http://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/ Engadget Comments for http://www.engadget.com/media/feedlogo.gif http://www.engadget.com en-us Copyright 2012 Weblogs, Inc. The contents of this feed are available for non-commercial use only. Blogsmith http://www.blogsmith.com/http://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/http://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/Aug 3rd 2006 10:38AMhttp://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/http://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/
That said, glad these cats are out there making my future drivers safer. Respek.]]>Aug 3rd 2006 10:40AMhttp://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/http://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/Aug 3rd 2006 10:41AMhttp://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/http://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/Aug 3rd 2006 10:43AMhttp://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/http://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/
I think it's about time for Mac users (and I'm one of them - I'm typing this on a dual-G5) to get over their security smugness.]]>Aug 3rd 2006 10:47AMhttp://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/http://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/http://blog.washingtonpost.com/securityfix/2006/08/hijacking_a_macbook_in_60_seco.html
]]>Aug 3rd 2006 10:48AMhttp://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/http://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/Aug 3rd 2006 10:48AMhttp://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/http://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/Aug 3rd 2006 10:52AMhttp://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/http://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/Aug 3rd 2006 10:54AMhttp://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/http://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/
Show me the proof of this, and then I can at least gauge the validity of the claim.

Craig Dunham]]>Aug 3rd 2006 10:54AMhttp://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/http://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/
I mean, I guess you could need them at a location where the signal is low, but then you add that into the mix: person who knows how to do this attack + third party wireless card..... ]]>Aug 3rd 2006 10:56AMhttp://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/http://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/Aug 3rd 2006 10:56AMhttp://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/http://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/
A successful Mac virus would be huge publicity and a big feather in the cap of any hacker. People are gunning for Macs (funny how every report about this 3rd party wireless exploit is headlined something like "MACBOOK FLAW! SUCK IT FANBOYS!" when the exploit affects PC laptops as well).

No operating system will be 100% immune, but the fact is there have been no Mac viruses out in the wild -- just proofs of concept. That is a VALID reason to feel smug. Sometimes one has a legitimate right to feel smug. Windows users have a valid reason to feel smug about the # of games for their OS (and they are VERY smug about it).]]>Aug 3rd 2006 10:57AMhttp://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/http://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/Aug 3rd 2006 11:00AMhttp://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/http://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/Nice sensationalist reporting Paul.]]>Aug 3rd 2006 11:01AMhttp://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/http://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/
While I certainly agree that this needs to be addressed it is in no way an earth shattering vulnerability.

Not only that to be honest the only time any vulnerability becomes all that destructive is when the exact steps to reproduce it become easily available and/or someone makes an app that takes advantage of them. Then your friendly neighborhood script kiddies make everyone's day quite bad... until that time though, not too much to worry about.]]>Aug 3rd 2006 11:03AMhttp://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/http://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/Aug 3rd 2006 11:06AMhttp://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/http://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/
http://digg.com/apple/Hijacking_a_Macbook_in_60_Seconds_story_misleading

]]>Aug 3rd 2006 11:07AMhttp://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/http://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/

There's a lot of sensationalism going on here. Say it for what this is : a 3rd party driver vulnerability on a 3rd party USB wireless adaptor that likely no one will ever use because all Macbooks come with built in wireless adaptors that are not affected.]]>Aug 3rd 2006 11:10AMhttp://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/http://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/Aug 3rd 2006 11:13AMhttp://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/http://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/Aug 3rd 2006 11:14AMhttp://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/http://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/
"respek" nothing. these losers are attention whores at best.]]>Aug 3rd 2006 11:16AMhttp://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/http://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/Aug 3rd 2006 11:16AMhttp://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/http://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/Aug 3rd 2006 11:23AMhttp://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/http://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/
All of them are useable. That you have not been infected does not mean there are no machines out there in the wild that still carry them. And 3 months? Good job. haven't had one since 4 years ago I moved back to OS/X.
]]>Aug 3rd 2006 11:25AMhttp://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/http://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/http://blog.washingtonpost.com/securityfix/2006/08/followup_to_macbook_post.html]]>Aug 3rd 2006 11:27AMhttp://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/http://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/Aug 3rd 2006 11:33AMhttp://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/http://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/
http://abcnews.go.com/Technology/wireStory?id=2266507

I will go back to my aura of smugness]]>Aug 3rd 2006 11:35AMhttp://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/http://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/
I hate it when I get on here and guys like Joshua feel the need to complain about the "reporting" style. I think we all need to remember that this is a blog, not the NY Times. If you don't like the way they write, leave. No one wants you here anyway...

