John Gruber issues open challenge to MacBook Wi-Fi hackers
Oh it's on now: criticism of the MacBook Wi-Fi hack has been mounting against the original hackers (David Maynor and Jon Ellch) and SecureWorks, while they have remained mostly silent. At least one passionate blogger has been defending the hack and the original statements, but John Gruber has issued an open challenge for Maynor and Elich to prove this hack once and for all: "If you can hijack a brand-new MacBook out of the box, it's yours to keep."From my understanding of the hack as it was originally explained and pseudo-demonstrated, Gruber's criteria and the actual nature of the challenge sound reasonable: he will meet Maynor and/or Elich at an agreed-upon Apple Store or Mac reseller, and he will purchase a brand new MacBook (
Maynor and/or Elich are then free to attack, and if the file disappears from the desktop - they win a (very slightly used, recently attacked) MacBook. If the file stands its ground, the hackers owe John the price of the MacBook. If the dynamic duo manage to only crash the machine or the current login session, John will call the challenge a tie, whereas he will keep the MacBook, and the duo don't have to whip out their checkbooks.
I am admittedly no security expert, nor am I a 1337 h4x0r, but the challenge seems sound. Any readers who have been following this saga spot any holes? Feel free to sound off - and stay tuned: the challenge must be accepted by Friday, September 8th, and as John already deduced: the most likely outcome is that they'll only take the challenge if the know they can win.
Share
Categories
Hardware OS Hacks Odds and ends Internet Tools Security MacBook
Oh it's on now: criticism of the MacBook Wi-Fi hack has been mounting against the original hackers (David Maynor and Jon Ellch) and...
Add a Comment
First time I've heard Pete Shipley called a "Mac blogger", and I shared a house with him. The only Apple systems in the place were mine. 8)
These "challenges" are nothing more than little publicity stunts, and Mac bloggers seem to love doing them. First Shipley, now Gruber.
September 04 2006 at 10:49 PM Report abuse Permalink rate up rate down Reply#14
Right...
(access@s642)(~)$ sudo -s
Password:
sudo in OS X is by default set to ask for password from users in the admin group.
Not refuting your other points though.
Raphael,
That is the point. Gruber, and many others, state that the attack was indeed one about external wifi via PCMCIA stule cards, and the third party drivers, yet, it was presented with the intent of showing the MacBook itself at fault.
The thing is, not too many people are going to be using an external wifi antenna in a notebook that ships with its own internal AirPort card.
See this is where the mac community really messes up. OS X is secure, but its not bullet proof (and this is proved by the sheer amount of unreleased exploit code for Tiger alone)
The quote "Well that way, the user may be admin but root is disabled completely. Any task from terminal that requires root has to be a per command "sudo" you can't "su" to become root.
Futher any desktop task that need permissions asks for a password."
is utter bollocks:
"oooh:~ daniel$ sudo su
oooh:/Users/daniel root# id
uid=0(root) gid=0(wheel) groups=0(wheel), 1(daemon), 2(kmem), 3(sys), 4(tty), 29(certusers), 8(procview), 5(operator), 9(procmod), 80(admin), 20(staff)
oooh:/Users/daniel root#
Furthermore OS X is littered with loads of setuid programs which are terrible at ensuring non root users can execute them and gain the permissions that root generally has
Right, so you CANT su from normal user to root?
Seriously if you DONT work in security, dont try and pretend you know what your talking about
Nice challenge. I do however question the not joining a default network; I do not know of the original claims (and I am not very versed in Wi-Fi either), however, if you not join a network, what are the changes that you can be hacked in the first place? Or did they (Maynor/Elich) claim that the exploits could be done, just by having Wi-Fi enabled?
Niels
Your link to Gruber's blog is bad. You have two http's in the url.
September 02 2006 at 4:58 PM Report abuse Permalink rate up rate down ReplyRaphael:
There is a good chance to native drivers were used in the video-taped attack. See what Jim Thompson has to say about an analysis of the video.
If the native drivers were used, it is likely that the 1) attack is a complete hoax (think SSH) or 2) the target MacBook had to have an open shell to trigger a connection back. If #1, then Gruber wins. If #2, then a draw -- without the shell open the Maynor/Ellch attack might only crash the airport drivers.
I think "M" (#8, #9) is John Gruber's wife. Or kid looking to protect a college fund. :-)
September 02 2006 at 4:06 PM Report abuse Permalink rate up rate down Replyps if he loses surely we should all club together and help him recover his money as a thanks to finding out what the other guy is holding.
September 02 2006 at 3:41 PM Report abuse Permalink rate up rate down ReplyHot Apps on TUAW
Deals of the Day
more deals- Soulo Karaoke App and Wireless Mic for iPhone / iPad for $80 + free shipping
- Verizon Leather Sleeve for Tablets for $4 + free shipping
- Wicked Jaw Breaker Noise-Isolating In-Ear Headphones for $6 + free shipping
- Refurb Apple MacBook Air Laptops: 12" 64GB SSD for $699 + free shipping
- JVC Motion Sensing Clock Radio with Dual iPod Docks for $55 + free shipping
- Apple iPhone Headset with Mic for $4 + $2 s&h
Software Updates
more updates- EFI Firmware Update brings Lion Internet Recovery to 2010-model Macs
- OS X Lion 10.7.3 released with Safari 5.1.3, Wi-Fi bug fix
- Aperture updated to 3.2.2, addresses Photo Stream issue
- Apple updates Keynote to address Lion issues
- Google Search app gets new look on iPad
- Apple releases Apple TV Software Update 4.4.3
Featured Stories
more stories
Popular Stories
TUAW (or The Unofficial Apple Weblog) is a website devoted to tips, reviews, news, analysis and opinion on everything Apple.
18 Comments