Dave Taylor answers free tech support questions about a wide variety of business and technical topics, including blogging, iphone help, ipod help, AdSense, MySpace, Sony PSP help, Mp3 players, Windows XP, Windows Vista, Linux, SEO, Mac OS X, Facebook, Twitter and LinkedIn.

How do I disable unknown wifi access on my Mac PowerBook?

I've become paranoid about security on my Mac laptop and just bumped into a story about some hackers who claim that they can break into a Mac laptop via the wifi connection. Yikes! How do I disable the hole so that no-one can use this exploit to get into my computer??

Dave's Answer:

You might be a bit paranoid, you're right. The exploit you're talking about is probably that described in this news.com story about David Maynor and Jon Ellch at the hacker's conference Black Hat who purported to demonstrate how to hack into a Mac laptop via the wifi connection.

There are some problems with what they demonstrated, not the least of which was that they had to insert a third-party wireless networking card into the Mac, which precious few people I know with PowerBooks or MacBooks use, but nonetheless, let's look at how to disable that possible exploit on your Mac instead.

The key? All you need to do is teach your computer not to connect to unknown networks without you're explicit approval.

This is done with the following steps:

First, go to Apple --> System Preferences... and select the "Network" pane. It looks like this:

Mac OS X : System Preferences: Network

Now you need to select "Airport" and click on "Configure...". It looks like this:

Mac OS X : System Preferences: Network: Airport

You can see the problem in my own screenshot here: the default join of "Automatic". What this means is that when a new network shows up, legit or not, it'll automatically be joined by my Mac. Not good.

To change this you'll need to choose "Preferred Networks" rather than "Automatic". When you do that, a list of all the networks you've joined in the past appear:

Mac OS X : System Preferences: Network: Airport

To make your computer completely secure, simply delete every network here that you don't have 100% confidence is secure. Now any time you encounter a new network it'll pop up a message asking if you want to join it, rather than just blindly connect.

Hope that helps you feel safer!



Help others find this article at Del.icio.us, Digg, Netscape, Reddit, and Simpy.

Categorized: Mac OS X Help   (Article 6740)
Tagged: , , , ,
Previous: Blu-ray versus HD DVD: what format is better?
Next: How do I embed Google Video on a Blog Entry or Web Page?

Subscribe!

Never miss another useful Q&A article again! Subscribe to AskDaveTaylor with Google Reader.

Comments

I think that to be truly safe, you have to remove the driver totally. Otherwise, it will probably still be receiving and partially processing WiFi frames which could subvert it before it even can decide that no WiFi networks are allowed. (Remember that these exploits are at the raw WiFi frame level, which is below the Ethernet-ish level, much less the TCP/IP level.)

And if you want to be extra safe, you might consider disconnecting the WiFi hardware within the laptop. This is possible on some Windows laptops -- I almost did this on my HP, but settled for never installing the WinXP driver. (I did this out of general distrust of WiFi security, long before these low-level exploits became known.)

Posted by: Paul Kosinski at August 13, 2006 9:56 PM

I wanted to mention that many people are going to have "linksys" and "netgear" as the ssid of their access point. It would be a simple matter for hackers to name their hacking network one of many default ssids. For me, that means that these names fit under your "simply delete every network here that you don't have 100% confidence is secure" category.

Posted by: Ben Zvan at August 15, 2006 2:30 PM

I have a lot to say, but ...
Starbucks coffee cup I have a lot to say, and questions of my own for that matter, but most of all I'd like to say thank you for all your efforts on this Web site by buying you a chai!

I do have a comment, now that you mention it!









Remember personal info?


Please note that I will never send you any unsolicited commercial email. Ever.

While I'm at it, please note that by submitting a question or comment you're agreeing to my terms of service, which are: you relinquish any subsequent rights of ownership to your material by submitting it on this site.









Uniblue: Free Virus Scan

Search
Find just the answers you seek from among our 1700+ free tech support articles by using our Lijit search engine.


Help!
Ask Dave for Help!




Link To Dave!
• Buy Dave a Cuppa •
Media Queries

Subscribe to
Ask Dave Taylor!

Add to Google Reader
Add to My Yahoo!
Subscribe in NewsGator Online

RDF   XML

Free Updates!
Sign up and get free weekly updates and special offers on books, seminars, workshops and more.

Complete Archives

Recent Entries
Join the List!
Join my author info mailing list, where you'll learn about my upcoming books, speaking gigs, and more!


Book Links
CIG Growing Your Business with Google
Creating Cool Web Sites
Wicked Cool Shell Scripts
Learning Unix for Mac OS X Panther
Solaris 9 for Dummies
Teach Yourself Unix System Administration in 24 Hours
Teach Yourself Unix in 24 Hours
Creating Cool HTML 4 Web Pages
Dynamic HTML Weekend Crash Course
training - speaking - writing - business blog - photography - bio - tech support
© 2002 - 2008 by Dave Taylor. All Rights Reserved.

Note: This web site is for the purpose of disseminating information for educational purposes, free of charge, for the benefit of all visitors. We take great care to provide quality information. However, we do not guarantee, and accept no legal liability whatsoever arising from or connected to, the accuracy, reliability, currency or completeness of any material contained on this web site or on any linked site.

[whiteboard marker tray]