Nice work Paul. There are some people who appreciate the work you guys do!]]>Aug 3rd 2006 11:41AMhttp://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/http://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/Aug 3rd 2006 11:52AMhttp://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/http://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/Aug 3rd 2006 11:52AMhttp://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/http://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/Aug 3rd 2006 11:53AMhttp://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/http://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/
But where a bunch of you guys apparently see people boasting of the "perfect security" of the Mac, I see no such thing. I see promotion of the better security of a Mac. No one I know...especially no one with any sense, claims their Mac is perfectly secure. Just more secure.

A lot more, sure. But still.

And if what I'm seeing is true...if these guys had to employ a 3rd-party card and driver to make this work, and had to have the networking configured to the promiscuous "connect automatically to any available wireless network" setting then, well...props to them for working hard to make the drivers more secure, but I'm not taking this as any big threat to my users.]]>Aug 3rd 2006 11:59AMhttp://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/http://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/Deception: mentioning none of those in the article.

Kyle, that is where my "sensationalism" claim came from.
]]>Aug 3rd 2006 11:59AMhttp://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/http://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/
Here's a new series called "The other side"

http://www.youtube.com/watch?v=i_kJPxhOd8U

Best,

Benjamin ]]>Aug 3rd 2006 12:06PMhttp://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/http://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/
Maynor said the MacBook used in the demonstration was not using the wireless gear that shipped with the computer.

"We did that so we're not singling out Apple," Maynor said.

They didn't way the Apple internal card was not affected either way. It could still be.]]>Aug 3rd 2006 12:10PMhttp://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/http://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/
Maynor states in the video the flaw isn't Apple-specific, but at the time of shooting he was about 10/10 on wireless card manufacturers being vulnerable. It's a remote root exploit.

]]>Aug 3rd 2006 12:15PMhttp://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/http://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/Aug 3rd 2006 12:16PMhttp://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/http://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/1: Find a victim that uses a 3rd party USB-based wireless card, Mac or Windows.
2:Get within wireless range of said victim.

Not saying it could not happen, but I can't say I am shaking in my boots. ]]>Aug 3rd 2006 12:17PMhttp://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/http://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/http://blog.washingtonpost.com/securityfix/2006/08/followup_to_macbook_post.html

It's true that Mac OS X has better security features then windows, but the truth is that the weakest point has and always will be the user, and I'm afraid Macs are the bottom of the barrel in that regard.]]>Aug 3rd 2006 12:18PMhttp://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/http://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/
Just kidding. Im only serious.]]>Aug 3rd 2006 12:19PMhttp://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/http://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/
Even though the flaw is certainly NOT specific to the macbook, but to apparently "10 out of 10 wireless cards tested" the only way it's NEWS if it effects a mac.

Security holes in PCs have been old news for decades. I think Mac users are doing pretty well (and deserve a little smugness) if you have to find a Mac security flaw to be somebody these days. ...Meanwhile some kid creates a new worm that takes out 10,000 PCs, and no one ever even hears about it.

:P]]>Aug 3rd 2006 12:44PMhttp://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/http://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/
Then why not do the "demo" with the built-in card?]]>Aug 3rd 2006 12:52PMhttp://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/http://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/Aug 3rd 2006 12:53PMhttp://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/http://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/
Bullshit. The movie clearly states that the flaw isn't built into the macbook. He says that as he's plugging in the third-party card. ]]>Aug 3rd 2006 1:04PMhttp://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/http://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/Aug 3rd 2006 1:16PMhttp://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/http://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/Of course, I suspect that he isn't, and that it's probably real.]]>Aug 3rd 2006 1:20PMhttp://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/http://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/Aug 3rd 2006 1:20PMhttp://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/http://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/
It shown on a 3rd party card at Apple's request. They pressured these guys to now show that all current Macs are vulnerable to this attack until Apple can get a patch out...that being said, yes, All current Macs are vulnerable to this attack so says the author.]]>Aug 3rd 2006 1:23PMhttp://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/http://www.engadget.com/2006/08/03/gone-in-60-seconds-macbook-security-flaw-exposed/
No point appealing solely to those that already own your product...]]>Aug 3rd 2006 1:23PM