What is Digg?Warning: The Content in this Article May be Inaccurate
Readers have reported that this story contains information that may not be accurate.Sponsored by Activision
Introducing DJ Hero Game view!
djhero.com - Scratch and mix 102 songs in 93 original mixes from today's hottest artists. Available Now.
126 Comments
- mzwaterski, on 10/12/2007, -4/+49I can't wait for the followup to the followup (this story) to the followup to the Mac security story.
- helix400, on 10/12/2007, -4/+37I'm just waiting for this story to be marked inaccurate.
- nayr, on 10/12/2007, -7/+40digg for title :)
- NSMike, on 10/12/2007, -3/+29The majority of Mac users fall into two groups:
1. Those who know computing well, have tried other platforms, and prefer Macs for one reason or another, and...
2. Those who buy Macs because they're trendy and pretty, and they believe everything they hear on TV.
Group #2 is generally responsible for the smugness addressed here. Know-nothings who buy into clever advertising and aesthetic design.
*Note - Before you call fanboy on me, I'm a PC user. - sonap, on 10/12/2007, -0/+24Reminds me of Monty Python:
"Those responsible for sacking the people who have just been sacked, have been sacked." - mfratt, on 10/12/2007, -2/+24Dugg for a possibly innacutate article about claims of innacuracy being innacurate.
- Pacotheparrot, on 10/12/2007, -5/+25The inaccuracy of this inaccuracy of the original inaccuracy is astounding. Shame on you George Bush.
- danielwsmithee, on 10/12/2007, -8/+21Marked as inaccurate for inaccuracy's sake.
- bolero421, on 10/12/2007, -0/+10As a user who falls under the first category, I just want to say that I absolutely hate those who fall into the second.
I mean, is it just me or are computer users as a whole (Windows, Mac, and Linux) getting dumber and dumber with each passing year?
"I'm going to use internet explorer because I'm to lazy to get a secure browser."
"I got my mac because it is shiny and white."
"My 3|173 |1nux h4ck5 w1|| p4wn y0u 4||"
Grab your guns folks, it's open season on stupidity. - cazabam, on 10/12/2007, -1/+10Oh for the love of Pete ...
I'm thinking that they should have just used two identical Dell's. The fact is that in this modern world in which we live, if anybody uses a Mac, or Linux, or, in fact, ANYTHING that is not considered the norm, then any actual article content is overshadowed by zealotry from pro- and anti- mac/linux/whatever camps.
Stop it! Yes, the macbook is vulnerable. Yes, most other wireless drivers are also vulnerable. The most important fact here is that PRETTY MUCH EVERYTHING can be hacked in this way, mac, linux, windows, OS/2 for all we know. SURELY that is more important than whether the drivers used in this single demo were from Apple or another 3rd party.
On the other hand, the video showed ... a bizarre way of getting a remote shell. For all we know that complex command line could have just been a shell script invoking netcat on a telnet server. Without more details of the vulnerability, it is next to worthless as far as 'proof' goes. You still have to take their word that it wasn't a rigged demo. Oh, and before you digg me down (I know somebody will), I'm not saying that it IS a rigged demo, but that as scientific proof goes, it's up their with the creation of the world coming about through a holy sneeze. - armbar, on 10/12/2007, -1/+9With the title, "inaccurate" moderation, and follow-up, this can only be some sort of logic test:
Is the Macbook hack inaccurate using the following logic?
(((Macbook hack != accurate) != accurate) != accurate) != accurate)
a. Accurate
b. Inaccurate - iceperson, on 10/12/2007, -13/+21your logic if flawed. it only takes 1 vulnerability to make a system insecure. it's either secure, or it's not.
- AZTriGuy, on 10/12/2007, -0/+8Ok, now i'm really confused. An article on hacking Macbooks was termed inaccurate, a new one comes up saying that calling it inaccurate is itself inaccurate, now this one has been marked inaccurate. Now, what was I reading again? Man, I picked the wrong week to stop sniffing glue...
