbiased. That’s far from reasonable and certainly doesn’t do anything other than stir even more rounds of baseless (or not, who knows?) accusations in every direction.
If the hacked system was only made possible when SecureWorks used a third party driver then how is Apple to blaime for defending the company from third parties releasing misleading information to the public? After all the Black Hat demonstration was not done with the drivers supplied by Apple for their Airport Extreme 802.11a/b/g (“n” with the update) wireless chipset found in the MacBook and Airport Extreme Base Station.
Because ‘defending the company’ in this case should not include spreading false stories about supposedly honest, dispassionate security researchers in a bid to discredit them.
… looks prety strange to me. With each new security update, Apple always credits the people who found the bugs. Just take a look at the last one, they have qutoed the MOAB almost ten times.
There is somethin wrong with this story, something that the author doesn’t want to say.
This clown has been proven to be a liar and a fake over and over again. But we know Thom never passes up a chance to slam Apple figuring a lot of his readers won’t know the difference.
Well, I agree with you. And Duffman. It was a terrible and very biased review. If I recall correctly, he tried to fry an egg on it, and complained it was underdone. And then he complained that it burned his fingers! Well, I’d like to see him fry an egg on his Dell! I don’t suppose Microsoft would fry an egg for him! Or burn his fingers if it comes to that. And besides, if he had just let it cook a few more minutes I’m sure it would have been done perfectly.
What’s the matter with these people anyway, they should be so lucky as to have a combined egg fryer and laptop computer, all for the price of a laptop!
But there is no pleasing some people when it comes to Apple. Apple just can’t do anything right for them.
I agree with you. I think its absolutely terrible. Something should be done about it. I’m just really glad Apple finally is.
Cheers!
I remember people talking about how they had stated from the beginning that they where using third party hardware, and that the all out attack on them was really just spin. Goes to show that at the end of the day, you don’t have to be MS to spin lies in this industry, just a bit worried about your reputation. 😉
This story looks prety strange to me. With each new security update, Apple always credits the people who found the bugs. Just take a look at the last one, they have qutoed the MOAB almost ten times.
There is somethin wrong with this story, something that the author doesn’t want to say.
Exactly. And that is that while they NEVER found an actual exploit for the built-in wi-fi card of Macs (just one against a third party card), they went on and on implying that they did (starting from the WSJ article on the exploit).
On top of this, they never produced the code or details. Worst still, they pointed to Apple patching bugs in their network and wi-fi stack as …proof that their “exploit” was real. Since they never disclosed details of their “exploit”, those bugs could be (and most probably are) totally unrelated with it.
It’s like I come up with a a story of how I found an exploit against the Finder (say), without mentioning any specifics. Then, when eventually Apple patches some bug in the finder, I say “See, my exploit is true”.
Apparently, they are the “http://en.wikipedia.org/wiki/CherryOS“>Cherry ” of the security world.
As for Georges Ou, he is of Dvorak quality.
Read the whole saga here:
http://daringfireball.net/2006/08/curious_case
http://daringfireball.net/2006/08/macbook_wireless_saga
http://daringfireball.net/2006/09/open_challenge
http://daringfireball.net/2006/09/challenge_update
http://daringfireball.net/2006/09/lies_damned_lies_and_macbook_wifi…
http://daringfireball.net/2006/09/airport_security_update
http://daringfireball.net/2007/03/show_me
Maybe what you say is true but Daringfireball is so damn biased that he doesn’t make a good source. Hell, he probably stired the pot more anyone else on the net. His challenge was just proof of how small minded he is.
He wishes he had half the influence of Thurrott or Dvorak. While his prose is beautiful, he acts like he has a Neopolean complex.
In his letter to Lynn, Maynor writes the following:
I want to clarify something about the wifi device driver exploit we demonstrated at Black Hat in Las Vegas a couple weeks ago.
Confusion has mounted as to whether the exploit I demoed at Black Hat and for Brian Krebs of the Washington Post is reliant the use of a third party driver. In short, the answer is yes. The MacBook is not inherently vulnerable to the attack, and I never said that it was.
He says that the stock MacBook is not vulnerable to the attack.
Ou then goes on to say:
So what was the end result of all this? Apple continued to claim that there were no vulnerabilities in Mac OS X, but came a month later and patched its wireless drivers (presumably for vulnerabilities that didn’t actually exist). Apple patched these “nonexistent vulnerabilities” but then refused to give any credit to David Maynor and Jon Ellch.
