Feeds

You're 0wn3d! Wi-Fi driver hack attack demoed

Third party, fire and theft

Using blade systems to cut costs and sharpen efficiencies

Updated White Hat hackers have demonstrated how to use low-level hacking exploits on wireless drivers to gain control of Apple MacBook PC, albeit one running a third-party wirless card.

A presentation by Jon Ellch and David Maynor at this week's Black Hat security conference in Vegas omitted details of the security flaw. The security researchers presented their demo by video to prevent malicious hackers from sniffing network traffic and reconstructing their attack.

Ellch and Maynor have found two similar flaws in the wireless device drivers for Windows machines. The duo decided to present their demo with a Mac machine as a target to prick what Maynor described as the "Mac user base aura of smugness on security". During the demo1, they showed how they gained access to an Apple MacBook in less than a minute, the Washington Post reports.

In all cases the attack only requires that a wireless device is switched on. A user need not be connected to a wireless network for the attack to succeed because drivers are commonly configured by default to continuously seek out available wireless networks. Maynor said that acute time pressures on driver developers contributed to the underlying vulnerabilities exploited by the attack.

"The main problem here is that device drivers are a funny mix of stuff put together by hardware and software developers, and these guys are often under the gun to produce the code that will power products that the manufacturer is often in a hurry to get to market," he said. ®

1During the demo, an Intel-based MacBook was used, with a third-party wireless card - not the wireless card that ships with the MacBook itself. This factor greatly diminishes the scope for mischief in practical terms.

Boost IT visibility and business value

More from The Register

next story
Secure microkernel that uses maths to be 'bug free' goes open source
Hacker-repelling, drone-protecting code will soon be yours to tweak as you see fit
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Roll out the welcome mat to hackers and crackers
Security chap pens guide to bug bounty programs that won't fail like Yahoo!'s
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
Researcher sat on critical IE bugs for THREE YEARS
VUPEN waited for Pwn2Own cash while IE's sandbox leaked
Four fake Google haxbots hit YOUR WEBSITE every day
Goog the perfect ruse to slip into SEO orfice
Putin: Crack Tor for me and I'll make you a MILLIONAIRE
Russian Interior Ministry offers big pile o' roubles for busting pro-privacy browser
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Application security programs and practises
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Securing Web Applications Made Simple and Scalable
Learn how automated security testing can provide a simple and scalable way to protect your web applications.