X

Mac Wi-Fi hijack demonstrated

Joris Evers Staff Writer, CNET News.com
Joris Evers covers security.
See full bio
Joris Evers
2 min read

ARLINGTON, Va.--Is the book on the Mac Wi-Fi hijack saga finally being closed?

David Maynor, chief technology officer at Errata Security, at the Black Hat DC event here on Wednesday broke the months-long silence on a controversial Mac hack. He also said he plans to publicly release computer code used in that attack.

The controversy started at the Black Hat Briefings conference last summer in Las Vegas. There, Maynor and fellow security researcher Jon "Johnny Cache" Ellch showed how a MacBook could be hacked by sending malformed network traffic to it. (Click here to see the video.)

The presentation caused a storm of criticism from the Mac community and Apple criticized Maynor and Ellch for saying Macs were insecure. The Mac maker even tried to pressure Maynor into posting a blog on the site of his then-employer SecureWorks stating that Macs were not flawed, he said.

Nearly two months later, however, Apple released Mac OS X 10.4.8, which fixed the problem demonstrated at Black Hat, Maynor said Wednesday.

"The vulnerability that was being exploited was now patched," Maynor said. "Apple released some security patches to address stuff I actually pointed them to and they claimed had nothing to do with me."

Shortly after Apple issued its patches, Maynor and Ellch were slated to in San Diego. That presentation was pulled because Apple threatened to sue SecureWorks, Maynor said.

Maynor did offer an apology.

"I screwed up a little bit," he said. There was a lot of confusion around the Mac hack because the original presentation used a third party Wi-Fi card. However, Maynor and Ellch had in fact also found flaws in Apple's own hardware, he said.

Maynor demonstrated a Mac Wi-Fi hack on stage on Wednesday. His MacBook running Mac OS X 10.4.6 crashed while scanning for a wireless network and coming across rogue code Maynor was pushing out from a Toshiba laptop. While the attack he demonstrated only caused a crash, it could also be used to run code on the Mac, he said.

Apple fixed that particular problem in September with Mac OS X 10.4.8, Maynor said.

"I did provide the information on vulnerabilities in Apple products, I provided them with code and they were given packet captures," he said.

In the future, Maynor said he won't work with Apple. "I do not feel comfortable keeping relations with the company and will not report future findings to them," he said.

An Apple representative could not immediately comment on Maynor's presentation.