digg

Facebook Connect Join Digg About

This Mac "Make The Switch" Commercial Hurts my Ass

pauldotcom.com — You gotta see this. The guys at Pauldotcom.com Security weekly site, make a painful point of reminding us that exploits have no OS preference.

Who dugg this? Made popular Sep 12, 2006

Add a friend

submitted by

vmc1010 Sep 10, 2006

42 diggs
digg

25 Comments

netburnr, on 10/12/2007, -2/+8Here is a rundown of said video

Hi, I'm dumbass #1
Hi, Im dumbass #2
We can both be exploited by....ohhh wait, thats was proved incorrect.

//Spam
dmoney06, on 10/12/2007, -4/+9You are an idiot.
chadley384, on 10/12/2007, -1/+5#1. the video was pretty funny.. i enjoyed the linksys part.. i've have nothing but bad luck with their products and I' learned my lesson to avoid them a while ago.

That said, regarding the the wireless vulnerability issue with Macbooks (or other Macs)..

Wasn't this 1. patched before it was public, 2. done with a 3rd party wireless card (if you sue a mac, its near certain you have an Airport connection built in) 3. then wasn't it discredited? (i know there is alot of back and forth on this.

Finally supposing it is true there is a gaping hole (pun intended..) in macs wifi; which I've seen reported as incorrect by a few reputable sources. Does it really matter? Is it a wide scale issue like the blaster worm, etc that MS has seen nearly every other week. I'm by no means an MS hater, I am a bit of an Apple fan, but I think for legitimate reasons. The "gaping holes" in XP drove me to OSX. If OSX picks up more market share you'd see the same thing though OSX is more secure as Vista will be, and must be).

Anyone have recent definitive links of the Wifi exploit.
StarManta, on 10/12/2007, -0/+4I'll see your link and raise you a Mac blogger.

Who's offered to give away a free Macbook to anyone who can exploit its Airport driver.

http://daringfireball.net/2006/09/open_challenge
twid, on 10/12/2007, -3/+6This would be funnier if public exploit code for the supposed wireless vulnerability actually existed.
StarManta, on 10/12/2007, -0/+3Dugg down as inaccurate. They make it sound like the Mac guy is trying to spin a negative news story, but the fact is that APPLE'S AIRPORT CARDS AND DRIVERS ARE NOT VULNERABLE, at least not to the knowledge of anyone who actually knows what they're talking about.

That "exploit" you heard about: it used not only third-party drivers, but those third-party drivers were running - you guessed it - third-party hardware! A USB WIFI DONGLE. Now, find me a Macbook user that has a USB Wifi dongle. They simply don't exist.

This story has pissed me off to no end.
StarManta, on 10/12/2007, -0/+3Correction: WAS offering a free Macbook. He was ignored. (as he expected)

Which, as far as I'm concerned, proves the "exploit" is bunk.
kungfuhacker, on 10/12/2007, -2/+4So, this is our point, people need to take a huge step back and realize that the Mac drivers are vulnerable:

http://lists.immunitysec.com/pipermail/dailydave/2006-September/003472.html

We are not the only ones vouching for Jon and Dave.....
kungfuhacker, on 10/12/2007, -1/+3So, you're suggesting that security researchers should drop 0day code just to prove that a vulnerability exists? Do you really think that is responsible? And, what about the repercussions to the security professionals career? Have you give these points any thought or do you just get off on telling people to "shut up"?
twid, on 10/12/2007, -0/+2Provide a URL to exploit source or shut up. If you're a real hacker you should know this.
twid, on 10/12/2007, -2/+4And when the giant bunnies invade the earth, as I have predicted, I will have the last laugh.
fazed, on 10/12/2007, -0/+1macs have the worst patch strategy out of the 3 major os
their firewall is not enabled by default and even when it is it has big holes

so, keep on buyin macs chummmmmmmmmps ;)
dmoney06, on 10/12/2007, -3/+4This is one of the lamest, incorrect videos I've seen lately.
Elric1977, on 10/12/2007, -0/+1Yes, considering the whole vulnerability thing was a hoax, what's the point of this video exactly? To show these guys don't read the news? Voted Inaccurate.
phill, on 10/12/2007, -0/+1Using 3rd party hardware and 3rd (probably 4th) party drivers for that hardware. Apple is still not exploitable.
inactive, on 10/12/2007, -0/+1also almost no USB wireless dongles work with mac. So really, only if you are using a macbook running windows.
meatspindotcom, on 10/12/2007, -1/+1http://lists.immunitysec.com/pipermail/dailydave/2006-September/003459.html
EvilNutjob, on 10/12/2007, -1/+1It has an overflow! Deal with it!

Nice video Paul Larry and Twitchie.
Though im fairly sure that voids the warrenty on the Yagi. :)
EvilNutjob, on 10/12/2007, -1/+0http://blog.washingtonpost.com/securityfix/2006/08/hijacking_a_macbook_in_60_seco.html

here's the demo of the private exploit. Though right about now i kinda wish it was a public zero day.

Looks like an overflow with race conditions.
meatspindotcom, on 10/12/2007, -1/+0the obvious fault in your source is that it is a Mac blogger... not an expert. Aside from biased opinions, what do you expect him to be qualified to comment on?
KDX200rider, on 10/12/2007, -1/+0Careful kungfuhacker the MAC fanboys don't like to be presented with the facts....Better just stick to clever advertisments and marketing.
meatspindotcom, on 10/12/2007, -2/+1got any references to back up that claim toughguy?
meatspindotcom, on 10/12/2007, -1/+0This story pisses me off too, because Mac users (not to mention Apple) refuse to care about problems with their computers. Macs are great computers! They really are! BUT they aren't infallible.

The demo was done with 3rd party hardware and drivers, but if you paid attention, you would have heard that this hack can also be done successfully (and easily, according to Johnny Cache) with the out of the box hardware. I'd love to review the information you are basing your claims on, but you are conveniently omitting it. If you like Macs, then do your part to ensure Apple delivers you the best quality product they can, not the best quality product they can get away with
kungfuhacker, on 10/12/2007, -8/+5Its so nice to see that people still think Macs are not vulnerable. It will be fun to remotely exploit all your machines at Starbucks once the exploit code is released.
meatspindotcom, on 10/12/2007, -5/+1Mac vulnerable? Mongo not believe what Mongo not understand. Mongo ready to die for mac company honor
Add a Comment

Login or register to comment!
Or, sign-in super fast with your Facebook account ...

Site Links: Home; Take a Tour; Search Digg; Digg Mobile; RSS Feeds; Popular Archive

Help: Frequent Questions; How Digg Works; Report a Website Bug

All About Digg: About Us; Contact Us; Community Guidelines; The Digg Blog; Digg Townhalls & Meetups; Jobs at Digg; Advertise on Digg; Diggnation Podcast

Digg Store: Get hats, shirts, hoodies, stickers, and more at the Digg Store.

Digg Tools & API: All Digg Tools; DiggBar Tools; Firefox Toolbar; Twitter Feeds; Add Digg to Google; Netvibes Widget; Integrate Digg Buttons; Digg Badges; Make a Digg Widget; API for Developers

Digg Dialogg!: Digg Dialogg lets you choose the questions.

Digg Labs: Get a real-time view beneath the surface of Digg.; Digg Labs Home; Arc, Swarm, Stack, Bigspy, Pics

© Digg Inc. 2009 — Content created and posted by Digg users is dedicated to the public domain | Terms of Use Updated | Privacy Policy
DIGG, DIGG IT, DUGG, DIGG THIS, Digg graphics, logos, designs, page headers, button icons, scripts, and other service names are the trademarks of Digg Inc.