WPA2 flaw found. Your WiFi security is now next to worthless

[bilby]

Tell me if I am wrong. If I update my routers, my devices and my wifi adapters, I am safe.

Nobody is ever safe.

A meteorite could crash through your roof and kill you instantly, even if all of your software is fully patched and up to date.

But you should be safe from this particular mode of attack, yes.

 

[barbos]

Bad guys can use bigger high gain antennas. Russian hackers can do it from a satellite.

Disagree--the antenna needed to do it from space is simply too big--nobody's launched anything like that.

Russian government space hackers can do it.

 

[barbos]

Tell me if I am wrong. If I update my routers, my devices and my wifi adapters, I am safe.

I understand updating routers is pretty meaningless in this case. You need to update your client devices for sure.
But what really needs to be updated are the brains of these WiFi people.

 

[Malintent]

The report is flawed. This is not a weakness in the WPA2 protocol... THAT would be quite disastrous for wireless security. This is an operating system weakness that allows the "password" for encrypted wireless communications to be overwritten such that the attacker can then decrypt all wireless communications for the device. It is an implementation flaw, not a protocol flaw.

It is like a flaw is found in the fuel pump of a few automobile manufacturers, and the report says that all gasoline being sold is the problem.

 

[Malintent]

Tell me if I am wrong. If I update my routers, my devices and my wifi adapters, I am safe.

Nobody is ever safe.

A meteorite could crash through your roof and kill you instantly, even if all of your software is fully patched and up to date.

But you should be safe from this particular mode of attack, yes.

NO. that would not address this flaw. The endpoint that is communicating with the wireless access point is where the update is needed (your phone, tablet, and most especially all of your IoT devices like "smart" TVs, refrigerators, and webcams that communicate over the internet).. The device needs to know how to correctly "trust" the wireless access point... not that the access point (what you are probably calling a router) is doing anything wrong.

 

[Malintent]

They always knew it. But they don't really need it because they can simply get the traffic from Internet providers. Hackers, on the other hand, can use it with great effect.

With great effort, you mean.

It's not an easy hack, as it relies on physical proximity, plus a bunch of fairly expensive hardware; And it is completely stymied by the use of SSL or a VPN - so it's usefulness to black-hats is quite restricted.

Just using the 'HTTPS Everywhere' browser plugin in Chrome or Firefox will prevent anyone from being able to do more than intercept and decrypt packets whose plaintext content is encrypted data.

This is a big problem, but not really a cause for panic. People just need to assume that their local network traffic is not secure, despite being inside a firewall - which frankly is an assumption we should all have been making to begin with.

After all, there are plenty of opportunities to grab (and/or spoof) HTTP traffic once it passes out to the Internet that don't require an attacker to even be on the same continent as their victim. If you are going to the trouble to park a black van outside your victim's home or office, then what's stopping you from tapping into the ADSL line coming from the building?

The entire point, and strength of SSL security (that is where the "S" comes from in HTTPS - its HTTP over SSL, or HTTPS), is that it is impossible to crack in less time than the data it is protecting is worth. It may be very valuable for an attacker to get your current credit card information today.... but completely without any value to eventually get the credit card information from a transaction done 10 years ago... because it would take that long (actually, QUITE a bit longer) to crack using brute force and a multi-million dollar super-computer.

 

[Malintent]

The world of WiFi is not ending. Security bugs come; patches come; repeat. This is just reality. Public WiFi has always been like having unprotected sex with a prostitute, if you don't take precautions. The local Starbucks is still more dangerous than your home...


I suspect the lack of clarity on the Access Point (AP) vulnerability at this point simply has to do with so many vendors being out there, with each their own firmware, as well as some routers could be used in repeater modes.

Anywho, the patches are coming, and many are already available. Windows already has the patch available, and those with Win10 probably already have it, as private users mostly have versions that auto-update.
http://www.zdnet.com/article/here-is-every-patch-for-krack-wi-fi-attack-available-right-now/

Apple: The iPhone and iPad maker confirmed to sister-site CNET that fixes for iOS, macOS, watchOS and tvOS are in beta, and will be rolling it out in a software update in a few weeks.

Google: Google told sister-site CNET that the company is "aware of the issue, and we will be patching any affected devices in the coming weeks."

