Huh-huh! I said "phuc"!

HD Moore, author of the recent Zero-day exploit of Apple’s 802.11b drivers, is just so totally teh awesome funny!

According to him!

Here’s Moore congratulating himself on having the basic mental capacity of your average sixth-grader in coming up with “daringphucball.rb”.

“Normally I wouldn’t sink to this level but, damn it, it’s funny,” Moore said of his taunt to Daring Fireball.

Uh, yeah, it’s hysterical that Maynor and Ellch still haven’t provided public evidence of their claim and you’ve managed to create a completely different exploit and then forced a curse word into the name of a popular Mac blog.

Well, not really “laugh out loud” funny.

Wait, what’s supposed to be funny about that again?

Oh. That’s right. You said “phuc.”

Uh…

Yeah.

Despite the fact that Moore is being such a dick about it, you’ll notice there hasn’t been the same level of uproar about his exploit. Mostly because it’s on three-year-old systems, but also because he made a claim and he proved it. Contrast that to the precedent set by his good buddies, David Maynor and Jon “Johnny Cache!” Ellch.

These guys still don’t seem to get this, but it’s their arrogance that has chapped the Mac community’s ass, not the existence of any bugs.

OS X has bugs.

Everyone in the Mac community except Artie MacStrawman knows that. We actually like it when they’re found and patched. We’re kind of kooky that way.

What we don’t like is the big swinging dicks of hacking riding into town wildly waving lit cigarettes at everyone and shooting their mouths off to reporters with claims they then won’t back up because, oh, they forgot, they’re actually supposed to be selling that information but really it’s because Apple would sue them or, no, they’d love to explain it to everyone but they’ve got their period this week so you’ll have to wait a couple to twenty days.

You can read Moore’s pissy missive to John Gruber from several months ago here to see the genesis of this one-sided feud.

Your arrogance and complete naivete in all things security has finally gotten to me.

You could easily convince me that you aren’t a moron by flying to Austin (TX) and taking a standard IQ test in front of me. If you don’t show up by next week, I will have proved that you indeed are a moron, and will post to my blog to make it seem credible. If you do show up and score 100 or higher, I will pay for your airfare, otherwise you walk home.

The implications are obvious if you understand the details. If you don’t understand what remote code execution at ring-0 means, its not Johnny’s job to educate you (nor mine).

Then read the post by Gruber he’s responding to in which Gruber does nothing but ask questions and explain his frustration.

That arrogant bastard! How dare he question his betters?!

Moore makes a point of saying what great guys Maynor and Ellch are and how we should all just trust them that they’re right in this. Evidently, being a security professional is never having to explain yourself. Accusations – OK. Proof – optional. Gotcha.

You lowly users should just take the word of those in the l33t hacking community and if you don’t know what code execution at ring-0 is, well, why do you even have a computer? Gawd! You’re so stoopid!

“I picked up USB Wi-Fi adapters from six different vendors yesterday. It should be a busy week,” Moore said.

Moore’s week will probably go something like this:

  • Monday: Vigorously pat self on the back for inserting an obscenity into a website name.
  • Tuesday: Ice arm strained from vigorous self-congratulation.
  • Wednesday: Call David Maynor and Jon “Johnny Cache!” Ellch and talk about how hysterically funny it was to have put an obscenity into a website name.
  • Thursday: Spend entire day surfing for references to personal awesomeness in having put an obscenity into a website name.
  • Friday: Start to look for bugs in USB Wi-Fi adapters.

That’s a full week right there!

Mac users, if you’ve enjoyed Moore’s condescending attitude and charming schoolboy fascination with curse words, don’t worry! The “Month of Kernel Bugs” is supposed to cover all desktop operating systems, but you can bet that these guys will be paying special attention to OS X. And, of course, they’re going to find some.

Feel free to ignore the lame end-zone dancing when they do.

Comments
  • Damn! You’re good. Ate it all up and wanted to go back for seconds. Please keep up the great work.

  • That drink that Gruber promised you…I’ll buy you a whole bottle of Cuervo Gold. And a meal. And some steaks. And Mrs. Paul’s breaded fishsticks.

  • ndelc:

    Great article on a subject that seems to refuse to die. What an arrogant prick. Where’s a lit cigarette when I need one. It just goes to show you, less is Moore.

  • Geez, do I need to ‘double down’ and provide Grueber with a ticket to Austin, TX?

    > Code execution at ring-0, do you understand it?

    Yes, actually, I do.

    Do I need to skull-fuck Mr. Moore now?

  • Jeremy Forsyth:

    Great article.

    I hate it when people change the spelling of swear words. If your going to swear at least have the decency to swear properly. Please don’t insult my intelligence by trying to pass of a ‘naughty’ word as a not-so-naughty word that 12 year olds giggle at when you say it out loud.

    Oh also, i quickly googled phuc and it appears that the word phúc is Vietnamese for “happiness, good fortune.” Maybe someone who speaks the language could confirm this.

  • “vigorous self-congratulation”

    Sounds almost like another behavior quite normal for young single men and women. (We have no evidence on macalopes and other mythical beasts yet.)

  • Moore? Phuc that idiot.

  • Harvard Irving:

    What makes the attempt at humor even below schoolboy level, is that he can’t even bring himself to write “fuck” and has to obscure the word with a misspelling.