Apple didn’t deny that there were NO vulnerabilities in OS X, they denied that this method would work on the stock configuration MacBook.
And, Maynor and Ellch didn’t deserve credit for the actual patches. They just triggered and internal audit, and Apple employees found some vulnerabilities/flaws regarding their drivers.
A lot of controversy still remains though, partly due to another quote from Maynor to Fleichman of Wi-Fi Networking News:
Umm..I did release the code, it should be showing up on websites at any time. The code proves you can control both a broadcom based powerbook and an atheros based macbook. The only thing missing from the code is the weaponized shellcode which is part of a talk I am doing in a few months.
So which is it? To Lynn he says it isn’t capable to use this exploit on a stock MacBook. But to Fleishman he says that it is. That’s pretty contradictory.
*Edit due to gross misspellings on my part. Oops
Edited 2007-03-20 23:05
*Edit due to gross misspellings on my part. Oops
Firefox 2.x has the built in spelling, I have to use it all the time, my spelling stinks.
I was at the talk at Defcon 14, and I can tell you there was no question that they WERE NOT using the built in Apple wireless, they were very clear about this. It really seems that Apple tried (too hard) to keep straight with their ‘secure’ marketing.
If you read this post closely http://blogs.zdnet.com/Ou/?p=300 you’ll see:
“Brian Krebs who himself had been flamed by Mac enthusiasts defended himself by releasing a word-for-word transcript of an audio tape interview he had with David Maynor in his hotel room. The transcript clearly reveals that Maynor had demonstrated the same exploit on a Mac without any third party wireless hardware! It also turns out Maynor chose an external third party hardware wireless adapter to avoid focusing attention on possible Apple hardware and software issues which may endanger Mac users.”
So that it could be used against a precious Apple system seems more likely. Finally, if you think I’m grasping, it seems like far too much of a coincidence that a FreeBSD patch came out to address a very similar vuln:
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:05…
Come on, all software has bugs, why does Apple have to continue to pretend theirs does not, even when
“So what was the end result of all this? Apple continued to claim that there were no vulnerabilities in Mac OS X, but came a month later and patched its wireless drivers http://blogs.zdnet.com/Ou/?p=326 (presumably for vulnerabilities that didn’t actually exist). Apple patched these “nonexistent vulnerabilities” but then refused to give any credit to David Maynor and Jon Ellch. Since Apple was going to take research, not give proper attribution, and smear security researchers, the security research community responded to Apple’s behavior with the MoAB (Month of Apple Bugs) and released a flood of zero-day exploits without giving Apple any notification. The result was that Apple was forced to patch 62 vulnerabilities in just the first three months of 2007, including last week’s megapatch of 45 vulnerabilities.”
whatever, funny, if Apple would have just owned up to it they could have blamed upstream (freebsd) and crowed about how quickly they addressed an issue brought up the community. Instead they let it drag on for 6 months causing more “in the know” to doubt their side even more.
fak3r
this comment makes no sense…
in other slow news..
isn’t it about time for another “apple stock options scandle, OMG Job is going to prison!” post?
Has Apple claimed to be invulnerable?
1) Maynor and gang demonstrated an attack using a 3rd party card. This is not in question.
2) Maynor and gang claim that it also affects stock Macbooks. This is the point in question, and to date he has yet to demonstrate this.
Your link to FreeBSD’s bug doesn’t prove that the wireless card in the Macbook suffered from the same exploit. This has yet to be proven, however Maynor and gang have constantly alluded to their exploit working on stock Macbooks, and have not provided *any* evidence of it.
Why wouldn’t Apple come down hard on these guys for making unsubstantiated claims? As it is Maynor and gang are spouting FUD about Apple.
I appreciate your reply, let me explain myself a little better here, if I’m too long winded for you, at least see my SUMMARY at the end.
> Has Apple claimed to be invulnerable?
Oh please, Apple’s ads have always touted that they were impervious to attack, which is known to no longer be the case. I think you’re reading a bit too much into this however, you see, I own 2 Macs, and my first ever computer was an Apple //e. I’m far from a Mac hater, but come on, let’s drop the marking BS and leave that to the experts. Here’s a post from apple.com circa 2005:
“By the end of 2005, there were 114,000 known viruses for PCs. In March 2006 alone, 850 new threats were detected against Windows. Zero for Mac. While no computer connected to the Internet will ever be 100% immune from attack, Mac OS X has helped the Mac keep its clean bill of health with a superior UNIX foundation and security features that go above and beyond the norm for PCs. When you get a Mac, only your enthusiasm is contagious.”
http://www.apple.com/getamac/viruses.html
(and yeah, I love that they use viruses and contagious in the same paragraph!)
