I haven't been following this specific thread very closely, so I
apologize if I cover areas that have already been "talked up."
One of my internal customers came to me today with an inquiry from an
extremely large external customer regarding this issue.
This is basically the informal information I passed on:
Because of the way this suspected exploit was demonstrated, as well as
the extreme lack of reliable and consistent information and data to
support these claims, there are far more questions than answers.
It's important to note that the researchers have stated "there was
nothing Mac-specific in the attack. The problem was not in the OS X
operating system from Apple, but in the third-party 'device driver'
software."
Newsforge.com points out "that they'd used a third-party Wi-Fi card in
the demo of the exploit, rather than the MacBook's internal Wi-Fi card."
The researchers pointed out that "the exploit would work whether the
third-party card -- which they declined to identify -- was inserted in a
Mac, Windows, or Linux laptop."
The best information and advice comes from the venerable MacFixIt.com,
in their article "How to protect your Mac's Wi-Fi from attack." Since
the article is no longer available without a subscription, I'll reprint
select portions below (via MacDailyNews.com):
"By now you've likely read much coverage regarding the now infamous
'MacBook Wireless Hack' -- a video that was publicly exposed at the
Black Hat security conference purportedly showing a standard MacBook
(with a third-party wireless card) being compromised by a Dell laptop
within wireless range," MacFixIt reports.
"In a nutshell, the controversy regarding this video is such: The
security flaw exploited in the video is performed using a third-party,
USB-based Wi-Fi card, not the MacBook's native, built-in AirPort
hardware/software. However, the creators of the video claim that the
MacBook's hardware is similarly susceptible, but no demonstration was
carried out using the native hardware due to 'pressure' from Apple,"
MacFixIt reports. "Without an explanation of the actual exploit, and in
the absence of any commentary from Apple, it is impossible to speculate
whether or not the MacBook's native hardware is actually vulnerable to
this flaw as claimed."
"Another point of consideration is the level of access afforded by this
hack. In the video demonstration, the hostile Dell machine was able to
access user-level functions only. There was no indication as to whether
any admin or root-user level tasks could be accomplished," MacFixIt
reports.
MacFixIt offers an easy recipe to plug this "security hole" - never join
untrusted wireless access points:
* Open System Preferences and navigate to the Network pane * Select
Airport, and click "Configure"
* Go to the Airport tab
* From the "By default join" menu, select "Preferred Networks" rather
than "Automatic"
* Next delete all non trusted networks from the list.
MacFixIt explains, "This will cause your portable to connect only to
trusted networks, refraining from automatically joining networks without
user permission."
Lastly, there are ongoing discussions about this supposed vulnerability
on our SecurityFocus.com mailing list for Apple security issues:
http://www.securityfocus.com/archive/142
Todd D. Woodward
Product Support Analyst
Security Response Researcher
Enterprise Macintosh Products
Symantec Corporation
Springfield, Oregon
www.symantec.com
-----------------------------------------------------
Office: 541-335-7441
Email: todd_woodward (at) symantec (dot) com [email concealed]
-----------------------------------------------------
Because action drives Symantec: We deliver above expectations without
being told.
apologize if I cover areas that have already been "talked up."
One of my internal customers came to me today with an inquiry from an
extremely large external customer regarding this issue.
This is basically the informal information I passed on:
Because of the way this suspected exploit was demonstrated, as well as
the extreme lack of reliable and consistent information and data to
support these claims, there are far more questions than answers.
It's important to note that the researchers have stated "there was
nothing Mac-specific in the attack. The problem was not in the OS X
operating system from Apple, but in the third-party 'device driver'
software."
Newsforge.com points out "that they'd used a third-party Wi-Fi card in
the demo of the exploit, rather than the MacBook's internal Wi-Fi card."
The researchers pointed out that "the exploit would work whether the
third-party card -- which they declined to identify -- was inserted in a
Mac, Windows, or Linux laptop."
The best information and advice comes from the venerable MacFixIt.com,
in their article "How to protect your Mac's Wi-Fi from attack." Since
the article is no longer available without a subscription, I'll reprint
select portions below (via MacDailyNews.com):
"By now you've likely read much coverage regarding the now infamous
'MacBook Wireless Hack' -- a video that was publicly exposed at the
Black Hat security conference purportedly showing a standard MacBook
(with a third-party wireless card) being compromised by a Dell laptop
within wireless range," MacFixIt reports.
"In a nutshell, the controversy regarding this video is such: The
security flaw exploited in the video is performed using a third-party,
USB-based Wi-Fi card, not the MacBook's native, built-in AirPort
hardware/software. However, the creators of the video claim that the
MacBook's hardware is similarly susceptible, but no demonstration was
carried out using the native hardware due to 'pressure' from Apple,"
MacFixIt reports. "Without an explanation of the actual exploit, and in
the absence of any commentary from Apple, it is impossible to speculate
whether or not the MacBook's native hardware is actually vulnerable to
this flaw as claimed."
"Another point of consideration is the level of access afforded by this
hack. In the video demonstration, the hostile Dell machine was able to
access user-level functions only. There was no indication as to whether
any admin or root-user level tasks could be accomplished," MacFixIt
reports.
MacFixIt offers an easy recipe to plug this "security hole" - never join
untrusted wireless access points:
* Open System Preferences and navigate to the Network pane * Select
Airport, and click "Configure"
* Go to the Airport tab
* From the "By default join" menu, select "Preferred Networks" rather
than "Automatic"
* Next delete all non trusted networks from the list.
MacFixIt explains, "This will cause your portable to connect only to
trusted networks, refraining from automatically joining networks without
user permission."
Lastly, there are ongoing discussions about this supposed vulnerability
on our SecurityFocus.com mailing list for Apple security issues:
http://www.securityfocus.com/archive/142
Todd D. Woodward
Product Support Analyst
Security Response Researcher
Enterprise Macintosh Products
Symantec Corporation
Springfield, Oregon
www.symantec.com
-----------------------------------------------------
Office: 541-335-7441
Email: todd_woodward (at) symantec (dot) com [email concealed]
-----------------------------------------------------
Because action drives Symantec: We deliver above expectations without
being told.
[ reply ]