More than a year after claiming to have found a way to take over a Macintosh computer using a flaw in the system's wireless card, David Maynor has published details of his exploit. More than a year after claiming to have found a way to take over aMacintosh computer using a flaw in the system’s wireless card, DavidMaynor has published details of his exploit.The details were included in a paper published in the September issueof Uninformed.org, an online hacking magazine. The lengthy paperdescribes how to run unauthorized software on a Macintosh by takingadvantage of a flaw in Apple’s AirPort wireless drivers.Apple patched the bug on Sept. 21, 2006, without crediting Maynor fordiscovering the problem. Instead, Apple’s engineers found the bugduring an internal audit, the company said.Maynor and researcher Jon Ellch first described this type of problemduring an August 2006 presentation at the Black Hat security conferencein Las Vegas. He was widely criticized by the Apple community forfailing to back up his claims with technical details, and forpresenting a video demonstration that used a third-party wireless cardinstead of the one that ships with the Mac. On Tuesday, Maynor said that at the time of the Black Hatdemonstration, he had found similar wireless bugs in a number ofwireless cards, including Apple’s AirPort and that he had been told touse the third-party card in the video because it was deemed “the leastoffensive to people.”So why publish the Mac hack now? Maynor said that he had been under a nondisclosure agreement, which hadpreviously prevented him from publishing details of the hack. Thesecurity researcher wouldn’t say who his NDA was with, but thatagreement is no longer in force, allowing him to talk about theexploit. “I published it now because I can publish it now,” he said.By going public with the information, Maynor hopes to help other Appleresearchers with new documentation on things like Wi-Fi debugging andthe Mac OS X kernel core dumping facility. “There’s a lot ofinteresting information in the paper that, if you’re doingvulnerability research on Apple, you’d find useful.” Maynor will soon publish a second paper on Uniformed.org explaining howto write software that will run on a compromised system, he said.By Robert McMillan, IDG News Service (San Francisco Bureau)As for his detractors, who will say that this disclosure comes toolate, Maynor says he just doesn’t care what they think. “Let them tearme apart all they want but at the end of the day the technical merit ofthe paper will stand on its own.” Related content news UK government plans 2,500 new tech recruits by 2025 with focus on cybersecurity New apprenticeships and talent programmes will support recruitment for in-demand roles such as cybersecurity technologists and software developers By Michael Hill Sep 29, 2023 4 mins Education Industry Education Industry Education Industry news UK data regulator orders end to spreadsheet FOI requests after serious data breaches The Information Commissioner’s Office says alternative approaches should be used to publish freedom of information data to mitigate risks to personal information By Michael Hill Sep 29, 2023 3 mins Government Cybercrime Data and Information Security feature Cybersecurity startups to watch for in 2023 These startups are jumping in where most established security vendors have yet to go. By CSO Staff Sep 29, 2023 19 mins CSO and CISO Security news analysis Companies are already feeling the pressure from upcoming US SEC cyber rules New Securities and Exchange Commission cyber incident reporting rules don't kick in until December, but experts say they highlight the need for greater collaboration between CISOs and the C-suite By Cynthia Brumfield Sep 28, 2023 6 mins Regulation Data Breach Financial Services Industry Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe