SecureWorks: Mac vulnerability due to 3rd-party hardware

By Justin Mann on August 3, 2006, 2:55 PM
Further expanding on the Mac wireless vulnerability we heard about earlier today, it seems that to be at risk for this, a system must have had third party hardware installed into it. So the culprit in this case is wireless equipment, rather than the operating system or architecture of the Mac. Adding new hardware to a machine is often part of the experience though, leaving plenty of room for people to make mistakes. Unfortunately for the users, the people who found the exploit aren't willing to share what hardware is the culprit and whether or not some cards are not affected:

The problem itself isn't really an Apple problem,' said Maynor, a researcher at SecureWorks Inc., a network-monitoring company. 'This is a systemic problem across the industry.' [...] The MacBook used in the demonstration was not using the wireless gear that shipped with the computer. Instead, they used a third-party wireless card that they declined to name"
While not sharing the details of the exploit is understandable, if there is a risk easily avoided by watching what hardware you buy it would be nice of them to share. Regardless, it's still possible that Apple may decide to create a software workaround, if possible, since it is much easier to fix software than hardware.

Update: More information reveals that the flaw may lie within multiple types of wireless hardware, including Apple-branded hardware, rather than just any random card.




User Comments: 1

Got something to say? Post a comment
whtriced said:
wrong, wrong, wrong. Please read all of the article that you referenced. The fault isn't because of 3rd party hardware. It is inherent in the Apple Aircard, as well. The testers didn't use the Apple card because Apple "suggested" it wouldn't be wise because they hadn't come up with a fix yet. The article states the testers have found this exploit to work on almost all devices.Giving people a false sense of security is bad business.D
Load all comments...

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.