Jump to content
Login with your Gmail HERE and start posting in seconds! ×
Don't just read! Be part of the Community! Join the conversation ×

WiFi wpa2 KRACKed, are you updating?

RichCor

By RichCor
in IT and Computers

 Share

Recommended Posts

RichCor Platinum Member

RichCor

Posted
Posted

A vulnerability in the way modern WiFi Access Points and Routers maintain encrypted user connections was discovered in May of 2017, affecting probably every WiFi vendor using the WPA/WPA2 encryption method.  While some vendors whose products were use in the test were notified around mid July 2017 about the vulnerability, a broader vulnerability notification was sent out to all vendors at the end of August.

 

Every Wi-Fi connected device at risk from ‘unprecedented’ security flaw, experts warn
ThaiVisa ThaiTech  |  BY STAFF WRITER  |  2017-10-16

 

Key Reinstallation Attacks -- Breaking WPA2 by forcing nonce reuse -- the DETAILS
Discovered by Mathy Vanhoef of imec-DistriNet, KU Leuven

 

 

Software and Firmware updates from the major manufacturers started appearing on some vendor websites mid October 2017, with more promising update availability soon. Unfortunately there will be MANY older devices that will never see an update and will remain vulnerable to a potential future attack. Though some security websites have stated that if only the WiFi Client device or the WiFi Access Point/Router is updated/patched then your communications will be safe from this vulnerability.

 

Have you updated your WiFi Router yet?

...

WaitingOnKrackPatch.jpg

janclaes47 Senior Member

janclaes47

Posted
Posted

My wifi has a range of approximately 50 meters or so.

 

I doubt there is gonna be anyone ever who is gonna abuse the vulnerability of my router.

 

However I can imagine that there are now millions of people all over the world who are confident that life can not be the same if they don't have this problem fixed right away.

suzannegoh Advanced Member

suzannegoh

Posted
Posted
21 minutes ago, janclaes47 said:

My wifi has a range of approximately 50 meters or so.

 

I doubt there is gonna be anyone ever who is gonna abuse the vulnerability of my router.

 

However I can imagine that there are now millions of people all over the world who are confident that life can not be the same if they don't have this problem fixed right away.

 

And in public places it would be just another reason to use a VPN.

maxpower Advanced Member

maxpower

Posted
Posted
32 minutes ago, janclaes47 said:

My wifi has a range of approximately 50 meters or so.

 

I doubt there is gonna be anyone ever who is gonna abuse the vulnerability of my router.

 

However I can imagine that there are now millions of people all over the world who are confident that life can not be the same if they don't have this problem fixed right away.

The internet is shaking, its click bait and theres $$$ to be made.

 

If its important and you worry.....

 

 

Image2.jpg

KhunBENQ Star Member

KhunBENQ

Posted
Posted

I will do nothing.

 

1) My PC (writing from) and laptop (when at home) are wired.

Not only good for security but also for stability/speed of internet connection.

Some people hardly move their computers within the condo and the router is a few meters away.

Why use WiFi?

 

2) All critical stuff like internet banking and shopping are secured by the https protocol (and underlying encryption) anyway.

The crack has nothing to do with secured internet connections.

(thaivisa is also secured)

How much of that is comprised? Ask Admiral Rogers :tongue:

 

3) I never do anything critical on smartphone or similar wireless toys.

Android is again in the focus as specifically vulnerable.

 

4) My neighbors are Isaan farmers and will hardly tap into my WiFi connection.

Although I am paranoid enough to check from time to time if some unknown address is connected.

And if a stranger approaches the house my three dogs will show him the escape route.

 

5) And for the more than critical stuff (blocked/censored) I also turn to a VPN.

