New Airport Driver Exploit Released For Some Older Macs
According to the site hosting the proof-of-concept, the driver supplied with Orinoco-based Airport cards (1999-2003 PowerBooks, iMacs) is vulnerable to a remote memory corruption flaw, which could lead to arbitrary code execution if the target is in Active Scanning Mode (i.e. is searching for a base station). The exploit was claimed to have been run on a system running 10.4.8 with all existing patches applied.
It did not appear as though the hackers announcing the exploit and hosting the proof-of-concept code had contacted Apple about the vulnerability prior to the announcement. Nowhere on the site do the hackers claim they had contacted Apple, but rather they reveal the following about their intentions:
With all the hype and buzz about the now infamous Apple wireless device driver bugs (brought to attention at Black Hat, by Johnny Cache and David Maynor, covered up and FUD'ed by others), hopefully this will bring some light (better said, proof) about the existence of such flaws in the Airport device drivers.
Top Rated Comments
(View all)
I've been wanting to ditch the built-in Airport card anyways... It's flakey :rolleyes:
This is an ode to Apple's growing popularity!
Either that or an ode to the way they handled the Black Hat situation.
Or both...
Other than that, it is bullcrap that they didn't notify Apple beforehand and give the company the opportunity to patch it.
But clearly this is just some losers who want attention or make some politicial statement that "The Mac platform is not perfect." (Note to losers: Only the MSoft shills in the media think the Mac community believes our platform is invincible. In reality, we know every OS and every app has flaws. We just believe this Windows is a joke and Microsoft is a low quality company with shoddy products. Not that Apple is flawless.)
So this will make the rounds in the news for a week. The Apple brand will take a minor hit.
And Windows will still suck. Vista will still be a pathetic upgrade. OS X is still more secure. And Leopard will still rock.
Nothing really has changed...
I imagine that we can use wired connections when possible, but I know that available networks pop in and out of my Airport menu bar list. That makes me think that my PB is always (or at least often) looking for new base stations -- is this right?
Is there some way that we can make Airport wait to scan until we ask it to do so?
Is there some way that we can make Airport wait to scan until we ask it to do so?
turn airport off.
Orinoco-based Airport cards (1999-2003 PowerBooks, iMacs)
This is Airport and NOT Airport Extreme.Anybody with an Airport Extreme (or later) will not be vulnerable to this exploit.
However, this is all macs that have the original Airport not just PowerBooks and iMacs. It's also eMacs, iBooks and Power Macs.
George Ou is just... I don't think there are even words. His sort of "journalism" is representative of ZDNet as a whole -- just prior to his elation over the Apple exploit (a supposed security guy elated over a security flaw, go figure) he attacked ComputerWorld for their advice/explanation of a Windows flaw.
I mention Ou because he was part of the defense of Maynor and Ellch back in the original hack, which is linked in the original post.
So Apple releases a patch and our platform gets even more secure. Awesome.
Other than that, it is bullcrap that they didn't notify Apple beforehand and give the company the opportunity to patch it.
But clearly this is just some losers who want attention or make some politicial statement that "The Mac platform is not perfect." (Note to losers: Only the MSoft shills in the media think the Mac community believes our platform is invincible. In reality, we know every OS and every app has flaws. We just believe this Windows is a joke and Microsoft is a low quality company with shoddy products. Not that Apple is flawless.)
So this will make the rounds in the news for a week. The Apple brand will take a minor hit.
And Windows will still suck. Vista will still be a pathetic upgrade. OS X is still more secure. And Leopard will still rock.
Nothing really has changed...
Exactly. It is so lame when people that find holes, flaws and bugs go to the press or internet before contacting the manufacturer to notify them and give them a chance to patch it BEFORE hackers can exploit it.
[ Read All Comments ]
Analytics firm Chitika today released a report showing that by its metrics iOS has now surpassed OS X in overall web traffic share in the United States. Chitika's methodology involves an analysis...
One of the most frequent reasons for an iPhone to go on a trip to the Apple Store's Genius Bar is because of water damage. Typically, a water damaged iPhone can be replaced for a flat $199...
TheVerge's Joshua Topolsky summarizes the iPad 3 casing findings reported earlier today, but also adds his own sources regarding some details of the iPad 3.
Image from RepairLabs
As...
Last July, Apple discontinued the white MacBook from its consumer lineup, pushing consumers toward the company's popular MacBook Air line or the 13-inch MacBook Pro. The company didn't kill...
Popular iPhone Twitter client Tweetbot has finally arrived on the iPad, with a user interface instantly familiar to any current Tweetbot user. Designed for the Twitter power-user, Tweetbot packs a...
