SIGforum.com    Main Page  Hop To Forum Categories  The Lounge    Wi-Fi's WPA2 has been cracked
Page 1 2 
Go
New
Find
Notify
Tools
Reply
  
Wi-Fi's WPA2 has been cracked Login/Join 
member
Picture of henryaz
posted
According to information released yesterday (Ars Technica article), the security protocol protecting most of the world's Wi-Fi networks, WPA2, has been cracked. And it has been cracked at the protocol level, so it affects virtually all servers (Wi-Fi routers and Access Points) and clients (computers, smartphones, tablets, cameras, any device using Wi-Fi as its network connection). Some devices and OS's are more vulnerable than others, but all can be compromised, until patched. Linux and Android are particularly vulnerable. Some vendors have already patched their systems (incredibly Microsoft was one of the first), but all servers and clients need firmware upgrades to protect against this vulnerability. Luckily, the patch is easy for vendors to implement.
 
It is being called "Krack", for "Key Reinstallation Attack". For the technically inclined, here is a link to the paper written by the Belgian researchers who discovered the vulnerability. It details the mechanics of breaking the protocol.
 
Paper with background info.  
 
 
Posts: 10887 | Location: South Congress AZ | Registered: May 27, 2006Reply With QuoteReport This Post
goodheart
Picture of sjtill
posted Hide Post
Looks like Apple has patches already in beta for MacOS, iOS, etc.

quote:
KRACK WPA2 Wi-Fi exploit already fixed in iOS, macOS, tvOS, watchOS betas
BY RENE RITCHIE Monday, Oct 16, 2017 at 3:11 pm EDT



KRACK is an exploit that attacks the way WPA2 protects Wi-Fi access points. While it's bad, there are a are a few factors that prevent it from being truly damaging to the state of modern wireless networking.

First, it can be patched. We don't need a new standard like we did when WEP was broken and everyone had to move to WPA2.

From the KRAK Q&A:

implementations can be patched in a backwards-compatible manner. This means a patched client can still communicate with an unpatched access point (AP), and vice versa. In other words, a patched client or access point sends exactly the same handshake messages as before, and at exactly the same moment in time.
Second, in some cases, access points won't need to be updated.

Our main attack is against the 4-way handshake, and does not exploit access points, but instead targets clients. So it might be that your router does not require security updates. We strongly advise you to contact your vendor for more details. In general though, you can try to mitigate attacks against routers and access points by disabling client functionality (which is for example used in repeater modes) and disabling 802.11r (fast roaming).
For example, it's my understanding that Apple's AirPorts, including Express, Extreme, and Time Capsule don't seem be vulnerable to the exploit, even if using one as a bridge.

If you're using a different router, we're maintaining a list of updates that you can consult as needed. If in doubt, contact your vendor directly.

For ordinary home users, your priority should be updating clients such as laptops and smartphones.
Third, Apple has confirmed to me that the KRACK exploit has already been patched in iOS, tvOS, watchOS, and macOS betas.

As soon as the updates leave beta, they'll be pushed out to everyone. We'll have to wait and see how fast other manufacturers are to respond, and how many of our connected devices receive updates.



_________________________
“Remember, remember the fifth of November!"
 
Posts: 18557 | Location: One hop from Paradise | Registered: July 27, 2004Reply With QuoteReport This Post
Chip away the stone
Picture of rusbro
posted Hide Post
Thanks for posting. Looks like I've got some work to do.
 
Posts: 11597 | Registered: August 22, 2008Reply With QuoteReport This Post
Member
Picture of bigdeal
posted Hide Post
If I read this correctly yesterday when it came out, the hacker must be within range of your WiFi network to hack it. The hack does not work over the internet, so that does mitigate the risk a bit. The primary point of vulnerability is public WiFi networks (think Starbucks and the like), so it might be a good idea for a while to not utilize them.


-----------------------------
Guns are awesome because they shoot solid lead freedom. Every man should have several guns. And several dogs, because a man with a cat is a woman. Kurt Schlichter
 
Posts: 33845 | Location: Orlando, FL | Registered: April 30, 2006Reply With QuoteReport This Post
Big Stack
posted Hide Post
Is the patch only necessary at the client level. Are routers/WAPs going to need updates also?
 
