Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Johnny Cache Breaks Silence On Wi-Fi Exploit

kdawson posted more than 7 years ago | from the lawyers-from-black-helicopters dept.

288

Joe Barr writes, "Johnny Cache — aka Jon Ellch — is chafing under the cone of silence placed over him and co-presenter Dave Maynor about the Wi-Fi exploit they presented at Black Hat and DEFCON last month. So he has finally broken his silence on NewsForge in hopes of ending the personal attacks coming from what he implies is a smear campaign started by Apple." (Newsforge and Slashdot are both owned by OSTG.)

Johhny Cache writes, "If you're going to post a news story that is a rehash of my post to a mailing list, I would much prefer it if people actaully just read the post in its entirety."

cancel ×

288 comments

Sorry! There are no comments related to the filter you selected.

BAM! (0)

#include (130485) | more than 7 years ago | (#16038904)

Wow...is this a frist psot? I'm not sure. Could be...

chafing (1)

Gary W. Longsine (124661) | more than 7 years ago | (#16038905)

under the cone of silence... give me a break.

Re:chafing (0)

Anonymous Coward | more than 7 years ago | (#16038940)

omfgz! who even uses chafing?

Re:chafing (0)

Anonymous Coward | more than 7 years ago | (#16038975)

Well at least it isn't a cone of cold...

Re:chafing (0, Flamebait)

AchiIIe (974900) | more than 7 years ago | (#16039283)

The video was fabricated, see: http://www.smallworks.com/archives/00000461.htm? [smallworks.com]
Secureworks claims the card used was a usb device, however a high resolution video of the attack shows the mac address and the device (en1) was actually a apple wifi card.
Here is a screenshot of when he typed ifconfig: screenshot [ln-s.net] you'll see that even tho the claimed it was an external wifi card that was compromised, the connection has gone through the regular airport connection. The smallworks article goes into details, but the video was faked, no question about it.

Re:chafing (0, Flamebait)

AchiIIe (974900) | more than 7 years ago | (#16039548)

Oops, the image ran out of bandwith, here's a mirror: maynor video screenshots [tinyurl.com] (image 6)
If you check the mac address you will see that it's an apple mac address. See the IEEE OUI [ieee.org] list.

So, what we have is:
a) Maynor claiming he is using an external card
b) Maynor claiming that the ip they got is 192.168.1.50 (see the video [smallworks.com] )
c) According to the screenshot [tinyurl.com] the mac address associated with that ip is 00-17-F2-41-31-6D
d) According to the IEEE OUI [ieee.org] that mac address belongs to apple
e) Maynor claiming [vnunet.com] he did not hack the apple driver but an external card's driver

THE VIDEO WAS FAKED. END OF STORY

Ah yes (0)

Anonymous Coward | more than 7 years ago | (#16038907)

Chief! If we are to talk about something top secret, we must use the cone of silence!

black hats are SO 1999 (0)

Anonymous Coward | more than 7 years ago | (#16038914)

Time to move with the times people.

So..? (4, Interesting)

ericdano (113424) | more than 7 years ago | (#16038917)

So, is he going to take Daringfireball's [daringfireball.net] challenge or not? I think his whole thing has tarnished him, and he won't recover.

Re:So..? (1)

pfrankenstein (837467) | more than 7 years ago | (#16038978)

Agreed. He should put his money where his mouth is. As for the comments about the lawyers, that's pure FUD.

Re:So..? (1)

RickHunter (103108) | more than 7 years ago | (#16038984)

Of course not. There's no exploit. If there was, he'd be walking away with a free Macbook.

Re:So..? (5, Funny)

Who235 (959706) | more than 7 years ago | (#16039038)

Maybe he doesn't want one, seeing as how they're so easy to exploit. . .

Re:So..? (2, Funny)

Anonymous Coward | more than 7 years ago | (#16039057)

And some huge legal costs.

I mean, MacBooks are overpriced, but not that overpriced.

Re:So..? (1)

bealzabobs_youruncle (971430) | more than 7 years ago | (#16039062)

Yea, the whole debate really had no where to go until DFB came up with that challenge, no Johnny just looks like so much weak sauce (I think the community digs it when I get down verbally)...

Re:So..? (0)

Anonymous Coward | more than 7 years ago | (#16039290)

Real Genius fan?

Re:So..? (5, Insightful)

Thrip (994947) | more than 7 years ago | (#16039320)

So, if I put on my blog that I challenge George Bush to provide some proof of [pick anything that's ever come out of his mouth], at a mall of his choosing, and I'll give him a free laptop if he does it, and he never shows up, that proves ... what exactly?

I'm sure John Gruber's blog is extremely important to John Gruber, but if some guys who are clearly dealing with a mountain of legal issues right now choose not to meet him at the mall, you can't take that as evidence of anything -- except that Gruber's pretty clever at diverting attention to himself.

Re:So..? (0)

ericdano (113424) | more than 7 years ago | (#16039380)

No. You aren't even making a good argument, and bringing in a strawman (IE: Bush) isn't going to help you.

Ellch and Maynor go out, make a huge media ruckus about being able to get into a wireless computer, an Apple computer, and they clearly rigged the whole thing. Gruber is calling them on it. As are all the legal people.

Re:So..? (3, Insightful)

schon (31600) | more than 7 years ago | (#16039459)

You aren't even making a good argument, and bringing in a strawman (IE: Bush) isn't going to help you.

He's making a great argument - I'd say that the fact that you don't know what a strawman is stopping you from understanding it.

