Thread: Hackers Expose 'Critical' Wi-Fi Driver Flaw
View Single Post
  #19 (permalink)  
Old 08-05-2006, 06:52 PM
Jeff Liebermann
Guest
  
Posts: n/a
Default Re: Hackers Expose 'Critical' Wi-Fi Driver Flaw
John Navas <spamfilter0@navasgroup.com> hath wroth:

>I suspect there's more going on here than meets the eye. A big problem
>in security is getting vendors to pay proper attention. My guess is
>that these guys got fed up with the lack of concern, and decided to
>build a fire under them with this public presentation. If so (or
>something like that), my own opinion is, "Bravo!"

I might agree with your analysis if they had previously even hinted
that there was a problem in one of the security mailing lists. Whether
the motivation was getting the attention of the vendors or simple
publicity, they are certainly guilty of grandstanding.

>I'm frankly sick and tired of vendors _knowingly_ shipping badly flawed
>products.

Good idea. Let's attach a government mandated warning label to
wireless routers.

DEPT of HOME SECURITY WARNING
This device contains firmware known to the government as
being potentially hazardous to your data security. The
manufacturer does not warrant against contageous infections
unless a concienciously applied program of updates and fixes
are applied for the duration of the product lifetime.

>It's the major reason I largely dropped out of beta testing
>-- I have a long list of _major_ bugs I found as a beta tester that were
>left unfixed in released products (which I'm unable to disclose due to
>NDAs).

Ditto. I busted my ass playing beta tester for various products,
where the vendor largely ignored my findings.

Liebermann's Axiom: Features and functions get added faster than bugs
get fixed eventually resulting in a bloated buggy mess.

> During the course of our interview, it came out that Apple had leaned
> on Maynor and Ellch pretty hard not to make this an issue about the
> Mac drivers -- mainly because Apple had not fixed the problem yet.

How could Apple lean on them unless Apple was considering hiring them
to get involved in repairing their security problem (or image)?

> To all of the commenters who complained about why this demo was not
> shown live, I refer you back to the text of the blog post, which
> pointed out the dangers inherent in showing this type of exploit live
> to a room overflowing with curious hackers who would like nothing
> more than to capture a copy of the exploit wirelessly and experiment
> with it.

Naw. Stealing the disks and cdroms is easier.

>Probably because the MacBookPro has Airport functionality built into it.

They could have just as easily used an Airport or Airport Express.

>>Why do they claim that a connection is
>>not necessary, and then run the demonstration while connected. Etc.
>
>I can think of a number of legitimate reasons. Why assume otherwise?

I can't think of any reason that a client driver exploit would require
an active connection to function. Perhaps I'm missing something here.
However, since the actual details of the exploit have not been
released, I'll leave this point to conjecture.

--
Jeff Liebermann jeffl@comix.santa-cruz.ca.us
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558

Reply With Quote