Interesting People mailing list archives
more on Breaking into a laptop via Wi-Fi
From: David Farber <dave () farber net>
Date: Fri, 4 Aug 2006 15:09:00 -0400
Begin forwarded message: From: Glenn Tenney CISSM CISM <gt_IP060804 () think org> Date: August 4, 2006 2:45:18 PM EDT To: David Farber <dave () farber net> Subject: Re: [IP] Breaking into a laptop via Wi-Fi On Fri, Aug 04, 2006 at 02:13:11PM -0400, David Farber wrote:
Maynor, along with researcher Jon "Johnny Cache" Ellch, showed a video of a successful attack on an Apple Computer MacBook. However, the attack is possible also on other computers, both laptops and desktops, and not just MacBooks, the researchers said.
In some of the news I've seen on this the headlines make it seem that this is a MacBook vulnerability when instead, they chose to use a third-party WiFi card in a MacBook because, as they say inhttp://blog.washingtonpost.com/securityfix/2006/08/ hijacking_a_macbook_in_60_seco_1.html
"Maynor said the two have found at least two similar flaws in device drivers for wireless cards either designed for or embedded in machines running the Windows OS. Still, the presenters said they ultimately decided to run the demo against a Mac due to what Maynor called the "Mac user base aura of smugness on security." " and, in http://abcnews.go.com/Technology/wireStory?id=2266507 "Maynor said the MacBook used in the demonstration was not using the wireless gear that shipped with the computer." In other words: They did this by plugging in a non-Apple WiFi card into a MacBook (that comes with Apple's WiFi card) and acknowledge that the problem exists on Windows machines too -- and chose to do it on the MacBook just to show that in a roundabout way they could attack a Mac... with non-Apple hardware. I think that, if true (and I don't have reason to doubt it), I'd be even more worried about plugging in a WiFi card to a Windows machine than I would for plugging in a WiFi card into a MacBook (I don't know anyone who does that). If they could have actually exploited this using a stock MacBook with stock Apple WiFi, why didn't they? -- Glenn Tenney CISSP CISM ------------------------------------- You are subscribed as lists-ip () insecure org To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/
Current thread:
- more on Breaking into a laptop via Wi-Fi David Farber (Aug 04)