Category: OS X

George Ou speaks again, John Gruber’s “super long analyis” (shorter Ou: “Damn, this David Burke, who has a recurring role as a D.A. on Boston Legal.

That’s just the kind of of top-notch legal advice you want when refuting a blog post!

So, let’s get down on it! Burke copies whole heaves of text from Daring Fireball to set the ground work for his massive take-down!

Sorry for the following extended quotes, but this is the evidence he uses to support his concern, search the link if you would like to double check…

Uh, no, dude, that’s OK. I’m sure you’ve got mad copy/paste skillz. I’m sure you beat the hell out of that V key.

“Copy. PASTE! Copy. PASTE! Copy. MOTHERFUCKING PASTE! Oh, man, I’m on fi-ya!”

Fox’s statement simply says; Maynor and Ellch have not demonstrated such a vulnerability to Apple.

…

Apple may in fact fully well have been contacted by Secureworks and may be quite aware the exploit exists and are working on it.

…

So his main concern is garbage.  See why you need trained people to examine the evidence?

Ah! You mean like someone who plays a D.A. on TV?

There’s just one problem with Mr. Burke’s stunning legal analysis.

“Despite SecureWorks being quoted saying the Mac is threatened by the exploit demonstrated at Black Hat, they have provided no evidence that in fact it is,” Apple Director of Mac PR, Lynn Fox, told Macworld.

[Emphasis mine.]

This is the graph that Maynor’s defenders kind sorta wish wasn’t there and, if you repeat it, will probably make them stick their fingers in their ears and go “LA-LA-LA-LA-LA-LA! I AM NOT LIS-TEN-ING!”

They much prefer to focus on the “sharing of code” quote, as Ou does here:

Fox never stated SecureWorks never contacted them, they only said that no code was shared.

The first part of that sentence is true. The second is not because of the use of the word “only.” She said that SecureWorks provided no evidence.

Ou says “You can’t have their code, bitch!”

You’re not entitled to a researcher’s code which they spent time developing.  Giving them the actual malformed packet that triggers the exploit and a pointer to the location of the flawed code is standard practice.

But for SecureWorks to have done this would have been to provide evidence, in which case Fox was mistaken or lying. But Ou’s not arguing that Fox is mistaken or lying. He’s arguing that she used PR gobbledy-gook to try to trick the world into thinking SecureWorks was wrong about the Airport hardware and drivers.

Ou then compliments his possibly imaginary friend on his legal acumen. You can learn a lot on the set of a popular legal show! I wish he’d asked him what Shatner’s really like!

While I know for a fact that Gruber is wrong and doesn’t know what he is talking about since I’m sitting on sensitive information at this point, I’m amazed that you can take Gruber’s own analysis and take it apart and get eerily close to what the truth is.

Well! Someone’s been hanging out in the super-secret hacker treefort in Maynor’s mom’s back yard with the Farah Fawcett poster on the wall!

I wonder if Ou has talked to Apple. Because single-sourcing from SecureWorks may not be the best way to go right now (see: Krebs, Brian). We already know that Ou has gone out of his way to falsely portray SecureWorks as good faith actors who were only interested in making Macs more secure and kittens and puppies more prevalent and spring! with the flowers and dancing and… and…

And that’s bullshit.

You don’t get to run around and say you want to stick a lit cigarette in its user-base’s eye and then pretend you weren’t out to get Apple.

At the end of the day, SecureWorks may be able to demonstrate a hack of Airport. I suspect there’s smoke coming out of that super-secret treefort right now and it’s not from the vigorous self-gratification to the Farah Fawcett poster. But until someone puts up or shuts up, a responsible journalist would not make ham-handed efforts to brow-beat others into silence with vague threats of lightning bolts from Mt. Olympus.

You might be thinking, jeez, this guy writes for ZDNet, I mean, that must mean he’s a responsible journalist, right?

Eh, maybe not.

Check out the specific link to this post.

Well, let’s continue the fun, just as Satan would want us to, shall we?

IN HIS HONOR!

Blaka n’rath mkran dalla soocra m’joran!

Oh, dammit, that’s Klingon.

Well, we’ll have another post later tonight (unless one of our Apple contacts calls us and wants to go out for drinks), but as Day 2 of Security Bitch Watch draws to a close, the radio silence from George Ou, Brian Krebs and SecureWorks continues. In the mean time, you can check out some posts from the lovely and talented Glenn Fleishman on the subject, or delve into the arcane aspects of Maynor’s supposed hack at Sex, Drugs & Unix.

Also, as this whole wifi incident is rather confusing, let’s make Friday’s Help Desk a special episode. You can either email me your questions or drop them in the comments of this post.

ALL HAIL SATAN!

…

I don’t really mean that.

I just like Satan as a friend.

UPDATE: As fate (OR SATAN!) would have it, we are going out with one of our Apple contacts. So we’ll see you tomorrow with more on Security Bitch Watch.

On George Ou’s blog post mentioned in the story below, he noted that David Maynor (aka the sensitive pink pony of hackers, who was needlessly subjected to the vicious ridicule of Mac users spurred on by a rabid Steve Jobs screaming “Fly, my monkeys! Fly!”) would be “bringin’ it on” (not a direct quote) and that he would provide “the bitch slap Apple so badly needs” (also not a direct quote) and that “sisters would be doin’ it for themselves” (that, oddly, is a direct quote).

Ou indicated on Sunday morning that SecureWorks’ totally bitching response of doom to the scurrilous Apple’s scurrilous press release of scurrility would be revealed “in the next couple of days.”

The Oxford American Dictionaries as accessed through Dashboard define “couple” as “two” or “an indefinite small number”, but I think we can start the watch as of this morning.

If Ou is right, we shouldn’t have long to wait.

Which is good because the suspense is killing us. This is the John Mark Karr case of the Mac world, you know.

Let’s review the players here and see who’s down for what.

SecureWorks’ George Maynor and Jon “Johnny Cache” (get it?! Puns rock!) Ellch – They hacked a MacBook using a third party wireless card and driver and – according to Brian Krebs – claimed they could do the same thing with a stock Airport card and driver. Krebs also said they claimed they totally told Apple about this and got hit over the head with a sock full of nickels by Steve Jobs who said they’d better not tell anyone or he’d finish the job.

Oh, and I’m sure this isn’t in any way relevant, but they also want to stab Mac users in the eye with a lit cigarette.

Ha-ha! Oh, you guys!

The Washington Post’s Brian Krebs – Krebs wrote that Maynor and Ellch claimed the Apple-supplied Airport card and drivers could be hacked the same way the third party ones could. Then said they didn’t.

Then said he stood by his reporting.

I may have some of that out of order, but that’s essentially it.

ZDNet’s George Ou – Ou is outraged – OUTRAGED! – that Mac users don’t want to have lit cigarettes stuck in their eyes! The nerve! Listen, Mac punks, if a respected security professional wants to stick a lit cigarette in your eye, you just ask him which one! GOT IT?!

Anyway, Ou says Maynor and Johnny Cache never claimed the exploit worked on Apple Airport hardware and drivers, even though he himself linked to Krebs’ post which says they did. And he says they actually demonstrated the hack against Apple hardware and software, which I guess they must have done while just raising their eyebrows a lot and pointing in silence as Ou says they never said they could do that.

He also had the temerity to claim

…Maynor chose an external third party hardware wireless adapter to avoid focusing attention on possible Apple hardware and software issues which may endanger Mac users.

Oh, that’s so sweet of him. See, he’s just looking out for us. What a nice guy. We should send him a fruit basket or some…

WATCH OUT FOR THAT CIGARETTE! SSSSSSSSSSSSSST! AAAAAAAAAGH! MY EYE! MY EYE!!! OH, MY BEAUTIFUL EYE!!!

…

Yeah, whatever, dude.

Apple Computer – Apple essentially said:

We haven’t seen anything from SecureWorks except a grainy video of an exploit of a third party card and driver.

Did we mention we don’t make or resell that card and driver?

‘Cause we don’t.

Oh, and we’d really appreciate it if you fuckers would stop using a MacBook in your demo.

Hugs and kisses,
Apple.

Here’s what we at Crazy Apple Rumors Site think may have happened. Our opinion is, of course, worth exactly dick.

Maynor and Johnny Cache wanted to demonstrate an exploit they had researched. They also wanted to take a jab at the security of the Mac operating system – a metaphorical jab much like the actual jab with a lit cigarette they’d like to take into the eyes of Mac users everywhere (have you heard this part?). Not really knowing much about Macs (a point I’ll prove at the end), they decided to use a third party wireless card they already knew was exploitable, not realizing it was highly unlikely any Mac user would have a need for a third party card.

Krebs then over-hyped the Mac vulnerability, possibly misinterpreting Maynor’s comments about the exploitability of the stock Airport card and driver. It’s also possible Maynor knew there was a flaw in BSD and assumed it was also exploitable in OS X.

It’s apparently not.