Re:So..? (1)

Thrip (994947) | more than 7 years ago | (#16039473)

I'm not bringing in a strawman, I'm making an analogy. Sigh, I guess I need to stop doing that, since there's always someone who doesn't get it and calls me a troll. Let me make it perfectly clear for you: someone who has more important things to do than respond to an unrelated person's challenge, will not respond to said challenge. Follow me so far?

Yes, Gruber is calling them out on it. Which is a clever publicity move for Gruber, but does not have any bearing on whether their exploit is real. Unless you think these guys are more concerned over Gruber's readership's opinion than any of the other things they have on their plate right now. Maybe that's so.

Re:So..? (4, Insightful)

mellon (7048) | more than 7 years ago | (#16039329)

The way these things work is that when someone hacks your hardware, you get an injunction to stop them from talking about it. If they talk about it, they go to jail for contempt of court. If you were to RTFA, you might get the very strong impression that he's under an injunction of this type.

It's always fun to look for bad guys in situations like this, but both Apple and Mr. "Cache" here are wearing white hats. You want both of them to be doing what they're doing, and it's lame to make it into a flame war. You want Mr. Cache breaking drivers, because then they get fixed, and your Mac doesn't get 0wned when you're down at Starbucks watching YouTube videos.

And you want Apple to try to dissuade him from publishing his hack, because you want them to fix it before every random hacker figures it out, and the sooner he publishes, the sooner the black hats will have an exploit. So if Apple doesn't get him to stop talking, maybe your Mac will get 0wned down at *$$.

But you still want Apple to be paranoid about the information getting out, so that they release the bug fix quickly, not slowly. And so what he's done with this article is useful, because he's basically said how the hack works, and now presumably the black hats are working on trying to duplicate the hack. And Apple knows this, and so the patch release will probably come sooner. And so your laptop won't get 0wned at *$$. W00t!

What I don't see here is bluster. This isn't high school. People don't get up on stage at defcon and claim to have hacked something they didn't really hack. The reason they do these hacks is to improve security, not to count coup. You owe the guy your thanks, not your hopes that his reputation is ruined.

Re:So..? (1)

ericdano (113424) | more than 7 years ago | (#16039406)

False. I'm sure if he was selling snake oil that would protect you from spam and other nasty things you'd believe him as well.....

Re:So..? (1)

dozer (30790) | more than 7 years ago | (#16039502)

You're expecting him to spend at least a day, maybe two, just to win a $1200 computer?

If he really wants to call a big bluff, why doesn't "daring" fireball at least put up some decent stakes?

This guy really is full of himself (2, Insightful)

Mononoke (88668) | more than 7 years ago | (#16038919)

He also went on to explain that while the debate was centered in the Mac blogger community, it made no sense to discuss it because most of them wouldn't understand the explanation if he gave it,
Most of any community is not going to understand it, including this community. He comes across as nothing more than an attention-whoring little hacker with an axe to grind against Apple.

Re:This guy really is full of himself (0)

Anonymous Coward | more than 7 years ago | (#16038955)

"Most of any community is not going to understand it, including this community. He comes across as nothing more than an attention-whoring little hacker with an axe to grind against Apple."

Ah, much like the slashdot community with Microsoft

Re:This guy really is full of himself (3, Insightful)

Anonymous Coward | more than 7 years ago | (#16039324)

Ah, much like the slashdot community with Microsoft

The only difference is most of us don't need a rigged demo to break into a Windows machine...

Re:This guy really is full of himself (1)

houghi (78078) | more than 7 years ago | (#16039052)

He comes across as nothing more than an attention-whoring little hacker with an axe to grind against Apple.


You make it sound as if that would be a bad thing.

Re:This guy really is full of himself (4, Insightful)

MrResistor (120588) | more than 7 years ago | (#16039449)

So what if he is? If his hack works, it works. Period.

An attack on his personality doesn't invalidate that.

Article text (4, Informative)

Anonymous Coward | more than 7 years ago | (#16038926)

Johnny Cache breaks silence on Apple Wi-Fi exploit

Monday September 04, 2006 (01:07 PM GMT)

By: Joe Barr

Jon Ellch -- aka Johnny Cache -- was one of the presenters of the now infamous "faux disclosure" at Black Hat and DEFCON last month. Ellch and co-presenter Dave Maynor have gone silent since then, fueling speculation that the entire presentation may have been a hoax. Ellch finally broke the silence in an email to the Daily Dave security mailing list over the weekend, and one thing is clear: he is chafing under the cone of silence which has been placed over the two of them.

Ellch explains their silence since the presentations in his email by saying:

        Secureworks absolutely insists on being exceedingly responsible and doesn't want to release any details about anything until Apple issues a patch. Whether or not this position was taken after a special ops team of lawyers parachuted in out of a black helicopter is up for speculation.

He also went on to explain that while the debate was centered in the Mac blogger community, it made no sense to discuss it because most of them wouldn't understand the explanation if he gave it, adding, "Since this conversation has moved into a venue of people who can actually grasp the details of this, I'm ready to start saying something."

Ellch then breaks down the elements of the vulnerability and possible exploits, but in the context of Intel drivers rather than Apple's, asking and then answering the obvious question of why he did so when he wrote: "Why am I switching the subject from Apple's bug to Intel's? Because it's patched, and Secureworks has no influence over what I say regarding this one."

He buttressed his explanation of how he crashed the Intel Centrino driver by creating a race condition by flooding it with UDP packets and disassociation requests with links to dumps of crashes he caused using this technique.