 

 

jgarbo Apprentice Member

jgarbo

Posted
Posted
11 hours ago, RichCor said:

Vulnerability Notes Database -- Vendor Information for VU#228519
Link to Cert.org List of Vendors affected by the WiFi wpa2 KRACK attack

 

Usual scare nonsense. While WPS (which HAD a bug) might be vulnerable (why would anyone use it? Switch if off), WPA2-PSK has still not been broken. To clarify, the hash (encrypted string of about 200 alpha-numeric symbols) can  be extracted  but it then needs a "brute force" decryption via a dictionary. This attack still takes many hours on a very fast computer, even longer if you're not in the dictionary. If your pass phrase is, say, 32 characters (mine are) of some obscure but easy to remember string, eg UmstRmMbrThs;1ksstll1Kss_sghs.JstsSgh...you're safe even from the FBI. Type it once into your network app & it's done.  I've never been successfully attacked (that I know of).

Any idiot whose passphrase is "password" or "qwerty" or "123456"  deserves to get cracked, as would any fool who leaves the keys in his Ferrari while he goes shopping.

jgarbo Apprentice Member

jgarbo

Posted
Posted (edited)
4 hours ago, dotpoom said:

I know little or nothing about these things....but when I read something like this I'm always left wondering....."how does one update a router"?

A router uses "permanent" software - firmware - that modifies physical components. Check your router on the net. I run open source firmware, DD-WRT. Better than the rubbish it comes with.   

http://www.dd-wrt.com/site/index 

Edited by jgarbo
jgarbo Apprentice Member

jgarbo

Posted
Posted
27 minutes ago, KhunBENQ said:

I will do nothing.

 

1) My PC (writing from) and laptop (when at home) are wired.

Not only good for security but also for stability/speed of internet connection.

Some people hardly move their computers within the condo and the router is a few meters away.

Why use WiFi?

 

2) All critical stuff like internet banking and shopping are secured by the https protocol (and underlying encryption) anyway.

The crack has nothing to do with secured internet connections.

(thaivisa is also secured)

How much of that is comprised? Ask Admiral Rogers :tongue:

 

3) I never do anything critical on smartphone or similar wireless toys.

Android is again in the focus as specifically vulnerable.

 

4) My neighbors are Isaan farmers and will hardly tap into my WiFi connection.

Although I am paranoid enough to check from time to time if some unknown address is connected.

And if a foreigner approaches the house my three dogs will show him the escape route.

 

5) And for the more than critical stuff (blocked/censored) I also turn to a VPN.

 

 

Great ideas. Someone knows what he's doing. Use wire where possible, essential for banking (can't believe my friends us a smartphone for banking. stupid). Wifi's a gimmick,  in house, strictly for news, not email, outside..  

I live in a condo, check my neighbors' wifi regularly. Surprised how many allow WPS. Why? Once trusted users are set up, block all strangers.

The new Opera browser has built VPN, five remote locations, plus auto ad block. Quite fast, too. I run it on Linux, but it's availabe for all platforms.

 

Pib Star Member

Pib

Posted
Posted (edited)

Below weblink says Microsoft released a Windows KRACK patch in their 10 Oct 17 Windows update.

https://www.windowscentral.com/microsoft-has-already-patched-krak-wpa2-wi-fi-vulnerability

 

Partial Quote

 

Quote

 

In a statement to The Verge, Microsoft says that anyone who applies the update, or has Windows Update set to apply automatic updates, should be protected. From Microsoft:

We have released a security update to address this issue. Customers who apply the update, or have automatic updates enabled, will be protected. We continue to encourage customers to turn on automatic updates to help ensure they are protected.

Microsoft will publish details of the update later today, according to The Verge.

While that's good news for your Windows machine, the exploit also impacts Android, iOS, macOS, and Linux (though Linux has been patched). If you use any devices running those operating systems — and most of us do — then you'll want to make sure you're doing everything you can to protect yourself until the vulnerability is patched. For more, check out our tips on how to protect yourself from the KRACK WPA2 hack. In the meantime, if you don't have automatic updates turned on for your Windows machine, it would be wise to manually check for updates.

