"Month of Kernel Bugs" Project Head Interviewed - Slashdot

Slashdot is powered by your submissions, so send in your scoop

×

"Month of Kernel Bugs" Project Head Interviewed 42

Posted by CowboyNeal on Saturday November 11, 2006 @12:30PM from the getting-to-know dept.

An anonymous reader writes "November has been labelled the 'Month of Kernel Bugs' in security circles. The Month of Kernel Bugs began on November 1, with the publication of a vulnerability in Apple's AirPort drivers. SecuriTeam blogs did an interview with LMH, who hosts the project."

This discussion has been archived. No new comments can be posted.

"Month of Kernel Bugs" Project Head Interviewed

Search 42 Comments Log In/Create an Account

Comments Filter:

A question I wish was answered (Score:2, Insightful)

by BadAnalogyGuy ( 945258 ) writes: <BadAnalogyGuy@gmail.com> on Saturday November 11, 2006 @12:36PM (#16805900)

Who is LMH?

Share
twitter facebook
Comment removed (Score:1, Insightful)

by account_deleted ( 4530225 ) writes: on Saturday November 11, 2006 @01:36PM (#16806296)

Comment removed based on user account deletion

Share
twitter facebook
Apple vs Broadcom (Score:5, Insightful)

by Kadin2048 ( 468275 ) writes: <slashdot.kadin@xox y . net> on Saturday November 11, 2006 @02:29PM (#16806656) Homepage Journal

I'm not sure this is true. I don't think vulnerability was in all wireless drivers; that would just be too weird. There are hundreds of different WL chipsets and driver stacks; not all of them are written that crappily. A good many may be, but not all.

There was apparently a problem in Apple's drivers, as well as in a lot of other closed-source drivers. In fact, when those two guys did the "Hack a MacBook's Wireless in 30 Seconds" demo (of which I am a bit ashamed to admit I submitted the /. article for), they weren't even using Apple's wireless card or drivers, they were using a third-party one, and then just implicated Apple later.

If you read a few posts up in the thread you'll see that they have now found a pretty big hole in Broadcom's (assumedly Windows) drivers for wireless cards, where transmitting a specifically crafted SSID can result in kernel-mode code execution.

I think Apple got hit because it was a big target; since Microsoft doesn't specifically (to my knowledge) make WL drivers, and Apple being bigger than any single third-party WL-card vendor, when people found a vulnerability affecting many drivers and chipsets, they went for the one that would get them the most press coverage. While I can't condone this (since I think it involves fear-mongering and pandering to the knee-jerk Apple-haters), it's not hard to understand.

Parent Share
twitter facebook
Re:Apple flaw? No. (Score:1, Insightful)

by Anonymous Coward writes: on Saturday November 11, 2006 @05:11PM (#16807878)

Why is that Apple supporters are in such denial about their favorite products having security flaws?

umm maybe because it is not just an 'APPLE' flaw. It is the attempt to hide this that is the problem. Look at it this way.
THE BATTERIES IN APPLE COMPUTERS ARE ALL GOING TO BURN (and all other computers using batteries from the same plant in china will do the same thing.)
Yes, apple products have their 'issues' - but FUD is FUD. Good you found a bug. Next time do your homework and figure out where the bug is really from.
Go ahead and mod this as flamebait - it is - but it is also the truth.

Parent Share
twitter facebook

There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.

Related Links Top of the: day, week, month.

390 comments32-Hour Workweek for America Proposed by Senator Bernie Sanders
358 commentsWhat Should Happen to Empty Downtown Office Spaces?
340 commentsHacktivism Erupts In Response To Hamas-Israel War
324 comments'Feedback' Is Now Too Harsh. The New Word is 'Feedforward'
248 commentsWorkers are Resisting Calls to Return to Offices

Old programmers never die, they just hit account block limit.