Ellch notes that a crash caused this way doesn't guarantee a successful exploit, saying "If you're lucky, your UDP packet will end up on the stack. If you're less lucky, a beacon packet from a nearby network will end up on the stack. In the case where I successfully overwrote eip (Extended Instruction Pointer), the UDP packet was 1400 bytes."

He also responded to criticisms that he and Maynor have simply been "playing the media" instead of reporting an actual vulnerability and exploit, saying:

        You know, of all the comments I see, the ones that 'we played the media' make the least sense. Have you ever seen me in the news before? No. Have I ever talked to a reporter before? No. Am I doing a very good job of winning this PR smear campaign lynn fox ignited? No. If I was so deft at manipulating the media, would I be explaining myself on dailydave praying that a few technically competent people will actually get it?

I contacted Ellch by email after reading his post and asked if he was claiming Apple is the cause of their silence. He replied:

        Let's just say its pretty obvious I'm not happy about being silent. So much so that i'm releasing non-apple bugs to convince people that we do in fact know what we're talking about.

Re:Article text (2, Insightful)

rbannon (512814) | more than 7 years ago | (#16038954)

I still don't see him coming clean on this one. Or maybe, like he says, people like me won't understand it anyway.

In any case, I think he's really not being forthcoming with respect to what the hack entails, and maybe that's due to Apple's aggressive lawyers. In any case I'd like to see more details.

Re:Article text (2, Funny)

cHiphead (17854) | more than 7 years ago | (#16039314)

my guess would be its another NSA exploit built into wireless cards. It'd make sense. Plus his reference to black helicopters in a seemingly innocent but suspect way.

*engage nutjob conspiracy theories*

Cheers. ;)

Huh huh huh huh/ Heh heh heh (1)

10100111001 (931992) | more than 7 years ago | (#16038997)

He buttressed his explanation of how he crashed the Intel Centrino driver by creating a race condition by flooding it with UDP packets and disassociation requests with links to dumps of crashes he caused using this technique.

He said "butt".

It's not tech details, it's proving it works (4, Interesting)

eggboard (315140) | more than 7 years ago | (#16039316)

Ellch misdirects attention very clearly. The "Mac bloggers," which include a lot of non-Mac bloggers, have generally said, look, if what Ellch and Maynor showed Brian Krebs is true, then just demonstrate the real Apple exploit without revealing details.

The article above states, "He also went on to explain that while the debate was centered in the Mac blogger community, it made no sense to discuss it because most of them wouldn't understand the explanation if he gave it, adding, "Since this conversation has moved into a venue of people who can actually grasp the details of this, I'm ready to start saying something." "

Thanks for the condescension! It's not necessary. I will note that no one sensible, including myself (over at wifinetnews.com) has asked for the code. Rather, we've asked for Maynor and Ellch to either state that they mislead Brian Krebs, that Apple lied when they stated the company wasn't presented with credible evidence, or that they have material that Krebs saw and Apple hadn't seen yet.

John Gruber did a face-off, not asking for the code, but asking for a simple demonstration with a $1,099 plus sales tax prize.

How does Gruber not understand the technical details when he isn't asking for them? He's asking for a black-box showdown.

"Implies" my fanny. He says it right out. (4, Interesting)

Shayde (189538) | more than 7 years ago | (#16038950)

If that's just an 'implication', I'll eat my hat. It's pretty obvious that his going silent is the result of Apple putting the thumbscrews to him. He states that the ONLY reason he's saying something now is because he's talking about Intels drivers, not Apples. It's blatantly obvious that Apple's lawyers have come down on him like a ton of bricks, forcing him to be quiet until they get a patch out. This way no one can report about the 'insecurity' of the OSX platform - there are no exploits, see? As long as you're patched and up to date!

Re:"Implies" my fanny. He says it right out. (1, Interesting)

Anonymous Coward | more than 7 years ago | (#16038967)

So THAT's why Apple's oh-so-vicious lawyers let them GO AHEAD AND USE A MAC IN THE FUCKING DEMO.

Riiiiiiighhht.

Puleeeze.

Re:"Implies" my fanny. He says it right out. (2, Insightful)

Dun Malg (230075) | more than 7 years ago | (#16039266)

So THAT's why Apple's oh-so-vicious lawyers let them GO AHEAD AND USE A MAC IN THE FUCKING DEMO. Riiiiiiighhht. Puleeeze.
Last I checked, lawyers generally have fuck-all authority to prohibit your use of hardware that you own, genius.

Re:"Implies" my fanny. He says it right out. (4, Funny)

rbannon (512814) | more than 7 years ago | (#16038972)

If that's true, I think Microsoft should hire away Apple's lawyers.

Re:"Implies" my fanny. He says it right out. (3, Insightful)

Mononoke (88668) | more than 7 years ago | (#16039008)

So Apple is supposed to patch someone else's drivers for a wi-fi card that would never be used with a Mac?

Apple probably looked at these guys and laughed.

Next thing you know, these guys will be "discovering" cold fusion.

Re:"Implies" my fanny. He says it right out. (5, Interesting)

Anonymous Coward | more than 7 years ago | (#16039069)

<blockquote>So Apple is supposed to patch someone else's drivers for a wi-fi card that would never be used with a Mac?
Apple probably looked at these guys and laughed. </blockquote>

Silly rabbit! What the author is inplying, very transparently, is that they found an exploit in the Apple driver that is very similiar to the one in Intel's driver.

