Wi-Fi Exploit Continues To Crumble:
Atheros hasn’t seen any credible code, either: Brian Krebs of Security Fix at the Washington Posts updates the story he was the first to write about extensively with access to the researchers. The Wi-Fi exploit that they claimed allowed compromise of a computer because of drivers problems with several adapters now appears to be somewhat debunked. While the general premise is still reasonable–Intel released an unrelated Centrino update intended to prevent escalation of privileges via a Wi-Fi driver flaw–the researchers appear to have no leg to stand on at this point in terms of their demonstration and their claims. Atheros’s CTO, a blunt-spoken fellow, sent Krebs this statement: “Atheros has not been contacted by SecureWorks and Atheros has not received any code or other proof demonstrating a security vulnerability in our chips or wireless drivers used in any laptop computers. We believe SecureWorks’ modified statement and the flaws revealed in its presentation and methodology demonstrates only a security vulnerability in the wireless USB adapter they used in the demo, not in the laptop’s internal Wi-Fi card.” Apple said yesterday that the researchers had provided no information that showed an exploit was possible, and that the demonstration used a third-party Wi-Fi card and driver; the researchers updated their site to reflect this. Krebs received a clarification today from Apple that the researchers had, in fact, contacted them prior to their demonstration at Black Hat 2006–which seemed in dispute yesterday. Krebs writes, “Apple’s revised statement today made it clear that the company had not received any evidence from SecureWorks to back up the claim that the Macbook drivers are indeed vulnerable.” Finally, Jim Thompson, whom one of the researchers attempted to smack down by assaulting his expertise and misreading some of his analysis, goes all out. He’s obtained a high-resolution version of the video that the two researchers recorded, and uses information that he can see in that version to show what appears to be misdirection and other problems with what they stated they were doing. The suspicion now is that the researchers hit upon a FreeBSD Wi-Fi driver flaw that has since been patched, and that Apple doesn’t directly rely on, although they’ve built on top of it. Krebs is waiting for confirmation of this back from Apple. What do we learn from this? Not that Mac OS X is impregnable. Not that Wi-Fi drivers are trustworthy. Not that researchers may exaggerate data for publicity. Rather that it’s, in fact, all too likely that a Wi-Fi driver could allow an exploit to happen–but that under the guise of preventing exploits in the wild that it’s too easy to take that general case and believe that it’s applicable when we can’t see and touch it. Ultimately, the exploit the researchers allege to have found must be fixed, and at that point, their research should be made fully available for inspection. If that doesn’t happen, their credibility is sunk. The moral of the story, truly, is “Don’t taunt Mac users unless you’ve got something real to show.”…