- sardonic, on 10/12/2007, -4/+11Claims of inaccuracy of the Claims of inaccuracy of MacBook hack are inaccurate
- jlachesk, on 10/12/2007, -2/+9No it hasn't. There is a digg story related to the first article referenced by this one. Then a 2nd digg story claiming that the original story was inaccurate was posted. This is an article explaining why the original story IS accurate (effectively discrediting the 2nd story).
RTFH/D/A - kalisphoenix, on 10/12/2007, -0/+6I'd agree with that, NSMike. It's the same thing with the Linux community attracting the 1337 wannabes. There's ignorance in the constituency of probably every OS (except, perhaps, Plan 9 ;-)).
The thing about Group #2 is that they usually have both the arrogance of Linux n00bs and the ignorance and computer illiteracy of the common Windows user (that's "common" -- no one on Digg is an "common" Windows user). Arrogance and ignorance are an extremely infuriating combination. - flag564, on 10/12/2007, -11/+16"Sanitizing? Come on, they're trying to prevent their customers from getting hacked. Apple patches vulnerabilities very quickly, but until they do, why bash them for trying to keep this on the downlow?"
So in non-fanboy, Apple should be able to keep this a secert, because they love us soooooo much. If it was Microsoft, you would be up in arms about them keeping people in the dark, but since its Apple, it ok. - CountSessine, on 10/12/2007, -1/+6"So in non-fanboy, Apple should be able to keep this a secert, because they love us soooooo much. If it was Microsoft, you would be up in arms about them keeping people in the dark, but since its Apple, it ok."
This is standard practice in the security community. Security researchers find a software vulnerability and alert the vendor. The vendor develops/tests a patch while the researchers agree not to publicize the vulnerability in the meantime. The patch is finished, the vulnerability is announced, the researchers get to claim the credit for finding the problem, and the vendor's customers aren't exposed to any more danger than is necessary.
That's not to say that there aren't vendors that have outrageously exploited this arrangement, stabbing both security researchers and their own customers in the back (Oracle and Cisco come to mind), but neither Microsoft now Apple are known for this. - Brutusfly, on 10/12/2007, -1/+6Obscurity security? Let's talk facts. Apple wasn't foolish enough to implement Active X style technologies into their browser. Apple ships with root user disabled by default. Apple didn't ship with tons of ports wide open. Apple has a BSD permissions system. Apple forces you to type a password before the system is modified, and running half your software isn't likely to require administrator privileges.
There are still security flaws in OS X (the dialog spoofing one is significant), but try not to spout the obscurity mantra as if it's fact. - greenamp, on 10/12/2007, -2/+6Why didn't he use the built in WIFI in the MacBook? I don't buy the line about Apple "pressureing" him not to.
Seems to me if he could have done this via the MacBook's built in WFI, he most certainly would have, since it was quite obvious he was singling out the MacBook when he held it up for display in the beginning.
This whole thing is fishy. - NSMike, on 10/12/2007, -0/+3And I forgot the rule of arguing over the internet:
In the end, nobody cares. - skyhighrockets, on 10/12/2007, -1/+4Warning: The Content in this Article May be Inaccurate
"Claims of inaccuracy of MacBook hack are inaccurate"
Oh, the inaccuracy. - Phil246, on 10/12/2007, -1/+4i think the point of it was, that the remote shell they got - had- root access to begin with, password not required.
- firblitz, on 10/12/2007, -1/+4AFAIK, the Mac Book uses the same exact wireless card as the Mac Book Pro. So then how does it only effect the Mac Book if it truly is a native driver issue?
Secondly, in the original video, it is never mentioned that it can be done to any wireless card. They specifically point out that it is an issue with this third-party wireless card and it effects all platforms.
This article by Brian Krebs is simply a "he said, she said" blog entry. If he had interviewed the people who did this hack, where is the transcript? Where is the audio/video? Where it is documented that "Apple leaned" on them? A letter? A phone call?
For the extremely paranoid: It is a video. Anyone can edit a video to make anything look like it happened. This whole thing can be a hoax to get someone their 15 minutes.
Regardless, I call it reckless sensational entertainment. This shouldn't pass as journalism. - caliform, on 10/12/2007, -2/+5Owned for misspelling "ownt".