Linux: As noted on Charged, a patch is a patch is already available and Debian builds can patch now, while OpenBSD was fixed back in July..

I'd say to just watch your WiFi vendor for updates over the next couple months. For most people, the home WiFi AP is a minor issue as the signal doesn't go very far.

For most people, the home WiFi AP is more than two years old, and no longer supported by the vendor. Patches for these will never be available. Most people won't care, and those who do will be told that their only option is to upgrade to a newer model (at their own expense, of course).

Client side patching is routine and easy.

Router firmware is almost never patched, once it has been in the field for a few years, and the worst of the initial bugs have been fixed. And people tend to keep using their routers for years, only replacing it when they switch ISPs, or when they reach a tipping point where their existing unit can't cope with the number of client devices they are connecting. Neither of which happens very often.

Probably the most common reason people buy new WiFi routers is poor signal due to interference from neighbour's networks - a problem that buying a new router probably won't solve.

In my opinion, these devices should be able to self-update like any other operating system. I have not seen manufacturers implement this.
My understanding of this particular flaw, though, is that the AP is not the vulnerable target, the endpoints connecting to it are.

 

[Malintent]

BAH.. I just read the CVEs from a reliable source... It IS the APs that are vulnerable... despite the posted article stating that it was the endpoint... some unqualified writer confused "access point" with "endpoint" when writing that article.

YES. Update your AP.

 

[funinspace]

An even more thorough list of EPs/APs impacted and links to status as most WiFi router vendors don't have patches out yet:
http://www.kb.cert.org/vuls/byvendor?searchview&Query=FIELD+Reference=228519&SearchOrder=4

Maybe having a smart/IoT garage door opener isn't a good idea...

In the meantime, paint the walls and ceiling of your house with a special wireless signal blocking paint. Anti-Wi-Fi paint contains tiny aluminum-iron oxide particles that prevent wireless Internet signals and other radio waves from passing through.

 

[barbos]

BAH.. I just read the CVEs from a reliable source... It IS the APs that are vulnerable... despite the posted article stating that it was the endpoint... some unqualified writer confused "access point" with "endpoint" when writing that article.

YES. Update your AP.

No.

 

[ZiprHead]

An even more thorough list of EPs/APs impacted and links to status as most WiFi router vendors don't have patches out yet:
http://www.kb.cert.org/vuls/byvendor?searchview&Query=FIELD+Reference=228519&SearchOrder=4

Maybe having a smart/IoT garage door opener isn't a good idea...

In the meantime, paint the walls and ceiling of your house with a special wireless signal blocking paint. Anti-Wi-Fi paint contains tiny aluminum-iron oxide particles that prevent wireless Internet signals and other radio waves from passing through.

Nah, just use your phone from inside the microwave and you'll be good.

 

[bilby]

An even more thorough list of EPs/APs impacted and links to status as most WiFi router vendors don't have patches out yet:
http://www.kb.cert.org/vuls/byvendor?searchview&Query=FIELD+Reference=228519&SearchOrder=4

Maybe having a smart/IoT garage door opener isn't a good idea...

In the meantime, paint the walls and ceiling of your house with a special wireless signal blocking paint. Anti-Wi-Fi paint contains tiny aluminum-iron oxide particles that prevent wireless Internet signals and other radio waves from passing through.

Nah, just use your phone from inside the microwave and you'll be good.

But I'm not allowed to wear my tinfoil hat in the microwave.

 

[blastula]

An even more thorough list of EPs/APs impacted and links to status as most WiFi router vendors don't have patches out yet:
http://www.kb.cert.org/vuls/byvendor?searchview&Query=FIELD+Reference=228519&SearchOrder=4

Maybe having a smart/IoT garage door opener isn't a good idea...

In the meantime, paint the walls and ceiling of your house with a special wireless signal blocking paint. Anti-Wi-Fi paint contains tiny aluminum-iron oxide particles that prevent wireless Internet signals and other radio waves from passing through.

Thanks, I think I'm covered.

 

[Loren Pechtel]

Disagree--the antenna needed to do it from space is simply too big--nobody's launched anything like that.

Russian government space hackers can do it.

