-
Website
http://www.matasano.com/log -
Original page
http://www.matasano.com/log/409/debunktraq-more-mac-wireless-chaff-posts/ -
Subscribe
All Comments -
Community
-
-
Top Commenters
-
Popular Threads
All Comments
jim/ron/rui are obviously in tenent #1 of the kubler ross model of vulnerability management.
Perhaps those in the "black-hat" community like showmanship; however, outside, it leaves a taste of falsehood, regardless of the underlying exploit.
I think for this reason every time something is not shown, or shown misleadingly, it's easy to assume bad faith and the worst possible explanation of Maynor's motives.
E.g. the external USB wireless device used. I don't buy the explanation "Apple wouldn't let us show the exploit with the internal wireless". It could simply be that it was easier to craft an exploit for the external - not necessarily that the internal is safe - but if so, say so.
It is very obviously "easy" to assume bad fath and poor motives; just read Mac blogging coverage of Maynor's presentation.
The problem is this: lost in the shuffle here is the teeny, tiny little detail that Cache and Maynor's presentation ISN'T ABOUT APPLE. It's about vulnerabilities in wireless drivers, and how a remote attacker can figure out what chipset and drivers you're running to target an attack.
Want to put this in perspective? Here's some coverage Maynor got BEFORE THE WASHINGTON POST STORY:
http://www.darkreading.com/document.asp?doc_id=...
Funny, I don't see the Mac-baiting.
But pretty sure I'm not. After reviewing a high-resolution version of the video, its quite clear that the USB device was not in-use during the attack (at least, it wasn't passing frames).
Its the internal Airport card (!!) that has the 192.168.1.50 IP address.
Details here: http://www.smallworks.com/archives/00000461.htm
Do I think that a highly similar attack is possible? Of course, but Maynor and Ellch haven't demonstrated anything thats even close to what they claim.