Are Macs still less vulnerable? Sure, but only due to their popularity. To try an imply that they (or their hardware) are inherently more secure than other systems (AIX, Sun, MS, Linux, *BSD) is pure marketing. Plus the software isn’t want I think was the main point here (again, see SUMMARY for explanation)
> 2) Maynor and gang claim that it also affects stock
> Macbooks. This is the point in question, and to date
> he has yet to demonstrate this.
Did they make such claims or not? That seems to be the question, otherwise I agree with you.
> Your link to FreeBSD’s bug doesn’t prove that the
> wireless card in the Macbook suffered from the same
> exploit. This has yet to be proven, however Maynor
Agreed, it doesn’t prove anything, but as an educated person the inference is there, and Apple’s history of its response to such things have always been less than forthcoming, so the pattern COULD fit. Plus, look at Apple’s denials “it’s never been proven” doesn’t mean that it hasn’t been done. Perhaps Maynor and company are just being smug and enjoying the limelight, but I don’t think that’s the case. And that’s my point, no, I can’t back it up, but it’s what I think, thus it’s a valid comment.
> Why wouldn’t Apple come down hard on these guys for
> making unsubstantiated claims? As it is Maynor and
> gang are spouting FUD about Apple.
And that’s a good point, one that I think points to the fact that Apple doesn’t want the truth to be known; they want to keep the tarnish of exploits away.
SUMMARY:
Look, during the talk here is the OVERALL point they were TRYING to make; with manufacturing trying to keep up with marketing companies are pushing third party drivers that aren’t fully tested onto a public that assumes the device is as safe as the BRAND NAME, and not of the DRIVER’S unknown performance. This is what has been lost in all of this, it doesn’t matter if it’s Apple, HP, Dell or Franklin (!), the point is the hardware is only as secure as a firmware has been tested, which if often not much. You can call this a coverup Maynor and company they dreamed up post-Black Hat or whatever, but it’s what I took home from it.
That’s the FUD right there, the point they made, which was a VERY GOOD ONE, has been completely lost, regardless of if that was the original working theory or not.
Thanks for your reply.
fak3r
After having read that article, I’m now very confused as to what actually happened.
At the time, the press was up in arms about the guys claiming to have an exploit in Mac OS X’s wireless system, and the dissection of the video that showed it was NOT a built-in wifi driver.
Now we get this: That it never was a flaw in Mac OS X, and was always supposed to have third-party drivers.
So was Apple merely trying to squash him for demonstrating that Mac OS X does not automatically guarantee all software running under it is free of security issues?
Or is this an attempt to re-write history, and back off from claims they never should have made?
Or were all those articles blissfully wrong about the video, and intentionally ignoring something supposedly clearly stated in the video?
It turns out the Maynor and gang are confused themselves about what they actually achieved. From the Ou article:
So Maynor and SecureWorks have been telling the truth about this being a third party driver and hardware from the very beginning and they never misrepresented anything. If anything, Maynor went out of his way to avoid implicating any issues on the part of Apple because Brian Krebs of The Washington Post reported that Apple had leaned on Maynor and SecureWorks not to disclose the fact that the default Mac wireless hardware and default drivers were in fact vulnerable as well. When I asked Maynor about this at Black Hat, Maynor would not confirm or deny whether Apple had leaned on him or not saying that he didn’t want to discuss it at the moment. Brian Krebs who himself had been flamed by Mac enthusiasts defended himself by releasing a word-for-word transcript of an audio tape interview he had with David Maynor in his hotel room. The transcript clearly reveals that Maynor had demonstrated the same exploit on a Mac without any third party wireless hardware! It also turns out Maynor chose an external third party hardware wireless adapter to avoid focusing attention on possible Apple hardware and software issues which may endanger Mac users.
This is just from one paragraph in the Ou article. Notice the contradictions (highlighted in bold)? Maynor claims to Ou that the exploit doesn’t work on stock Macbooks. To Krebs, he claims it does.
