Text of Speech Given Johnny Cache at ToorCon 2006 in lieu of his and David Maynor's scheduled talk on "Wireless Drivers" San Diego, CA Sept 30, 2006 -- So, most of you know that we were supposed to be talking about exactly what happened with us regarding Apple and the Black Hat talk we gave. Most of you probably also saw that SecureWorks told a few reporters that they were not letting dave give this talk. I can not give this talk without Dave. A lot of people think that dave just flaked out and missed his flight or something. That is not the case. Dave very much wanted to be here. The fact that Secureworks/Apple managed to compel him not to means that they must have had something very compelling to stop him. I'm not supposed to talk about what that is. Mac bloggers everywhere will view this as some sort of victory. There are already people writing that the Secureworks stopped Dave because we were going to get up here and say that it was all fake. Right. We reserved an entire speaking slot just to tell people we pulled a fast one. Let's recap this thing. We give a talk saying that device drivers have lots of bugs. We demo one bug in Apple. A few days later, when Apple starts flaking on a patch, we tell them we are going to do a live demo of it at ToorCon, so it would be a good idea to get it patched before that. Apple says that it doesn't exist, and we didn't talk to them about it. A few weeks later (one week before ToorCon) they patch it, and say we had nothing to do with it. One day before the talk, SecureWorks and Apple get together to and manage to stop dave from coming. They also issue a cutesy press release 'SecureWorks and Apple are working together in conjunction with the CERT Coordination Center on any reported security issues. We will not make any additional public statements regarding work underway until both companies agree, along with CERT/CC , that it is appropriate.' Thats funny, I thought there was no bug. And I thought SecureWorks provided no useful information to Apple. Here's Lynn Fox on record with George Ou. * Did SecureWorks ever disclose the packet captures of the malicious payload used to trigger said vulnerabilities? No. Packet captures were promised repeatedly but never delivered. * Did SecureWorks ever provide driver disassemblies pertaining to said Wi-Fi vulnerabilities? No. While SecureWorks did provide a driver disassembly, it did not indicate a Wi-Fi vulnerability in any Apple product. * Did SecureWorks ever provide crash dumps pertaining to said Wi-Fi vulnerabilities? No. While we received crash dumps from SecureWorks, they didn't have anything to do with Mac OS X or any other Apple product. * Did SecureWorks ever point to the location of the vulnerable code of said Wi-Fi vulnerabilities? No. * Do any of the current patches released by Apple match any of the characteristics of the information provided by SecureWorks? No. So, if SecureWorks provided them with virtually nothing useful, then what the hell could they have to coordinate with CERT? And why did they wait till one day before ToorCon to decide this? People have called me and Dave a lot of things. First, we were total frauds that faked everything. After a patch was out, we were mostly upgraded from frauds to unprofessional. Lets talk about unprofessional. Apple and SecureWorks had two months to stop dave and I from giving this talk. Why wait till the day before? Neither Dave or i found out about this till yesterday morning. How is that professional? eof