MacBook wireless security exploit fracas primer
In case you haven’t been following this mini-saga – about two security researchers, an alleged MacBook wireless security vulnerability, and a writer from the Washington Post – here’s your study guide.
The original story at blog.washingtonpost.com (does the “blog” part mean we should lower our journalistic expectations?) has the unassuming title of “Hijacking a MacBook in 60 Seconds.” An alternate, more descriptive title is “Hijacking a MacBook via a Third-Party Wireless Card that Nobody Would Ever Use, in 60 Seconds, and Also Allegedly Hijacking it via the Built-In Card that Everybody Uses, But Wait, Maybe Not, Sorry, We Can’t Talk About That.” You can see why they went with the shorter title.
Then there was a follow-up, followed by an update to the follow-up, followed by the release of the verbatim transcript of the original interview. Much heat, not much light.
Then John Gruber got sick of all this and issued an open challenge – offering a brand-new MacBook in exchange for a demonstration of the alleged exploit against a stock machine. No takers. Then an update to the challenge. Still no takers.
What’s interesting is that while my gut – based on the behavior of the key participants, not on technical details – says that there is actually no exploit that works against the stock MacBook, I’m not nearly as positive as Gruber is. I look forward to learning the truth, which is scheduled for delivery Real Soon Now.
By the way, don’t read any of the contentious comment threads attached to the various blog postings. You’ll just feel dirtier and more confused.
More as the situation develops.