- Gnascher, on 10/12/2007, -0/+3my head asploded
- LaughingMan11, on 10/12/2007, -2/+5NSMike:
Good point. I fall into the 1st category of Mac users who are well versed in most things computer and technology and use the 3 big platforms (Windows, Mac, Linux) day to day...
However naive it is to believe everything that you see on TV about Mac security, that doesn't mean that the Mac is "as insecure as any platform."
It is not smug to look at the facts and come to the determination that there are certain advantages on the Mac that make it less susceptible (but not invulnerable) to malware and mal-folk. Certain decisions have been made on the Mac side that have not been made on Windows (at least not until Vista) that have caused a world of headache for Windows users in the past with self replicating viruses and worms.
It pains me to see people who for some reason or another dispise the Mac find *glee* in the fact that the Mac isn't invulnerable and rubbing it in my face... even though i never believed that the mac is invulnerable in the first place.
There is a lot of smugness coming from the Mac-hating PC-loving side of the fence too who like to make FUD about Mac security and how it's equal or worse than Windows... - speedyrev, on 10/12/2007, -1/+4"The problem itself isn't really an Apple problem," said Maynor, a researcher at SecureWorks Inc., a network-monitoring company. "This is a systemic problem across the industry."
It's not a Mac problem, it's systemic. Why did this turn into a pissing contest? - EtherGnat, on 10/12/2007, -1/+4We apologise again for the fault in the title. Those responsible for hacking the people who have just been hacked, have been hacked.
- LaughingMan11, on 10/12/2007, -5/+8While what you say is true, I have to dispute the fact that the "main reason" why the mac is less prone to attack is because it is more obscure...
There is such a thing as a system being inherently more secure than another just because it is. It's indisputable that Mac OS X has its roots in BSD, which has been around for a lot longer, and has stood the test of time longer than Windows XP or its NT kernel.
The Classic Mac OS from the 80s and 90s has had more widespread viruses plague it than Mac OS X, but to someone in the know, this makes perfect sense since Mac OS X went a long way to improve the security of Mac OS. - xxdesmus, on 10/12/2007, -0/+3Try reading the article that this Digg is actually about. The journalist clearly says:
"During the course of our interview, it came out that Apple had leaned on Maynor and Ellch pretty hard not to make this an issue about the Mac drivers -- mainly because Apple had not fixed the problem yet. Maynor acknowledged that he used a third-party wireless card in the demo so as not to draw attention to the flaw resident in Macbook drivers. But he also admitted that the same flaws were resident in the default Macbook wireless device drivers, and that those drivers were identically exploitable. And that is what I reported." - dunezone, on 10/12/2007, -3/+6@NSMike
I dont know why your calling his logic flawed, he simply stated that it takes one security hole to make a system insecure. And I will agree with that statement, even if the hole goes undiscovered or documented its still there and can cause a future problem. - totorototoro, on 10/12/2007, -0/+2Now I'm confused-did the original story (sans video, which was added later) mention that a third party card, not the Airport card Apple ships with the MacBook, was being used for the demo?
In other words: Original Washington Post Blog story (failed to mention 3rd party driver/card) --->DUGG---> ABC story briefly mentions 3rd party card issue, rebuttal begins--->DUGG---> WaPost blog follows up their story to include Video/3rd party driver/card disclaimer/But further proof it doesn't matter because its still a valid issue, regardless--->DUGG---->comments are 1/4 about original article, 1/4 about rebuttal, 1/4 about revised clarified story, and 1/4 about who is smuglier....wow, this Digg thing is more complex than I thought! - kob0724, on 10/12/2007, -0/+2Claims of inaccuracy of MacBook hack are inaccurate...which was found innacurate by diggers.
- tigerdyr, on 10/12/2007, -2/+4There have been so many hoaxes on macs that you just need to put forward some proof in order for this not to be simply regarded as a hoax.
Washington Post or not - I need proof. It is too easy to stirr up the mac community to get hits. There is a chance that this might be real, but until proof (names of people who can be contacted in order to confirm or show this; real footage of it; the actual code used; more details on how and how many wifis are hit and so on) is shown, this is a hoax. - HonoredMule, on 10/12/2007, -0/+2Title translation:
Not true story turned out not to be not true.
