Supposed MacBook Wireless Networking Exploit
The Washington Post’s Brian Krebs reports on a supposed wireless networking exploit that allows a MacBook to be hijacked. I smell BS, though — if you watch the video, the exploit apparently requires the MacBook to be using a third-party wireless card. Given that all MacBooks come with built-in AirPort support, how many MacBook users are actually susceptible to this? Any?
* Picture of paused video showing 3rd party USB wireless card
Worse, Krebs’s post makes no mention of this, instead making it sound as though the exploit works against MacBooks using their built-in wireless cards and drivers. If it’s truly the case that this particular exploit only works if a MacBook is using a third-party Wi-Fi card and driver software, it’s sensationalism at its worst — a case of supposed security experts impugning Apple’s reputation for the sole purpose of drawing attention to themselves.
Here's the article at The Washington Post: Hijacking a Macbook in 60 Seconds or Less
Look at the first of the video for the "3rd Party wireless card" John Gruber speaks of ... I don't understand how you could get a 3rd party driver installed onto someone's Mac like this ... you'd already have to have root level access to install the driver that will give you root level access. As far as I know, Macbooks won't run most USB wireless "add ons" straight out of the box ... you have to scour the net for a driver and usually have to ask a question or two at XLR8YourMac.
Further, the video (as you will see) also already has the terminal activated, meaning root level access is activated (most likely)
I'll further John's BS-O-Meter and say ... how many Mac users use the terminal to connect to a wireless network?
Lastly, the user must specifically connect to a hacker's Windows machine that has been turned into a wireless base station (access point) ... even though "for demonstartion purposes" the presenter says you don't have to. I suppose the "hacked access point" could be called "Free Internet Access" to intice users to connect ... but most people will connect automatically to the stronger signal in coffee shops and wifi hotspots.
What do you think?