Due to his NDA with his company he can't say what he might know about Apple's driver, but he can certainly point out a similar bug and exploit with a similar Intel driver and let you infer what you will... namely that a very similar bug exists in the Apple driver.

Now, whether that's true or not... that's another story.

Re:"Implies" my fanny. He says it right out. (0)

Anonymous Coward | more than 7 years ago | (#16039201)

The reading comprehension skills you've exhibited in this post is not what I've come to expect from such a low userid.

How is it "obvious" ? (4, Insightful)

Infonaut (96956) | more than 7 years ago | (#16039063)

It's blatantly obvious that Apple's lawyers have come down on him like a ton of bricks

If Apple's lawyers wrote a nastygram to these guys, don't you think we'd have seen it by now? The first thing anyone in a public situation like this does when they get pressure from the big players is to publicize the legal threats.

At the moment all we have is the word of someone who cast aspersions at Mac users, disingenuously claimed that he was exploiting Apple security flaws, and now claims (not so subtly) that Apple's lawyers are the reason he can't come clean.

Just paranoid delusions? (1, Informative)

masonbrown (208074) | more than 7 years ago | (#16039301)

I still don't see any proof that Apple's lawyers have done anything.

I can imply very loudly that Microsoft has been threatening me for years, but that doesn't mean they even know I exist.

Re:How is it "obvious" ? (0)

Anonymous Coward | more than 7 years ago | (#16039311)

Oh... I don't know. Mac users seem to deserve more than "aspersions" (whatever that means, I'm assuming something bad). You know, like bitch needs slapping.

Re:How is it "obvious" ? (0)

Anonymous Coward | more than 7 years ago | (#16039462)

If Apple's lawyers wrote a nastygram to these guys, don't you think we'd have seen it by now? The first thing anyone in a public situation like this does when they get pressure from the big players is to publicize the legal threats.

Anytime I've ever seen someone publish a legal nastygram there usually is an explanation by the page owner that they've consulted a lawyer before doing so. Not knowing Cache's situation, I can think of a number of reasons why he wouldn't post any possible correspondence that he got from Apple's lawyers. Most of them having to do with preserving his financial well-being. Your assumption that publishing a nastygram is the norm in these types of cases is baseless since obviously you would never know about the number of people who choose not to take on a corporate law firm in that fashion.

Re:"Implies" my fanny. He says it right out. (2, Interesting)

bnenning (58349) | more than 7 years ago | (#16039127)

It's blatantly obvious that Apple's lawyers have come down on him like a ton of bricks

Perhaps to you. To others, it's "blatantly obvious" that he has some weird issue with Apple and enjoys spreading FUD. His "clarification" provides no support either way.

He states that the ONLY reason he's saying something now is because he's talking about Intels drivers, not Apples

Or maybe that's all he actually has an exploit for. I don't know, and neither do you.

Re:"Implies" my fanny. He says it right out. (0)

Anonymous Coward | more than 7 years ago | (#16039529)

One thing we can be sure of is that there will be a hell of a lot less bugs found in OS X after this, seeing what kind of treatment you get if you discover one.

Re:"Implies" my fanny. He says it right out. (1)

Scrameustache (459504) | more than 7 years ago | (#16039128)

This way no one can report about the 'insecurity' of the OSX platform

Then what, pray tell, are you doing right there in that post of yours?

there are no exploits, see? As long as you're patched and up to date!

That's right, they get him to shut up about the how-to, they fix the hole, and voilà: no exploits in the wild! Everybody wins.

Re:"Implies" my fanny. He says it right out. (0)

Anonymous Coward | more than 7 years ago | (#16039131)

There are some inconsistencies, they refuse to reveal anything until Apple makes a patch, but it's not apple's code that needs a patch. I'm guessing that's not goign to happen.


I'm also guessing that we'll never see anything revealed from him because it was a fake, he'll always have excuses. If he was approached by lawyers, publish the documents. There is nothing against the law doing that. What he wants is to slander apple for doing something they didn't do. This guy clearly hates apple for whatever reason.


If apple did rattle his cage, that's more of a story than the actual exploit itself, if he's looking to actually make a name for himself that is legit, go open with that.

Re:"Implies" my fanny. He says it right out. (0)

Anonymous Coward | more than 7 years ago | (#16039259)

Didn't someone from Apple state that they never heard from those guys shortly after their Black Hat demonstration?

Re:"Implies" my fanny. He says it right out. (0)

Anonymous Coward | more than 7 years ago | (#16039518)

He states that the ONLY reason he's saying something now is because he's talking about Intels drivers, not Apples.

They didn't seem to mind talking about how Apple "leaned on them pretty hard" [washingtonpost.com] back when they were claiming that the exploit worked on the Apple-supplied driver. You know -- before they admitted that the vulnerability demonstrated used a third-party driver [secureworks.com] , and not the one that Apple ships?

It's blatantly obvious that Apple's lawyers have come down on him like a ton of bricks, forcing him to be quiet until they get a patch out.

How? On what grounds could they do this?

Also note where Ellch says: "Why am I switching the subject from Apple's bug to Intel's? Because it's patched, and Secureworks has no influence over what I say regarding this one."

Macjihad (0, Flamebait)

Anonymous Coward | more than 7 years ago | (#16038961)

I know the feeling. If you even dare to suggest that an Apple might even have the slightest imperfection, the crazy Appleist Fundementalist Extremists will start a Jihad against you.

