MacBook Security Gone in 60 Seconds

I don't normally do this -- don't like crossposts -- but I know a lot of wireless users hang out here who never wander into the Computer group.

FWIW, this isn't exactly news, even if the story is from a recent conference, but it is an important reminder. If you run a wireless network, take a little time to secure it.



I offer this not to trash Macs; this really isn't about the Mac. However, as the article states, some people who use Macs (and Linux systems) have developed this false sense of security about things they shouldn't.

This is really about the standard encryption people are using with their wireless networks and how easy it is to break. Since most people who bother with security at all tend to use the default form offered to them, those who do this may as well have no security at all, based on the results of this little experiment.

I'll also note this. I taught myself how to crack WEP in about an hour, which is to say I didn't need to learn much. The tools that can do this for you are easy to find and easy to use. Install, sniff, wait, go...

is a fake.

or watch the video?

"2. A third party wireless card? For the macbook? That didn't look usb! Black macbook doesn't have PCMICIA (or whatever the hell) and so I am a bit confused here."

"There's really nothing to see here. A third party wireless card is used, which no MacBook owner will do, as WIFI is built-in. The MacBook is handled during the demonstration; actual commands are typed in Terminal.app, without which the 'attack' would not be possible. If physical access to a device is needed for an attack, it cannot be said to be vulnerable. Your coffee machine is just as vulnerable, then."


Quoted from the commments.

There is no doubt your computer is vulnerable if you let a stranger use it...

And, if you're really afraid, use the built in wireless your macbook comes wth, not a 3rd party wireless card...

Yeah, I've got a wireless USB networking card. Nice try. I'm betting this was put out by Apple, who's made no bones about putting out false information.

come standard with airport cards, an integrated wireless card. There is no need for a 3rd party wireless card.

Why did they not use the built in airport?

Do you really think a Mac is unhackable? The point of the demonstration was to erode the notion that you're utterly and completely safe if you use a Mac. Unless you disagree with that notion, what does it matter whether or not they used a third-party card?

ask the people that made video why they chose to not use the airport wireless and isntead used a "buggy" 3rd party wireless adapter.

I gotcha. Good to know.

It is simple really. If it takes a "buggy" 3rd party usb wireless device to hack into my mac, I am safe because I dont use one. I use the airport integrated wireless which must be secure or they would have used it.

I'll just assume for a second that the experiment was completely fake. It, in and of itself, is not the reason I commented. I simply used it as a point of reference.

What the article is about is wireless security and how easy it can be to break if you don't take the time to secure that wireless network. Again, I've done this myself, using a target that knew what I was doing just to see how easy it was. (And he stopped using wireless after this, preferring to hardwire his network.) It took me longer than 60 seconds (that short amount of time would indicate a really bad key, probably the default key) but it didn't take me all afternoon or anything.

People exist that do this sort of thing for fun.

Now, back to the article, the point one should take away from it is that we who use Macs and Linux systems (I run Linux) should not become too proud of ourselves about how secure we are. The wireless hardware we use on Macs or PCs, no matter the OS, is essentially the same hardware using essentially the same security tools. If I ran a wireless network (and I don't) I could be relatively sure no one could break into my system, which I have hardened against external attack as best I know how, but I could not be equally sure that someone could not break my WEP encryption, if that's what I were using, and hijack my Internet connection, capture any unencrypted communication I sent or received, etc.

The worry is that Mac and Linux users think their OS protects them from everything, and it doesn't.

OnEdit: This isn't the WaPo article mentioned in the link you gave, which I have no read. The focus of the MacWorld article is on wireless security generally and does take a moment to note that Macs are still more security than a Windoze machine right out of the box. The point, to me, is as Scott Carpenter noted, "Wireless in particular is inherently insecure, because people tend to use the lowest level of security that there is." If you do that, you're vulnerable.

I've become completely complacent about my Mac. We've done what we could with WEP, but.....

Thanks for the heads up, though I don't know what I'm going to do about it.

the world. Just let me post to DU now and then.

than by posting something that seems to criticise Linux...

...is to post something that seems to criticise the Mac. ;)

But what the hell...I haven't been involved in a good, old fashion OS war in a long time. :-)

Seriously, though, I have no desire to trash anyone's choices in OS. I make no bones about my loathing of Windows, but it's Microsoft's business practices and ethics more than the OS itself that annoys me. Linux definitely has its flaws (the 2.6.x kernel is a pig and full of bugs and, to my mind, the output of weird design decisions, for example, with the lead developers to this point having mostly ignored the problem in the quest for more features, which *will* come back and bite Linus in the butt), but I am attracted to the OSS philosophy as well as the room for customization and, yes, better security. OTOH, I don't think it should be the kernel's job to talk to hardware, but I digress.

In my view, the major difference between security issues between Windows and Linux/OSX is that Windows tends to be more susceptible to (or concerned with) external attack whereas Linux is more susceptible to (or concerned with) internal attack. A security report came out last year noting that Linux (all flavors combined, including all the individual software packages, which in and of itself was misleading, sort of like blaming Windows for a flaw in Adobe's products) had more security warnings issued for it than Windows did, but the devil was in the details. The majority of these were issues with "local privilege escalation" while those involving Windows were about vulnerabilities to being attacked from the outside, particularly through IE and Outlook.

But anyway, I'm a live and let live sort when it comes to computers and their OS's, at least to an extent. (I'm going to be all over the DRM debate when Vista comes out, and my venom will be laid squarely on MS's feet.) I just maintain that whatever you choose, be aware of what you're choosing and why and don't kid yourself about how much better or more secure you are than the other guy, especially if you actively ignore the potential for security problems on your machine no matter what OS you run.

and reasoned complaints should be welcome no matter what the subject. Slamming something just for the sake of slamming it does tend to get my hackles up, but I'll generally stay out of the fray.

and the mother post argue, the point is that MAC's will reach a point where hackers and virus developers will start to attack....

