[olug] wifi device driver exploits

Rob Townley rob.townley at gmail.com
Thu Aug 24 16:20:44 UTC 2006


Hijacking a MacBook in 60 Seconds or Less
http://blog.washingtonpost.com/securityfix/2006/08/hijacking_a_macbook_in_60_seco.html


In case you have not heard, there is very probably a probable
(repetition intended) exploit of wifi devices no matter what operating
system is used because it attacks device driver code based on FreeBSD
that was used in Linux, Windows, and the Mac.

Just like a Ford Mustang is almost completely made in Mexico of parts
from who knows where.  Device drivers are often not made in the houses
of Apple and Microsoft and RedHat.    Apple can say the Atheros driver
was not Apple made, but it does come on the OS CD.  When Netgear uses
FreeBSD source from Atheros and pays Microsoft to sign the driver, who
owns the driver.  Because of this, they think they have deniability.


Jon brought this up at a SecurityPosture/CompUSA meeting long before
it came out at Blackhat, so i am particularly interested in what his
position is on the issue.    Yes, i used "position" because the proof
is not supposed to be released until manufacturers have a fix.  Based
on prior experience, i am firmly in the camp that this is a real
issue.  The point is that not many seem to be talking about the real
issue of a class of exploits of device drivers that run on modifiable
firmware.



More information about the OLUG mailing list