Posts: 21240 | Registered: November 05, 2003Reply With QuoteReport This Post
Aller Anfang ist schwer
Picture of Tavman
posted Hide Post
quote:
Originally posted by BBMW:
Is the patch only necessary at the client level. Are routers/WAPs going to need updates also?


It is both. Everything will need updates.
 
Posts: 1700 | Location: Fayetteville, AR | Registered: May 23, 2005Reply With QuoteReport This Post
No Compromise
posted Hide Post
Damn it six days a week and twice on Sunday...

H&K-Guy
 
Posts: 3720 | Registered: April 08, 2002Reply With QuoteReport This Post
Big Stack
posted Hide Post
Okay, so I have an ancient D-link router. I doubt it can be flashed, and likely it's old enough that they won't support it anyway.

When do we think new routers will be out that address this situation?

Update:

From DLink's support page...

quote:

Regarding security updates for my Wi-Fi Access Points, Wi-Fi Routers, or Wi-Fi Gateways?
The primary security risk is an attack against the "4-way handshake" in WPA2 between Wi-Fi access points and Wi-Fi client devices. This attack does not present a risk to Wi-Fi access points, consumer Wi-Fi routers and gateways, but instead targets clients devices . For consumers users, your priority should be updating devices such as laptops and smartphones.



quote:
Originally posted by Tavman:
quote:
Originally posted by BBMW:
Is the patch only necessary at the client level. Are routers/WAPs going to need updates also?


It is both. Everything will need updates.
 
Posts: 21240 | Registered: November 05, 2003Reply With QuoteReport This Post
Tinker Sailor Soldier Pie
Picture of Balzé Halzé
posted Hide Post
How does one update a router?


~Alan

Acta Non Verba
NRA Life Member (Patron)
God, Family, Guns, Country

Men will fight and die to protect women... because women protect everything else. ~Andrew Klavan

 
Posts: 31139 | Location: Elv. 7,000 feet, Utah | Registered: October 29, 2012Reply With QuoteReport This Post
Staring back
from the abyss
Picture of Gustofer
posted Hide Post
So what does this mean to those of us out in the boonies? My wifi doesn't even reach to the end of my driveway, so someone using it or otherwise causing me problems seems pretty remote.


________________________________________________________
"Great danger lies in the notion that we can reason with evil." Doug Patton.
 
Posts: 20866 | Location: Montana | Registered: November 01, 2010Reply With QuoteReport This Post
Delusions of Adequacy
Picture of zoom6zoom
posted Hide Post
Well, the router for my FiOS is an Actiontec, but their legal agreement with Verizon doesn't allow them to post firmware updates, Verizon controls that. But I'm not holding my breath to see one. And I can't afford to replace it right now.
But on the other hand, having almost everything hardwired is paying off now... laughing at people who wondered why I bothered.




I have my own style of humor. I call it Snarkasm.
 
Posts: 17944 | Location: Virginia | Registered: June 02, 2006Reply With QuoteReport This Post
Nullus Anxietas
Picture of ensigmatic
posted Hide Post
Hmmm... Have to check on my AP (Ubiquiti UniFi AC Pro), but our mobile devices are iOS. I'm not too worried about somebody hacking the data stream to/from the TV, DVR or Roku box. The alarm system is wired. All the computers are wired.

Only real problem I see is the Reolink wireless surveillance cameras I just installed.

My laptop, dual-booting MS-Win 7 Pro and Linux Mint Mate. But MS-Win 7 Pro should be patched and I just saw a Linux WPA Supplicant update yesterday, so I imagine that's taken care of. (I haven't been using the laptop, anyway.)

I should be in pretty good shape.



"America is at that awkward stage. It's too late to work within the system,,,, but too early to shoot the bastards." -- Claire Wolfe
"If we let things terrify us, life will not be worth living." -- Seneca the Younger, Roman Stoic philosopher
 
Posts: 26009 | Location: S.E. Michigan | Registered: January 06, 2008Reply With QuoteReport This Post
Now in Florida
Picture of ChicagoSigMan
posted Hide Post
quote:
Originally posted by Balzé Halzé:
How does one update a router?


Typical, you would log into it by pointing your browser to your router's IP address (often 192.168.1.1). Then it will usually have a firmware update are in the control panel.
 