It's a smiple matter of supply and demand...

When MAC use reaches a certain market share, it will suddenly become worth the time and effort to attack-a-Mac...

use my Atari TT so often. :)

The only real reason Windows computers have "so many more security flaws" is because, quite frankly, it's worth a hacker's time to go ahead and actually hack Windows. I'm willing to bet all of those flaws are ready and available to Mac OS as well, it's just that no one gives a flying fuck about hacking a Mac.

their utter and ridiculous lie of "being safe" will be shown to be the garbage, lying, false, logorrhea that it is.

And once the hackers and virus makers and worm coders and other delinquent filth decide it's worth their time to fuck up the Macs, I bet they will find holes and backdoors and other openings the likes of which even God has never seen, simply because Mac has lived on the myth of safety for so long that they've never had to actually test their software for safety and integitry. It's gonna fall like a house of crepe paper cards, and Apple is gonna practically kill themselves sending out hourly updates trying to plug the holes in their systems.

And of course, being Apple, they won't offer any updates or plugs for any operating system or computer that isn't their current version. Unlike Microsoft, which still sends out patches and fixes for Win 98 and ME, not just XP. SO all those Mac OS 9 and earlier ones, or whatver the "old" OS will be at the time, will be completely fucked and left hanging out to dry.

Microsoft stopped supporting 98 (and I think ME since it was just 98 with more bugs, but I could be wrong on that ... the part about support anyway) in July of this year.

This has caused a great uproar where I work because a sizable percentage of our customers still use 98 and acquired our service with the understanding 98 was supported. Since MS no longer supports 98, neither do we, which I think is a mistake, but I don't get to make those decisions. I do still try to help people who have 98 figure out their problems, but I'm one of probably half a dozen employees who will bother, in part because the techs tend to be rather ignorant and read from scripts rather than do actual trouble-shooting.

The real hue and cry will arrive when they stop supporting Windows 2000, which is used by so many large businesses who really have little use for XP when compared to 2000. Vista is going to have to offer them something significant to justify the cost of the upgrade when 2000 goes on the chopping block.

Your essential point about Mac's OS is generally true, however, and I don't like the way they do updates. You don't really know what the update is doing, nor how essential it is, i.e. is it an update to a security flaw or an update to some minor bug? SysAdmins need to know this stuff, and their not knowing is at least one reason Mac's have so much trouble entering the business market.

I have ME on my laptop (and I frickin' hate it), and I've been impressed that it still was occasionally loading updates.

Looks like I'm all done with the updates, though. :-)

One of my other main issues with Macs has been there "the user doesn't need to know" policy, such as with the updates, but also even with the file system on the hard drive. I grew up with knowing where in the file tree at all times I was, and where my info was (from DOS, UNIX, Atari's OS, Windows, etc.), and it drove me crazy that Macintoshes, at least the first few generations, were always "The OS knows where your stuff, you don't need to know". Irritated the shit out of me, and I never trusted it. And the lack of a command prompt - forget that bullshit. Also their "the user doesn't need to know" in terms of what's inside the box, either: not being able to open a box and put in a new drive, or add new hardware, etc., without voiding the warranty or without buying their proprietary insanely overpriced components. Windows is sloppy, but the PC has been a genius invention: modifiable, one could play with it, pull stuff out, put new stuff in, evolve a computer, overclock it, dick with it, and otherwise do whatever one wanted with the stuff.

I think the new OSes (at least since they started piggybacking on unix or linux) have command prompts, but I don't know.

Perhaps many distros, but I can't say since I haven't tried "many" distros relative to the number that exist. And what ports are open on some distros by default depends in part on what services you start. For example, a lot of people who use Linux set up a mail server or Samba or something similar. That'll open some ports that can be an avenue for attack. Of course one shouldn't use those services unless one is aware of what they are doing.

SuSE, Fedora, and Mepis, at least, have a firewall established in any default installation that closes most ports. I am more familiar with SuSE than the others and so can speak with more authority regarding it, and it sets up a firewall by default (assuming you don't start Samba, a mail server, etc.) that drops everything incoming to every port except port 13 (ident) and ping requests.

With some distros, particularly the ones geared toward hobbyists, you get no default firewall at all and have to set up your own IPtables, or whatever, script. Slackware, for instance, has no "default" firewall. Then again, you don't have a default network connection either, so what you do is set up the firewall, then set up the network. These distros are not for newbies, naturally, so this isn't really a problem, unless a newbie who doesn't realize this decides to dive in with both feet first without "reading the manual," so to speak.

Not saying you're wrong, just clarifying. Generally speaking, you make the point quite well I'm trying to make because it is in fact true that with many Linux installations, every single port on your system is open and vulnerable, and if you're either not aware of that or unconcerned with it because of the supposed security of Linux, you'll get burned.

because they were able to break into the wireless network -- not the computer.

Your ISP (and your neighbor for that matter if you use cable modems) can listen/read everything you enter into the internet. Anyone who thinks the internet is secure is nuts.

Now for commercial use its a different issue -- but any corporation that uses the default password deserves what it gets.

The hackers couldn't extract information form the computer, change anything, etc, unless that info was first transmitted over the internet -- in an unsecure form. Seeing how most internet sites use encryption (SSL), it would have defeated their "hack".

Getting on the same subnet can be an issue (you can steal bandwidth), but its hardly a significant breach by itself. Hell, go to starbucks and their network is wide open.

I take it you didn't actually read my comments.

being discussed.

As "they" say, oh well.