Updated October 16, 2017: A Microsoft spokesperson said in a statement to Windows Central that the patch was originally released as part of the company's regular Patch Tuesday updates on October 10. From Microsoft:

Microsoft released security updates on October 10th and customers who have Windows Update enabled and applied the security updates, are protected automatically. We updated to protect customers as soon as possible, but as a responsible industry partner, we withheld disclosure until other vendors could develop and release updates.

 

 

 

Edited by Pib
topt Ruby Member

topt

Posted
Posted
On ‎18‎/‎10‎/‎2017 at 11:42 AM, jgarbo said:

Usual scare nonsense. While WPS (which HAD a bug) might be vulnerable (why would anyone use it? Switch if off), WPA2-PSK has still not been broken. To clarify, the hash (encrypted string of about 200 alpha-numeric symbols) can  be extracted  but it then needs a "brute force" decryption via a dictionary. This attack still takes many hours on a very fast computer, even longer if you're not in the dictionary. If your pass phrase is, say, 32 characters (mine are) of some obscure but easy to remember string, eg UmstRmMbrThs;1ksstll1Kss_sghs.JstsSgh...you're safe even from the FBI. Type it once into your network app & it's done.  I've never been successfully attacked (that I know of).

Any idiot whose passphrase is "password" or "qwerty" or "123456"  deserves to get cracked, as would any fool who leaves the keys in his Ferrari while he goes shopping.

Suggest you read up on what the actual hack is about - from what I can understand (although I am not an expert like you obviously must be from the certainty you display above :coffee1:) it matters little what your password is......

https://www.theregister.co.uk/2017/10/16/wpa2_krack_attack_security_wifi_wireless/

suzannegoh Advanced Member

suzannegoh

Posted
Posted
53 minutes ago, topt said:

Suggest you read up on what the actual hack is about - from what I can understand (although I am not an expert like you obviously must be from the certainty you display above :coffee1:) it matters little what your password is......

https://www.theregister.co.uk/2017/10/16/wpa2_krack_attack_security_wifi_wireless/

Does it follow that if you’re using a public wifi spot (such as in a café) that the vulnerability is unimportant because everyone has the password for that network anyway?

RichCor Platinum Member

RichCor

Posted
  • Author
Posted

In another article describing the KRACK issue:

 

KRACK WPA2 protocol Wi-Fi attack: How it works and who's at risk
A vulnerability in the WPA2 protocol used in secured Wi-Fi networks allows hackers to force devices to install arbitrary encryption keys. Here are the details of how the attack works.
TechRepublic  |  By James Sanders  |  October 16, 2017, 6:37 AM PST

 

Basically the article says that the KRACK vulnerability allows a third-party WiFi user to interrupt the client device negotiation process, forcing the current encryption key to be erased and a new key renegotiated...

 

In Vanhoef's proof of concept against a phone running Android 6.0, the behavior of wpa_supplicant—a Wi-Fi library used in Android and various Linux distributions—causes the encryption key to be erased from memory after being installed the first time. As such, if an attacker retransmits part of the handshake, the library will reinstall the cleared key, effectively replacing the key with a blank one.

According to Vanhoef, "This makes it trivial to intercept and manipulate traffic sent by these Linux and Android devices." He also noted that 41% of Android devices run Android 6.0 or above, where this behavior was introduced. At press time, a patched wpk_supplicant is in testing for Fedora, though no patch has yet been introduced for Ubuntu.

 

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.






ASEANNOW

ASEANNOW (formerly Thai Visa) Thailand's oldest and most popular forum for expats and foreigners.

Sign up today and have your say

MORE INFO

POPULAR AREAS

CONTACT US

219/59 Asoke Towers, 15th Floor, Soi Sukhumvit 21, Watthana, Bangkok 10110
(+66) 99 196 1100
[email protected]

×
×
  • Create New...