Virtualization Newsletter
 
NEWSLETTERS
 

CIO.com updates, insights and advice on technology, management and your career.

 CIO SOA
 CIO Microsoft
 CIO Web 2.0
More Newsletters | Edit Profile
 
RSS Feeds »
 
 
LEADERSHIP
 
CIO Executive Programs
The Leader in Face-to-Face Education for Senior Executives

Offering regional and national programs, CIO (and CSO) events bring together some of the most respected names and thought leaders in information technology and security. Presented by CIOs and other senior level executives, these invitation-only programs offer timely topics and strong networking. Learn More »

 
CIO Executive Council
A Peer-Advisory Service and Professional Association for CIOs

Turn Geeks into Leaders

June 17, 11:30 AM - 12:30 PM U.S./ET (GMT-4)

Larry Bonfante, CIO of the U.S. Tennis Association, will discuss the skills and approaches that your rising IT leaders must learn to be effective in an executive capacity.

How to Handle Your New CEO: Managing Turnover at the Top

June 18, 11:00 AM - 12:00 PM U.S./Eastern (GMT-4)

Turbulent times have increased turnover at the top. Find out what Council CIOs have done to "break in" new CEOs—build relationships, set expectations, educate on the role of IT.

Mid-Market CIO Panel: Tips and Techniques for Improving Vendor Relationships

July 15, 4:00 PM - 5:00 PM U.S./Eastern (GMT-4)

We'll highlight relationship priorities and best practices identified in a Council study, and we'll interact with a CIO panel on the approaches they've used to improve strategic vendor partnerships.

Executive Competencies Assessment Tool

Assess Your Business Leadership Skills with the Council's new benchmarking tool. Rate yourself in change leadership, strategy, customer focus and more.

More / Register »

Learn more about the CIO Executive Council »



 
 
RESOURCE CENTER
 

buy a link »

Ads by TechWords
 
 
SUBSCRIBE TO CIO
 
Are you involved in setting the direction for your company's IT budget or strategy?

Apply today for a FREE subscription to CIO Magazine!

Subscription Services »
Reprints »

 
 
News Feature
 

MacBook Vulnerable to Wireless Hack

Security researchers David Maynor and Jon Ellch performed a digital drive-by Wednesday at the Black Hat USA conference. Their target: ...

 

August 03, 2006CIO

Security researchers David Maynor and Jon Ellch performed a digital drive-by Wednesday at the Black Hat USA conference. Their target: an Apple Computer MacBook.

The two researchers have found ways to seize control of laptop computers by manipulating buggy code in wireless device drivers. In a videotaped demonstration at the conference, Maynor showed how to use sophisticated hacking tools to add and remove files on a Wi-Fi enabled MacBook, manipulating the system from an adjacent laptop computer.

Wireless devices are designed to be constantly sniffing for new networks, and this can lead to security problems, especially if their driver software is buggy.

This can often happen as vendors rush to implement the complex wireless standards, said Ellch, a student at the U.S. Naval postgraduate school in Monterey, Calif. "A lot of hardware manufacturers have to ship stuff quickly," he said. "One of the things that gets sacrificed in the speed game is security."

Apple is not the only vendor to have problems with its wireless drivers, said Maynor, who is a researcher with SecureWorks. By exploiting bugs in four different wireless cards, the researchers found ways to seize control of laptops running Windows and Linux as well, they said.

"Don’t think that just because we’re attacking Apple that the flaw itself is in Apple," Maynor said. "We wanted to do some other demos and they weren’t panning out."

However, Maynor said the researchers knew that if they showed their demonstration on a Mac OS X system—generally considered to be a very secure platform—that show attendees would take their findings seriously.

The idea of poking a hole in Apple’s current advertising campaign, which smugly boasts that Mac OS X is more secure than Windows, also appears to have been a factor. "I’ve got to be honest, those Mac commercials, they just jump right out at you," Maynor told attendees during his presentation.

The researchers are now working with Apple to fix the problems, which may involve both operating system and driver patches, according to Maynor. Apple declined to comment for this story.

The Black Hat demonstration came just days after Intel issued patches for wireless driver flaws that could lead to the same problems that the researchers demonstrated in Las Vegas.

Maynor and Ellch could not say whether Intel’s patches addressed flaws that they had discovered, but they said they had not worked with the chipmaker on these fixes.

It is possible that the Intel patches were released in anticipation of their talk, the researchers said. Still, both men praised Intel for addressing driver security. "You have to admire a company that would proactively fix things before a talk instead of waiting until afterward," Ellch said.

 
 
Loading...
 