All bloggers who contradicted the original statements are asked to not un-acknowledge their not not false arguements...
Short version:
Is too! - Dalbot, on 10/12/2007, -1/+3John Gruber takes the Washington Post reporter to task for lousy reporting:
http://daringfireball.net/2006/08/krebs_followup - Kazrog, on 10/12/2007, -1/+3flag564 - way to troll digg. I've never once bashed any company for this type of practice. I have no axe to grind with MS, or the clone makers. Besides, MS generates enough flak and bad press on their own without me contributing to it. I have a pretty balanced view of them, I think MS is aware of their shortcomings and is trying to turn around - but it's a massive ship to turn around. I fully sympathize with their struggle, it is very much possible for a company to get too big, and this could be a challenge Apple will face as it grows.
Ultimately we're talking about protecting the security of users, regardless of their platform of choice. Just because I choose to use a Mac doesn't make me a closed-minded zealot. I use Windows, Linux, and Mac OS X every day in my work environment, I just happen to prefer Mac OS X to any of the alternatives. - chriszuma, on 10/12/2007, -2/+4Heh, I'm tempted to bury this story as "inaccurate" just for the irony.
- LaughingMan11, on 10/12/2007, -2/+4TheG2... exactly what are those bold claims you are talking about?
Is it the commercial? Go back and watch the commercial again, and come back with a transcript... and highlight exactly what the statement is that says that Macs are invulnerable to everything?
you won't find it because they never said that. They simply stated that out of the thousands of viruses that affect PCs, none of them affected the Mac... which is absolutely true. - diggapleaze, on 10/12/2007, -1/+3"...the hacker isn't going to know a login/password combo for the Mac, so all they can really do is sit there and chuckle to themselves "I just totally pwn3d that Macb00k!!""
while deleting all your photos/documents/etc in your home directory - Kazrog, on 10/12/2007, -2/+4Alright - I've seen the video - and I've seen the root access. Pretty impressive hack. I wonder what card that is...
Still, over 90% of Mac users have an AirPort card for wireless connectivity, so MOST Macs are safe from this exploit. - Kazrog, on 10/12/2007, -1/+3Phil - maybe I'm confused, but nowhere in the story does it indicate that the exploit gave the hacker root access.
- TheG2, on 10/12/2007, -4/+5Beat me to it...
Apple made some pretty bold claims and they are going to take a beating as more and more people switch over.. - neilscool11, on 10/12/2007, -1/+2OK so now digg is telling me that this story is inaccurate
that means the inaccuracy of the inaccuracy is inaccurate?
what is the real story - drowned_in_milk, on 10/12/2007, -0/+1I'm going to say the real story is use Ubuntu.
Just kidding. - jlachesk, on 10/12/2007, -2/+3This is by far the most entertaining series of stories in my (admittedly short) digg career. I'm glad my first submission provided so much humor/irony/angst/pain/joy/arousal.
Let the inaccuracy of inaccurate claims of inaccuracy of max hax reign in inaccuracy!
(saying inaccurate that many times, even in my head, is making it seem like an awfully silly word)
Buried for being inaccurate. - GBoS, on 10/12/2007, -1/+2An article marked inaccurate, about an innaccurate claim of inaccuracy.. the irony..
- NSResponder, on 10/12/2007, -1/+2I don't buy the claim that Apple pressured him. It's an easy thing to say, because Apple won't comment on the matter.
-jcr - zacmccormick, on 10/12/2007, -0/+1@LaughingMan11
I agree with you on that, it is a very big advantage to have your architecture based on open software like Unix. I think security is one arena where an open source model has some advantages. But I also think these advantages are typically only gained for ubiquitous back end technologies like SSL and HTTPD, where there is guaraneteed to be a very dedicated community of developers and engineers. Of course, that's not to say that a secure closed source HTTPD isn't possible. (example: IIS, no I'm not trying to incite an apache vs iis security war, anyone who is invincibly ignorant towards IIS please refrain from replying to this) -
Show 51 - 100 of 126 discussions
Browsing Digg on your phone just got easier with our enhancements to the 
© Digg Inc. 2009
— Content created and posted by Digg users is