  • Mrs. Paul’s? Pfft, I’ll spring for GORTON’S!

    and invites to any party at Macworld stupid enough to not let you in.

  • Great work yet again Macalope. This blog deserves a spot in every geeks daily bookmarks list-thingy, right next to DF. Phuc more!

  • Roland Saltburn:

    ‘ships’

    http://www.eweek.com/article2/0,1895,2049710,00.asp?kc=EWSWREMLP110606SWR1

    An Airport card that ‘ships’ with Powerbooks and iMacs.

    Irresponsible. Sensationalist.

    With the term PowerBook still being synonymous with an Apple laptop, many not so well informed readers, or perhaps anyone skim reading could easily think they mean currently shipping models.

  • hermi:

    George Ou has apparently moved on to Cringely in his attempt to get attention for his blog, and he displays some skill at looking things up in the Wikipedia:
    http://www.pbs.org/cringely/pulpit/2006/pulpit_20061102_001174_comments.html

  • Reminds me of Douglas Adam’s description of how he came up with the name Slartibartfast: he decided this character needed a secret shame, and this secret shame could be his name, and so he started with Phartyphucbawlz and then fiddled with the syllables just enough to make a name that was broadcastable.

  • Clint:

    “hey guys, guys get this. i’m going to name this exploit after DF, but with a twist. i’m going to put ‘fuck’ in the name, but spell ‘phuc’ instead! get it? ‘phuc’! eh? eh? i am so awesome! totaly… hey you guys wanna play tag after lunch?”

  • “Put up or shut up! Put up or shut up!

    What?

    Ok, fine then. quit gloating.

    asshole.”

  • geoffrey:

    Actually, HD’s giggly manner about phonetic curses aside, I can confirm that the exploits he discusses (his and Johnny Cache’s) are, indeed, real. You don’t have to believe him, but HD is an extremely intelligent guy. He gets more done (pun intended) in an hour of coding than most of us do in a week. Trust him, or not, it’s up to you. I, on the other hand, have witnessed, firsthand, the Apple wifi exploits.

  • Well, that’s great for you, but we don’t know you.

    There are so many people these guys could have shown the exploit to – Glenn Fleishman, Jim Thompson, John Gruber, Sam Leffler for chrissake – but who did they show it to?

    Brian Krebs, HD Moore, you – whoever you are – and George fricking Ou (by appearances anyway).

  • geoffrey:

    That’s correct. *You* don’t know me. So, my word isn’t worth much to you. Providing my “bona fides” to you is worthless. Grab a copy of the Metasploit 3 framework and look through the wifi payloads. Or, if you’re willing to travel to Austin, grab a flight down here for the 20th. Anyone is welcome to attend the AHA gatherings, and you can speak to HD personally about your problems with him. All the info you need to know about the AHA meeting for this month can be found here: http://wiki.austinhackers.org/2006-11-20-0x0003 Hope you find yourself some closure.

  • If you read the post, the Macalope doesn’t have a problem believing the Metasploit exploit. He released it, so those more knowledgeable than the Macalope can verify his claim (exactly what Maynor and Ellch didn’t do). But HD said it was unrelated to Maynor’s exploit.

    As for finding closure, it wasn’t the Macalope who rekindled this by putting a dirty-sounding word in the file name.

  • geoffrey:

    From what I understand,Maynor and Ellch have been told they will encounter legal action from Apple if they disclose more than they have already. If you do, as a respected voice in the Mac community, wish to verify the problem for yourself, come to the next AHA gathering. I’m sure HD will be happy to run a demo. Some of the specifics of the exploit are still in a sort of legal purgatory, so everyone seems uncomfortable discussing them. See what happens when companies get involved? This is a great argument for Open Source systems. The BSDs and Linux distros would just fix the problem and move on, not threaten researchers in hopes of delaying an embarrassing public disclosure.

  • Ned Harwick:

    What is with this vogue of citing technopunditbabble to sidestep simple comments? “Grab a copy of the Metasploit 3 framework and look through the wifi payloads,” or, dare I mention, “Code execution at ring-0.” Sigh… I’m too dumb to understand, so I better got buy a nice, safe Dellpaqway PC. Oh, btw, Geophrey: you can’t suffer “legal action” for disclosure unless (a) you signed a NDA, or (2) you are lying. (seriously, there just aren’t any Apple-logo’d Black Helicopters…)

  • geoffrey:

    Ned, even if you win a lawsuit, it costs money to defend yourself. 😉

  • geoffrey:

    Happy? The month of kernel bugs has delivered a broadcom chip flaw from Ellch.

    http://www.eweek.com/article2/0,1895,2056023,00.asp

    Besides paying to defend yourself, if your employer has a lucrative contract with Apple or Intel, and they threaten to kill the contract, that is a threatening action as well.

  • fudo:

    Unfortunately for Geoffrey, the “threat of legal action by Apple” is, just like the original “exploit”, so much vapor. No convincing evidence that it exists anywhere outside of Maynor and Ellch’s imaginations. And no, the fact that now, months later, Ellch has come up with a completely unrelated flaw proves, once again, nothing.

    And as for “See what happens when companies get involved?” conveniently ignores the fact that security researchers who provide evidence of real exploits to Apple are routinely credited by Apple when patches are released.

Leave a Reply to Jim Thompson