Headline Feeds
At the Black Hat USA conference, two security researchers demonstrated how easily they could hack into a Mac computer -- in this case Apple's (Nasdaq: AAPL) MacBook -- over a wireless network.
Operating from a nearby laptop, David Maynor, a senior researcher with SecureWorks, and graduate student Jon Ellch took aim at the MacBook's wireless card and wireless device, compromising the computer in about 60 seconds.
The object lessons from this demonstration are manifold, starting with the simple fact that computer security must go beyond installing software to shield the operating system to include protection for wireless devices and cards. There is also this hard truth: It is becoming increasingly clear that Apple computers are not as safe as they were once perceived to be.
Targeting Mac
However, a caveat is necessary: Using a Mac is still far safer than using a Windows system.
"Out of the box, a Mac is more secure than Windows," Scott Carpenter, director of security labs at Secure Elements, told MacNewsWorld.
"The problem is, Apple has been fostering a campaign telling consumers they don't have to worry about security if they use a Mac. They are not any more or less secure about vulnerabilities in their code than Windows, but they like to pretend that they are," he observed.
Noting that Apple has some smart security people on its staff, Carpenter suggested there might be "a behind-the-scenes war between them and marketing 
about the image a Mac should project."
He voiced another big gripe about Apple's approach to security: "Microsoft will tell you the criticality of a certain patch. Apple refuses to tell you if a patch is critical or not. It won't even tell you if it is a fix to a vulnerability or whether it is just a problem in the code. Their attitude is, 'Just trust us.'"
Wireless Security
That said, the hack attack into the MacBook would have worked on any laptop that didn't have the highest wireless encryption available installed.
Even with such encryption, Carpenter said, no system is 100 percent fail-safe. "Wireless in particular is inherently insecure, because people tend to use the lowest level of security that there is."
However, Mac's wireless device uses an old version of encryption -- WEP, or Wired Equivalent Privacy -- which is very easy to hack, he pointed out.
"It is very easy to break that protocol," Carpenter said. "I've done it for a major metropolitan government. I sat outside their office on my Harley and sniffed and sniffed and sniffed until I broke into their network."
Talkback: 