Re:Macjihad (0)

Anonymous Coward | more than 7 years ago | (#16039036)

When you claim to have invented a perpetual motion machine, you better damn well be able to take the heat of someone wanting you to prove your claims. Incredible claims require incredible proof.

Re:Macjihad (4, Interesting)

OmnipotentEntity (702752) | more than 7 years ago | (#16039503)

Umm... something having a bug isn't an incredible claim. Sure, it's not a good thing but it [microsoft.com] happens [apache.com] to [ibm.com] everyone. [apple.com] It's nothing to be ashamed about. Just get the bastard fixed and stop dicking about.

This isn't about a perpetual motion machine or an entropy reducing device, or even P vs. NP or Riemann's Hypothesis. This is code. This isn't world changing. Bugs happen, then they get fixed. If they want to stay silent to dodge liability let them. If there is a bug it'll be patched, if there isn't they'll fade into obscurity.

Re:Macjihad (0)

Anonymous Coward | more than 7 years ago | (#16039543)

So a hack exploiting a Mac WiFi bug is like the proverbial "perpetual motion machine." Some of you Mac people take the cake, you know.

Mac Jihad... (3, Funny)

bigtallmofo (695287) | more than 7 years ago | (#16039370)

The analogy is actually pretty apt. You have a group of people that basically run the world - "The West" (in this case, non-Apple users) and a downtrodden ragtag group of extremely proud people convinced that their way is better - "The Islamist Fascists" (in this case, Apple users).

It's very common for them to lash out at everyone because of their true feelings of inferiority and lack of understanding as to why everyone doesn't see the world like they do.

Case in point - I'll be modded -9 Troll in about 30 seconds as every Mac user with mod points steps on their own mother to mod be down.

Re:Mac Jihad... (0)

Anonymous Coward | more than 7 years ago | (#16039517)

Sure. Except it's actually Mac users who run the world, and PC users are the worthless ragheads. When was the last time you heard of a PC user accomplishing anything of note? Doesn't happen often. They are backwards. They live in the 1980s. They've contributed nothing meaningful to humanity for decades and decades. While the different thinkers are out writing AppleScripts, making HyperCard stacks, mixing in Logic Pro, editing collaboratively in SubEthaEdit, proofing rainbow banners in Illustrator, creating wealth through a variety of postmodern/postindustrial models and winning Nobels and Pulitzers and Grammys and Tonys and Oscars and Pritzkers along the way, the PC users are sitting on their asses downloading the fruits of the Mac users' labor (how else do you explain so many being able to reference Futurama, bash the New Yorker, etc.?)

Hacking... (0)

Anonymous Coward | more than 7 years ago | (#16038966)

Hacking is not just throwing a bunch of 1400 byte UDP packets at a stack. For gods sake, this "hack" is not exploitable. It is a denial of service attack at the most.

Re:Hacking... (1)

ryanr (30917) | more than 7 years ago | (#16039005)

So, are you not familiar with EIP, then?

Black helicopters? Even in metaphor? (5, Insightful)

Sunburnt (890890) | more than 7 years ago | (#16039001)

The classic defense of the madman or the liar: "What I say is true, but terrible, unspeakable things would happen were I to prove my assertion. You'll just have to take my inability to prove my assertion as evidence of its validity."

What a schmuck.

the way I know apple (1)

AlgorithMan (937244) | more than 7 years ago | (#16039022)

the way I know apple, they are going to sue him [slashdot.org] now
before they only threw dirt to make him look unreliable, but now they'll be throwing lawyers to stop him from proving he's right (or as they would say - to stop him from damaging their business)

Apple threw dirt at him? (3, Interesting)

Infonaut (96956) | more than 7 years ago | (#16039094)

before they only threw dirt to make him look unreliable

Point me to the link where Apple threw dirt at him.

There are plenty of bloggers who did the research on their own and asked the right kind of questions, but I've never seen anything from Apple attacking him. Maybe you're referring to Apple pointing out [macworld.com] that he used a third party USB device and didn't disclose any info to Apple about the exploit? I wouldn't exactly call that throwing dirt.

my bad (1)

AlgorithMan (937244) | more than 7 years ago | (#16039451)

sorry, didn't read the linked article and misunderstood this one
my bad

still i don't like apple ;)

Re:Apple threw dirt at him? (2, Funny)

Hercules Peanut (540188) | more than 7 years ago | (#16039455)

I think you're exacty right.

The worst thing about the dirt throwing smear campaign concept is that they (he?) fired first with the "Mac user base aura of smugness on security." comment. Sorry folks, that couldn't be taken as flattery by anyone. In fact, given Apple's lawyers, you might not be surprised if they considered that the proverial throwing down of the gauntlett. It was a poor choice of words in any event and could in no way be expected to endear them to Apple.

I can hear it now: (Entering Johny Cache dream sequence)

Lynn Fox: Hey Steve, these hackers just announced an exploit and demoed it on one of our new Macbooks. They thought we would appreciate it because of our current Mac user base aura of smugness on security.

Steve jobs: Wow! That's great. Hey Lynn, how about calling the legal department and having them issue a letter of congratulations on my behalf to these very helpful young men.

Lynn Fox: I'll take care of it immediately. Would you like for me to acknowledge our failure as a company on Macworld too?

Steve Jobs: Sure Lynn, that would be swell. Oh, we might want to contact one of our programmers to see if there is any possibility of fixing this.

Lynn Fox: Good idea Steve.

Steve Jobs: Maybe we should give these guys a grant.

Lyn Fox: I'm sure our guys in legal will take care of that too.

Steve Jobs: I have a really good feeling about this.

Re:the way I know apple (0)

Anonymous Coward | more than 7 years ago | (#16039172)

The way you know Apple? Oh THANK GOD! Someone has finally entered the discussion who has an insightful view of Apple's behavior! You, sir, a truly a king amongst slashdotters!

It took all of 2 paragraphs to go ad hominem... (2, Interesting)

jpellino (202698) | more than 7 years ago | (#16039024)

And insult the intelligence of Mac users.
That's the way to prove your point.
As someone said, show this on a "bog standard" Mac from and I'll pay attention.

Re:It took all of 2 paragraphs to go ad hominem... (0)

Anonymous Coward | more than 7 years ago | (#16039064)

"Intelligence" and "Mac users" are mutually exclusive terms.

As the boot-licking Macinistas huffing and puffing here prove.

One can only imagine the screams of outrage if this were Microsoft pulling the same bullshit.

The Mac Demographic (0, Troll)

Anonymous Coward | more than 7 years ago | (#16039166)

All available [com.com] studies [metafacts.com] show that not only are Mac users (excluding recent switchers) smarter than PC users, they're more creative [atspace.com] , discerning [atspace.com] , and artistic [atspace.com] , too.

Not that I think you'll believe those statistics, anyway. Denial of science (e.g. Bible-thumping anti-evolutionism) is characteristic of PC users.

Re:The Mac Demographic (0)

Anonymous Coward | more than 7 years ago | (#16039308)

Unfortunately, those "statistics" (and random pictures) are an effect of Mac _not_ being the dominant OS on the market. If Mac OSX was more common than WinXP, I can bet you a gazillion dollars that the stats would be changed.

Honestly weird (2, Interesting)

jackjeff (955699) | more than 7 years ago | (#16039061)

I watched that video. He says it's smth in the driver... and then shows a Mac also says it would work on a PC. Then, all Intel mac laptops have WIFI now, but he choses to use an external WIFI PC-Card, huh.. sorry Express Card. I know Apple are not angels, but I just can't help be suspicious about it:
- how can a driver have the same bug on windows and macos x?
- why use this stupid external card? what are the chances it did have the same chipset as the internal one?
- and odds are the bug is a buffer overrun... does it take a SO LONG for apple to fix a stupid memory overrun?

That story won't finish well foro someone. The smoke screen is too thick. Either:
- This guy did overrate some minor problem in a misleading way for Apple laptops. Oh.. a third party driver with a bug. Or it's Apple driver with only a thirdparty card. In that case, he's discredited in the domain of security for the rest of his life.
- Apple did really pressure him (as he tends to hint). They're then not only legal jackasses (we know that already) but also incompetent to fix a bug (and that suprises me). In that case the company he's discredited in the domain of security for a while, and they can quit the "virus ads.. mac is secure" for a while.

Future will tell.

Re:Honestly weird (0)

Anonymous Coward | more than 7 years ago | (#16039141)

What he's talking about now has nothing to do with the Apple bug. He's basically just talking about an Intel bug as a way to also let people know that Apple has made him shut up about the Apple bug.

Re:Honestly weird (0)

Anonymous Coward | more than 7 years ago | (#16039237)

> - how can a driver have the same bug on windows and macos x?

If it is a Intel Centrino WIFI card the card runs its own firmware. If that firmware has a bug that he can exploit he can gain control over the card. The card is a PCI cards and PCI cards can be a bus master, that is, the card can do a DMA transfer to anywhere in physical memory. The vulnerability is the same, if you have full access to the phycial memory of the box the details of what to write where is just a small matter of programming.

Re:Honestly weird (1)

Jeff DeMaagd (2015) | more than 7 years ago | (#16039256)

I think it's probably a USB network part, not Express Card. There are not many ExpressCards available, and I don't remember seeing any of them for wireless networking.

Given that almost nobody will be using an external USB card on a Centrino or MacBook, I need to see that it's a bug that affects what's internal to to Centrino and MacBook families.

I don't understand how Intel's drivers have anything to do with it, it doesn't make sense that they will write drivers for OS X. I'm not totally certain that Intel's wireless chip is in the Apple notebooks. If Intel's firmware is a culprit, then saying "drivers" is disingenuous.

Then we aren't really sure that the Intel wireless chip is in the Apple product family. I think it's known that the iMac Core Duo uses a Broadcom chip. My system seems to indicate that it's using an Atheros chip, at least I don't see any other wireless driver on my MacBook Pro.

Re:Honestly weird (1)

BKWatch (1000323) | more than 7 years ago | (#16039351)

If the MacBook in the video was really hacked as SecureWorks says, then it has to be a USB part -- MacBooks don't have ExpressCard slots. Apple doesn't support any USB 802.11 adaptors.....why would Apple presure them if the flaw was only in the USB... My growing sense is they found a minor flaw in a USB driver but then faked the demo (for simplicity's sake) or faked the private demo to Brian Krebs. Or Krebs just made the whole thing up....

Re:Honestly weird (5, Informative)

Inoshiro (71693) | more than 7 years ago | (#16039498)

"- how can a driver have the same bug on windows and macos x?"

Quite simply; the Intel card is, in both cases, doing things like UDP and TCP offload from the main system. This means the card and driver together have an internal state in software to manage it, and (due to the asynchronus nature of networking) you can get the hardware and driver software's core into a situation where they don't agree on the state.