So all this happened and Apple said “Wha-huh?” and Artie MacStrawman threatened Maynor’s life and then Ou freaked out.

That’s just our theory. We’ll gladly eat crow if we’re wrong. [UPDATE, ONE YEAR LATER: I came back to read this and was surprised at how much is actually right. Much, however, is wrong and since I’m all about accuracy… While we STILL haven’t seen the whole exploit, it now looks like they probably did have one on Apple’s native card. But what they sent Apple was not code for an OS X exploit. And then they acted all squirrelly instead of manning up and just releasing the damn thing. Why these few drama queens couldn’t behave like any other security professional who finds a Mac bug is beyond me.]

Except for Ugluk who doesn’t eat crows because he considers them sacred.

He’ll have crowfurkey.

Wait, that’s not right. It’d be… “crowfu”, I guess. Crowfurkey’d be some mutant hybrid of a crow and a turkey.

That’s not right either. It’d be a crow and a tofurkey.

What?

Oh.

Ugluk says that is what he’ll have. The mutant hybrid of a crow and a tofurkey. That’s apparently OK. Um… I’m not sure where we’re going to get that.

And he’d like a Sprite.

OK, look, I’m not really ready to take orders yet…

I’m not even sure if the place we normally go to get crow is open right now.

Anyway, we’re just about done with Day 1 of Security Bitch Watch and so far the silence…

…has been a little deafening.

Brian Krebs’ blog – where the whole thing started – hasn’t been updated since Friday and Ou’s blog (warning: annoying self-starting audio of Maynor’s presentation) hasn’t mentioned the controversy since the aforementioned post. SecureWorks’ web site hasn’t been updated since they added verbiage pointing out the hack took place with third party hardware and drivers.

But there is one other telling thing you need to know about this controversy:

Maynor – in the video of his presentation of the exploit – repeatedly calls the MacBook he’s using “this Apple.” As in “This Apple will connect back to the attacker.”

I don’t know about you, but that tells me a lot.

I’m just sayin’ Maynor or Krebs might want to think about what wines go with crow.

Joining the increasing throngs of uber-geeks who have switched from the Mac OS to Linux, I regret to announce that I have come to the conclusion that I can no longer justify my use of Apple’s proprietary data formats.

For too long Apple has attempted to lock its users in to its closed platform and closed applications.

For this reason, I have reformatted my Performa 6400 and installed Yellow Dog Linux.

Yes, I know this will come as a shock to many of you, but I am eschewing Mac OS 9.2 for a more modern, stable operating system.

And, I must say, it’s going swimmingly so far. Installation was a breeze and I’m now enjoying the benefits of a fully cooperative operating system with protected memory and a host of robust applications with open data formats.

All…

Um…

All at a 640 X 480 resolution.

You know, I don’t know if you’ve ever tried to use an operating system release that’s come out since 1999 at 640 X 480 but it’s practically impossible. Modal windows don’t have scroll bars and when you can’t see the buttons because they’re off the screen, it makes computing kind of a crap shoot.

I tried picking my particular monitor – an Apple Multiscan 15-inch – in the display configuration and, well, things pretty much just went to shit. The colors all went to five different shades of orange and the display space was just half the vertical area of the screen.

Not easily dissuaded from my goal to ditch OS 9.2 and enjoy the wondrous, magical fairyland of openness that is Linux, I sought the professional help of a Linux geek in an online forum.

Here’s how the conversation went:

ME: I can’t seem to get the screen resolution right. I’m picking the exact monitor and video card I have from the list, but it gets all goofed up.

LINUX GEEK: You need to add a video argument to BootX, such as “video=atyfb:vmode:17,cmode:24”. Boot into Linux and run Xconfigurator and setup your video as desired. Then exit and run startx. It’s easy!

ME: Uhhh… OK. Gosh, there are a lot of parameters in your argument there. Not to mention all the colons. Maybe you can walk me through that a bit. Mine’s a 15-inch monitor. Should I change the 17 to a 15? What does the rest of it mean?

LINUX GEEK: Open your display.temp.config.pants file, set line 974 to “stun” and then reboot in gigantic robot mode.

ME: “Gigantic robot mode”?

LINUX GEEK: Just before the donkey appears, press command-option-shift-umlaut-fire and bark like a crazed hyena. Now dump your trash on your head and wave your genitals in the air in a circular motion with arms akimbo.

ME: OK, now you’re just talking gibberish.

LINUX GEEK: Aboogee agga! Muwasi matoombo! AI-AI-AI-AI-AI-AI-AI!

Well.

At least I’m still running OS X on all my other hardware.