I'm not talking about the hacking side of it. I'm talking about the antenna. To communicate with an Earth-based WiFi it's going to have to be gargantuan. Near here people have managed to push Wi-Fi over a distance of about 1/3 of what would be needed to do it from space--using people-sized dishes on both ends. (They were terrain-limited from going farther--both dishes had to be on mountains to do what they did) Earth to low orbit means dishes 3x as big--those would be larger than anything I'm aware of being put in space but certainly doable.

However, if you're trying to spy you're not talking to an antenna on the ground with tracking capability. Everything you take away from the ground antenna you must add to the space antenna. If I'm not messing up with the calculator I'm using I'm getting a space-based antenna size upwards of 1km. That antenna also must turn to remain pointed at the WiFi it's trying to talk to.

A 1km object in low Earth orbit would be detected pronto.

 

[barbos]

Russian government space hackers can do it.

I'm not talking about the hacking side of it. I'm talking about the antenna. To communicate with an Earth-based WiFi it's going to have to be gargantuan. Near here people have managed to push Wi-Fi over a distance of about 1/3 of what would be needed to do it from space--using people-sized dishes on both ends. (They were terrain-limited from going farther--both dishes had to be on mountains to do what they did) Earth to low orbit means dishes 3x as big--those would be larger than anything I'm aware of being put in space but certainly doable.

However, if you're trying to spy you're not talking to an antenna on the ground with tracking capability. Everything you take away from the ground antenna you must add to the space antenna. If I'm not messing up with the calculator I'm using I'm getting a space-based antenna size upwards of 1km. That antenna also must turn to remain pointed at the WiFi it's trying to talk to.

A 1km object in low Earth orbit would be detected pronto.

I can always rely on your lack of sense of humor.
But 200 meters antenna at cryogenic temperature will do it.

 

[Loren Pechtel]

I'm not talking about the hacking side of it. I'm talking about the antenna. To communicate with an Earth-based WiFi it's going to have to be gargantuan. Near here people have managed to push Wi-Fi over a distance of about 1/3 of what would be needed to do it from space--using people-sized dishes on both ends. (They were terrain-limited from going farther--both dishes had to be on mountains to do what they did) Earth to low orbit means dishes 3x as big--those would be larger than anything I'm aware of being put in space but certainly doable.

However, if you're trying to spy you're not talking to an antenna on the ground with tracking capability. Everything you take away from the ground antenna you must add to the space antenna. If I'm not messing up with the calculator I'm using I'm getting a space-based antenna size upwards of 1km. That antenna also must turn to remain pointed at the WiFi it's trying to talk to.

A 1km object in low Earth orbit would be detected pronto.

I can always rely on your lack of sense of humor.
But 200 meters antenna at cryogenic temperature will do it.

Even a 200 meter object in low orbit would be spotted very quickly. They keep a close eye on everything in orbit that they can detect--and for low orbit that's down to fist sized stuff.

And you're so defending of Russia & Putin that your statements look more like that than a joke.

 

[barbos]

I can always rely on your lack of sense of humor.
But 200 meters antenna at cryogenic temperature will do it.

Even a 200 meter object in low orbit would be spotted very quickly

How would that help? They can spot objects much smaller than that, like bolts and nuts which fell off from satellites.

keep a close eye on everything in orbit that they can detect--and for low orbit that's down to fist sized stuff.

And you're so defending of Russia & Putin that your statements look more like that than a joke.

You clearly have troubles with jokes.

 

[Underseer]

Kudos to Microsoft. Your Windows computer may already have been patched before you read this thread.

Not sure where Apple is with MacOS or iOS, but I expect thru will have their shit together.

My sorry is Android smartphones in America, because no only do you have to wait for the manufacturers of your individual device to get off their butt and make a patch, but then you have to wait for the cell phone carrier. Many carriers in these cases decide that they already have your money, so why bother with the expense of making a patch? If they do make a patch, you could wait months or even longer.

 

[funinspace]

As I was sort of wondering, at least my ASUS wireless router is unaffected if I am in the 'default' mode (aka not Repeater Mode or AP Mode):
https://www.asus.com/Static_WebPage/ASUS-Product-Security-Advisory/

10/31/2017 Update on security advisory for the vulnerability of WPA2 protocol
<snip>
Full list of routers unaffected by KRACK while in default mode:
<big list>

But they have released a patch if one wants the rushed 3 day old patch...

 

[Underseer]

It's it the access point and not the end point that is vulnerable? Because none of my Android devices have psyched yet, and my router already is.