Posts: 6084 | Location: FL | Registered: March 09, 2009Reply With QuoteReport This Post
Chip away the stone
Picture of rusbro
posted Hide Post
quote:
Originally posted by ChicagoSigMan:
quote:
Originally posted by Balzé Halzé:
How does one update a router?


Typical, you would log into it by pointing your browser to your router's IP address (often 192.168.1.1). Then it will usually have a firmware update are in the control panel.


If 192.168.1.1 doesn't load your router's webadmin page, you can open a command prompt, and type: ipconfig /all
Look for the IP address of the Default Gateway, and type that in your browser.
 
Posts: 11597 | Registered: August 22, 2008Reply With QuoteReport This Post
Honky Lips
Picture of FenderBender
posted Hide Post
update whatever you'd like this is an attack on the protocol, we're far from out of the woods with this yet.
 
Posts: 8192 | Registered: July 24, 2009Reply With QuoteReport This Post
Political Cynic
Picture of nhtagmember
posted Hide Post
sweet

so what is our NSA doing to find these people and send in a few SEAL teams to eliminate the problems?

If the NSA isn't doing anything, what are we paying them for?



[B] Against ALL enemies, foreign and DOMESTIC


 
Posts: 53983 | Location: Tucson Arizona | Registered: January 16, 2002Reply With QuoteReport This Post
Member
posted Hide Post
quote:
Originally posted by nhtagmember:
sweet

so what is our NSA doing to find these people and send in a few SEAL teams to eliminate the problems?

If the NSA isn't doing anything, what are we paying them for?


The NSA (National Surveillance Agency) likely has known about the issue for years and had been eavesdropping to their hearts content.


-.-. --.- -.-. --.- -.-. --.- -.-. --.-
It only stands to reason that where there's sacrifice, there's someone collecting the sacrificial offerings. Where there's service, there is someone being served. The man who speaks to you of sacrifice is speaking of slaves and masters, and intends to be the master.

Ayn Rand


"He gains votes ever and anew by taking money from everybody and giving it to a few, while explaining that every penny was extracted from the few to be giving to the many."

Ogden Nash from his poem - The Politician
 
Posts: 1690 | Registered: July 14, 2004Reply With QuoteReport This Post
Tinker Sailor Soldier Pie
Picture of Balzé Halzé
posted Hide Post
quote:
Originally posted by rusbro:
quote:
Originally posted by ChicagoSigMan:
quote:
Originally posted by Balzé Halzé:
How does one update a router?


Typical, you would log into it by pointing your browser to your router's IP address (often 192.168.1.1). Then it will usually have a firmware update are in the control panel.


If 192.168.1.1 doesn't load your router's webadmin page, you can open a command prompt, and type: ipconfig /all
Look for the IP address of the Default Gateway, and type that in your browser.


Thank you, both. I know how to log into my Router so I'll start there.


~Alan

Acta Non Verba
NRA Life Member (Patron)
God, Family, Guns, Country

Men will fight and die to protect women... because women protect everything else. ~Andrew Klavan

 
Posts: 31139 | Location: Elv. 7,000 feet, Utah | Registered: October 29, 2012Reply With QuoteReport This Post
Big Stack
posted Hide Post
I think you're misreading this. This is some academic who's probing security in order to find weaknesses and push the companies to fix them. There's no proof that someone nefarious has found this. Of course now they do know.

quote:
Originally posted by nhtagmember:
sweet

so what is our NSA doing to find these people and send in a few SEAL teams to eliminate the problems?

If the NSA isn't doing anything, what are we paying them for?
 
Posts: 21240 | Registered: November 05, 2003Reply With QuoteReport This Post
I have not yet begun
to procrastinate
posted Hide Post
Ok, so this has happened twice now this week on 2 different computers.

Type in router IP address, hit enter and "This page cannot be displayed" comes up.
Now what?


--------
After the game, the King and the pawn go into the same box.
 
Posts: 3909 | Location: Central AZ | Registered: October 26, 2006Reply With QuoteReport This Post
  Powered by Social Strata Page 1 2  
 

SIGforum.com    Main Page  Hop To Forum Categories  The Lounge    Wi-Fi's WPA2 has been cracked

© SIGforum 2024