The small glue layer that deals with the OS hooks is a static translation layer that wouldn't be involved. The SB Live! and Audigy drivers in Linux are the same driver as the Windows Creative driver (well, they were about 6 years ago when they contributed the code). nVidia uses the same driver code on all platforms as well. For anyone who's written a driver, this is easy to understand.

"- why use this stupid external card? what are the chances it did have the same chipset as the internal one?"

He uses it because it's a timing race, and because it's easier to demonstrate with 2 cards in the system. With a 4000 microsecond delay, this means it's likely taking a bit longer for the OS to service the interrupts between the two cards; enough that the driver bug can show itself. There are likely other ways to tickle this bug that don't require multiple cards, but then you'd have to have something running on the OS. Still, If you setup a machine to throw packets around, you could make an intermittent crash bug appear on an OS -- that's not cool.

"- and odds are the bug is a buffer overrun... does it take a SO LONG for apple to fix a stupid memory overrun?"

A stupid memory overrun? Man, you haven't programmed ever, have you? A timing related bug in device driver code is probably the second hardest bug you'll ever encounter to debug (the first would be the core of the OS itself). Concurrent programming is difficult [computer.org] .

It's responses like these that show why this person had been light on detail. Most people lack the technical background in OS design to understand this issue.

I Think the Correct Term... (0)

Anonymous Coward | more than 7 years ago | (#16039065)

..is poseur.

This clown went to great lengths to make himself out to be among the leaders and it backfired. The facts of the presentation and the press he received don't match the reality of the situation, and he was called on it. He deserves 100% of the ostracization he is getting from the black hat/hacker community. He's knowledgeable and very smart; but the only exploit was his ego issuing a denial of service attack against his common sense.

Johnny, add a little sugar to your steaming hot cup of sit down and STFU. And please please please, adhere closely to the STFU part.

Really Now! (0)

bendodge (998616) | more than 7 years ago | (#16039085)

Really now, can anybody come up with a good reason for him to fake something like this? It should be obvious that Apple has declared him a hazard to the company and is threatening to wipe out the rest of his life with lawsuits if he so much as peeps.

Re:Really Now! (1, Interesting)

Anonymous Coward | more than 7 years ago | (#16039149)

Really now, can anybody come up with a good reason for him to fake something like this?

Fame? Or as they said when they did the initial "hack" they didn't like the "Get a Mac" commercials from apple? He was hoping to get away with no one asking any hard questions and he lost the bet. Plain and simple.

Re:Really Now! (2, Insightful)

Mononoke (88668) | more than 7 years ago | (#16039151)

Really now, can anybody come up with a good reason for him to fake something like this?
He's playing the "bash Apple" game, and enjoying the publicity? Notice his comment about Mac bloggers "not understanding" his explanations. He just wants to bash Apple, and nothing more. Probably had an employment application ignored or something. Who knows what his true motive is behind this. He sure makes it obvious that it's more about hating Apple than actually helping the security community. If Apple were actually threatening him, he'd have a registered letter or two from real lawyers he'd be happy to share with us.

Re:Really Now! (0)

Anonymous Coward | more than 7 years ago | (#16039155)

Really now, can anybody come up with a good reason for him to fake something like this?

Uh, the world is packed full of incredible assholes? That enough reason for you? Get out of that little bubble you live in.

time will tell.. (1)

Superfarstucker (621775) | more than 7 years ago | (#16039098)

I think he will be vindicated in the future if Apple "quietly" releases an update to the wireless driver. Else, who knows.

Re:time will tell.. (1)

Reverberant (303566) | more than 7 years ago | (#16039254)

Great - so the next time we see an Airport update, everyone will be screaming "Maynor and Ellch were right!" despite the fact that Apple has released Airport client & base station updates before [apple.com] .

something funny is going on here (1)

cheftw (996831) | more than 7 years ago | (#16039135)

smears, cones and chafing? sounds just like apple

Re:something funny is going on here (2, Funny)

Mononoke (88668) | more than 7 years ago | (#16039161)

smears, cones and chafing? sounds just like apple
Or a hot date.

Re:something funny is going on here (2, Funny)

gardyloo (512791) | more than 7 years ago | (#16039234)

smears, cones and chafing? sounds just like apple

      Funny. I was thinking of Madonna in the 80's.

Jonny Cache? Give me a break (0)

Anonymous Coward | more than 7 years ago | (#16039148)

What is he 8 years old?
Or is that his secret l33t hax0r name? Is his erstwhile companion Hadji? Or the redoubtable Race Bannon? Or perhaps,
Race Condition Charles. And his female companion Dolly Partition. Well hmmm, he's a geek, so scracth the female.

How is anyone going to take him, his cone of silence, or his I'm soooo technical, and now it can be told pitch.

Oooh I hacked a mac laptop WHICH COMES WITH A BUILT in WIFI card, by plugging in an EXTERNAL WIFI card.

Its unsafe! If you do it you would get haxor'd! Oh wait. I'd use my built in wifi or my 1000Mbit ethernet jack.

Next from the Token Ring of Fire, installing windows XP via bootcamp and leaving it without a firewall or antivirus or popup blocker can have your Macintosh HACKED in minutes! Oh the Humanity.

Apple (-1, Troll)

Anonymous Coward | more than 7 years ago | (#16039176)

Mac Users as a group are one of the single most annoying collectives on the planet. God Forbid anything be wrong with their precious Mac's or OSX.

We can't just let some time pass we have to call him an asshole and demand our proof now.

If he works for SecureWorks his best interests lie in keeping his mouth shut and keeping his job rather than running his mouth whether right or wrong and losing it.