WHITE PAPERS

Faster, Easier, more Effective IT Infrastructure

Business continuity with low administration and maintenance costs. Can you make it happen? This Oracle business brief explains how mid-sized can improve performance by creating an IT infrastructure that makes working faster, easier and more effective.
 

Maximum Efficiency Gains with Virtualization

Learn best practices to optimize your infrastructure and operations department and gain the most from virtualization.
 

Manage Virtualization Initiatives

Learn how you can better manage virtualization initiatives to recognize this technologys maximum value.
 

Cost Effective Data Loss Prevention

Learn how Data Loss Prevention technologies can in fact be deployed in a cost effective manner.
 

Data Loss Prevention and Enterprise Rights Management

Enterprise Management Associates highlights the complementary values of Data Loss Prevention and Enterprise Rights Management as a strategic approach to information risk control.
 

Investing in Business Analytics Technology

Find the answers to your questions about business anyalytics initiatives.
 

WEBCASTS

Webcast with Dan Vesset: Investing in Business Analytics Technology

What exactly is business analytics and why should you care? Dan Vesset of IDC and Gaurav Verma of SAS answer this a...
 

Capitalize on Your SAP Content

After 18 years of partnership and over 3,000 successful customer deployments, Open Text has become SAP's premier pa...
 

Enterprise Cloud Computing: Ready for Primetime?

The progression toward enterprise cloud computing is happening today, as industry leaders deploy technologies that ...
 

Preparing Your Business Services for the Future

Would you trust your network monitoring tools enough to know when something is truly halting a business service? Wh...
 

Enterprise System Management Challenges in Big Organizations with Eli Almog

In this Podcast with Eli Almog, Corporate Architect in BMC's CTO Office, discusses how IT managers can know when it...
 

BSM in the Field, Practical Insights from Peter Armaly

Have you thought about BSM, but haven't quite gotten the buy-in you need? Get down and dirty with BSM installations...
 

Resource Alerts

Get instant email notifications by topic when white papers, webcasts, and case studies are added to our library.

 
FEATURED SPONSORS
 
 
 
SPONSORED LINKS
 

Taking the Service Desk to the Next Level

Why Data Loss is Increasing--and What You Can Do About It

Data Loss Prevention: A Better Way to Approach Security

Learn how to managing client systems in the enterprise.

Cloud Computing: Read about VMware's compelling vision & set of products

Enterprise PBX Buyer's Guide

Secondary Market Primer: Your Network at Half Price

Top-line Performance that's Bottom-line Efficient

Accenture: Outsourcing for uncertain times. Click to learn more.

White Paper: 8 Key Ingredients to Building an Internal Cloud

Read about virtualization and consolidation effort best practices

Building the Virtualized Enterprise with VMware Infrastructure

Top 10 Business and IT Drivers for the Wealth Management Sector

Bottom-Line Benefits of Virtualization

White Paper: The Building Blocks for Cloud Computing

Oracle's Application Grid Technical Demo

Next-Generation Application Servers and Infrastructure

Application Infrastructure at Enterprise Organizations

Achieving Business Agility with Application Grid

Learn about The Information Technology Infrastructure Library.

Achieving Pervasive Performance Management

Automating the Generation and Secure Distribution of Excel Reports

Introducing the new HP ProLiant G6 server family

Accenture: Outsourcing for Competitive Advantage. More...

Better spam protection with Postini for just $1/user/mo

Seven Ways ITIL Can Help You in an Economic Downturn

Maximizing the Business Value of the PC Infrastructure

Communications and Collaboration Needs at Business Organizations

Using Open Source to Deploy Web Applications

Mid-Sized Company CIO Community: infoBOOM!

Enterprise PBX Comparison Guide

Getting Value from Outdated Networking Equipment

Accenture IT Consulting: Logical meets technological. More . . .

Stop Application Fraud at the Source with Device Reputation

Learn about the VMware vSphere (TM) & Intel (R) Xeon (R) Processor 5500 Series

Learn how a virtualized enterprise can help your company reduce costs

Why Isn't Server Virtualization Saving Us More?

8 Key Ingredients to Building an Internal Cloud

Data Center Optimization: Three Key Strategies

A CIO Executive Guide: Cloud Computing Looms Big on the Horizon

Oracle WebLogic Server Technical Demo

Data Grids and Service-Oriented Architecture

Achieving the Impossible: Unlimited Application Scalability

A Middleware Foundation for Application Grid

Tips for successful virtualization management.

Smart Decisions: The Role of Key Performance Indicators

Gartner Shares Predictions for 2009

Accenture IT Consulting: Enabling high performance. More...

Top Five CIO Challenges

Insight makes it easy to spend your Microsoft subsidy check.