These guys don’t tell a straight story. They have also failed to demonstrate their exploit working on a stock Macbook (i.e. one without an external card). All they’ve succeeded in doing is maligning Apple (ooh, big bad corporation trying to silence us!) without providing us with any proof that their exploit works.
Edited 2007-03-21 08:04
There are no contradictions.
They claim that:
1. they exploited a bug on the Mac with the builtin wireless drivers. They also did it with 3rd party drivers.
2. Under threat of legal action from Apple (and in the defence of Apple users), they only showed the 3rd party hack at the Blackhat conference.
3. AT THE CONFERENCE, they explained that this was a 3rd party hack and that the DEMONSRATED exploit used a 3rd party driver/card.
4. In a SEPARATE interview, it was disclosed that the hack also worked on the built-in drivers, but that this hadn’t been disclosed at the Blackhat demo.
See. No contradiction. Just a lack of understanding of complex paragraphs by you.
… it was disclosed that the hack also worked on the built-in drivers …
Which has never been demonstrated, merely “tacked” on in later interviews. None of their claims about the built-in Mac wireless driver have been proven.
As it is, they’re sounding like used car salesmen, telling you whatever they think you want to hear.
Yet there have been 2 realistic reasons given for not disclosing the apple-only bug.
And Apple are sounding like a typical American corporation, doing whatever it takes to protect shareholder interests.
I say, until it has been proved either way, neither of us have the authority to decide who was right.
Yes, we all know that Apple is the evil American corporation that will stop at nothing to prosecute security experts who reveal flaws in their system. The scenario where Apple puts a huge amount of legal pressure on SecureWorks to remain quiet about the flaws it discovered seems completely plausible.
Until you see the Month of Apple Bugs. They were not silenced. They were not sued. Their bugs were fixed in subsequent updates and the *credit* was given to MOAB for pointing them out.
But of course that doesn’t matter. Apple is an evil corporation, that deals with flaws in their products by silencing any voices of dissent instead of fixing those flaws. The little guy is always good.
But of course that doesn’t matter. Apple is an evil corporation, that deals with flaws in their products by silencing any voices of dissent instead of fixing those flaws. The little guy is always good.
I didn’t say that. Please don’t put words into my mouth. What I did say was that the ‘little guys’ claimed that Apple were using legal muscle to silence them. This is not an uncommon corporate tactic, with potentially legitimate reasons, and there are methods (i.e. not being affiliated with a particular company as in the case of MOAB) of ignoring these threats.
What I did say is that until someone actually releases some proof either way, no one can legitimately claim to know what happened.
So I suggest that we just STFU.
I don’t know what the fuss is about quite frankly, to me, this is text book Apple – go after the person who found the bug rather than fixing the bug itself – this isn’t the first time they’ve done it.
Has Microsoft done it? yes it has; the latest push by Microsoft was to get security reports ‘downgraded’ by pressuring third party research organisations, for instance.
Its damage control, but conducted in the worse possible way; if you’ve made a mistake, own up to it, and release a fix; if you’re unsure whether it can be verified, then simply say that you can’t verify the exploit but you are going to assign a team of engineers/programmers to investigate, with the help of those who claimed to have found a vulnerability – simple as that.
I was thinking of buying a Mac Mini a while back. They has a $499 version that came with a CD-writer. I thought of buying it and then upgrading later to a DVD-writer. Well, Apple decided you did not need that upgrade and that it would not be available (even through an apple dealer). If you tried to do it yourself, you voided the warranty. That was when I realized that I was just borrowing a computer from Apple, they still owned it. It does make for a more stable environment, but a sometimes scary one.
I was just borrowing a computer from Apple
Not really. You are free to make any modifications to your Mac-mini that you want. The fact that Apple won’t then fix any subsequent problems with it is both understandable, and a common policy. If you want to upgrade with dell without voiding the warranty, it’ll cost you $120 for a ‘Home Hardware Installation’ visit.
I agree that it would be nice to have the option to upgrade the mac-mini, and there are several places around that will do upgrades for you if you want more security than just doing it yourself.
Thanks, I thought upgrading the drive would have violated the warranty. Not trying to spread FUD!
Good to see some negative press on Apple like this. The pious attitude about security and marketing really is getting out of control. Folks, Apple is not your friend. It is a corporation that is accountable to its shareholders like any other, and will protect its own interests at any costs.