Go Work Somewhere Else (1, Troll)

smack.addict (116174) | more than 7 years ago | (#16039181)

If he does not like it, he should go work for another company. It's not like the government is telling him to be silent.

My question is... (0)

Anonymous Coward | more than 7 years ago | (#16039242)

...if Apple releases a highly critical security patch for their builtin WIFI drivers three months from now as a part of some new "mega-patch", will all you people who have been slagging this guy off for a month now STFU finally?

Cripes (0)

Anonymous Coward | more than 7 years ago | (#16039261)

If they don't will you people who worship Johnny Cakes STFU?

Seriously, get a room and suck each other already.

Re:My question is... (2, Interesting)

wootest (694923) | more than 7 years ago | (#16039376)

Yes, they probably will.

It's the thorough lack of details and crummy reporting mixed with derogatory comments that makes it hard to discern if there is an exploit to speak of at all. I know I'd have nothing to worry about if the guys would have presented their exploit neutrally (without shit-flinging Mac users for "being smug"), been detailed in exactly what the target of the attack is (they can do that without revealing details on the exact nature of the exploit) and told us that they're working with Apple to resolve it (because I don't believe for a second that Apple would tell them to put a sock in it rather than work to fix the issue). You know, the way these things are done professionally. But perhaps it's too easy to cast blame, especially since a number of reporters aside from Ellch and his collaborator have been reporting different facts.

Re:My question is... (2)

BKWatch (1000323) | more than 7 years ago | (#16039499)

Well, what really set the stuff ablaze was the "cigarette in the eye" comment. What puzzles me is I can't find where that came from. In Brian Krebs's first article, he says: http://blog.washingtonpost.com/securityfix/2006/08 /hijacking_a_macbook_in_60_seco.html [washingtonpost.com] ""We're not picking specifically on Macs here, but if you watch those 'Get a Mac' commercials enough, it eventually makes you want to stab one of those users in the eye with a lit cigarette or something," Maynor said. "The main problem here is that device drivers are a funny mix of stuff put together by hardware and software developers, and these guys are often under the gun to produce the code that will power products that the manufacturer is often in a hurry to get to market." Now everyone else who quoted that was just referring to Kreb's article. Did anyone actually hear (besides Krebs) Maynor make this statement? Why did only Krebs report it? Did he make that quote up? Maynor is appartenly a Mac user himself.

Broke silence, revealed nothing... (1)

Nijika (525558) | more than 7 years ago | (#16039278)

He pretty much followed up with "uh huh, it's like, so real!" And then there was silence again. I could make it real too if I manipulated all the variables in my favor, including not actually using Apple hardware or software to perform an exploit.

So it an Apple Bug or a 3rd party bug? (1)

BKWatch (1000323) | more than 7 years ago | (#16039281)

OK, they are under heavy "legal" pressure by Apple. So the bug belongs to Apple -- and not to the third party wifi driver that the video shown at Blackhat refers to? Let's be clear -- the problem is not Maynor and Ellch. It's the reporting on this -- starting from Brian Krebs at the Washington Post. http://blog.washingtonpost.com/securityfix/2006/08 /hijacking_a_macbook_in_60_seco.html [washingtonpost.com]

So don't demo on a Mac! (5, Insightful)

Cid Highwind (9258) | more than 7 years ago | (#16039286)

At BlackHat Johnny Cache claimed this alleged exploit is not platform-specific, he only picked a Macbook for the demo to piss off Apple fanboys. If that's so, and the exploit really works, why not demonstrate rooting Linux or Windows or if you really want to stir up security trolls on slashdot, NetBSD?

Is the exploit real? Who knows, I've seen video of someone cracking a Mac through a wireless driver. Then again I've also seen video of a virus written on a Mac taking down a fleet of invading alien spaceships...

Johnny Cakes speaks! (0, Flamebait)

Quiet_Desperation (858215) | more than 7 years ago | (#16039295)

Zzzzzzzz....

Right or wrong, that's a lousy bet to take (2, Insightful)

wethion (871311) | more than 7 years ago | (#16039321)

What kind of a idiot would you have to be to take that challenge? There is no *way* I would take that bet, whether I knew I was right or not. If they lose, DF wins 2x: 1) DF gets a free macbook 2) DF gets notoriety for calling a bluff. They lose 2x: 1) they cough up significant cash 2) they are humiliated before their peers. Should they win, they win 2X: 1) a free macbook ( psst.. there are 2 of them) 2) they are vindicated However DFireball /still/ wins by gaining recognition for making the challenge. Sorry, only a moron whose balls ruled their brains would take that bet, and that's not a way to bet and win.

It's all so obvious (2, Funny)

lullabud (679893) | more than 7 years ago | (#16039344)

At least, that's the message I'm getting from this thread. Everything about this episode is obvious. Each contradicting story is just, like, so totally obvious.

character (1)

grrrgrrr (945173) | more than 7 years ago | (#16039524)

I admit that I do not understand a lot about kernel code and security but i believe i am a pretty good judge of character and somebody who is saying nothing but implying a lot so he can always weasel him self out of it like this guy is doing is not to be trusted but it may also be that all security guy's are like that and that is why they are into security ?

Fucking Slashdot... (1)

rincebrain (776480) | more than 7 years ago | (#16039536)

Just RTFA and decide on your own whether or not you believe him, or wait for dozens of users to flood /. with stories about whether they triggered an exploit on an Intel driver or not.

Either way, stop complaining in ways that are irrelevant to the article.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>