dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
814
wh7qq
join:2012-06-12

wh7qq

Member

Beware Krack!

No, I am not talking about the drug. A new vulnerability in the WPA2 encryption scheme has been discovered and has the potential to affect all wireless client devices but especially Android devices. The vulnerability was announced only Sunday so as of this morning, no patches are available. There is no information about any attacks occurring in the wild yet either but if you rely heavily on wireless especially in smartphones you will increasingly be at risk as the hackers learn how to exploit it. Using wireless for any financial or other secure activity should not be done. That is always good advice but especially now. Keep everything updated, as much as possible. The fix will have to come from the chip set makers such as Broadcom, Realtek, Ralink, etc and filter through to the update channels for the client devices...it may take a while.
DrStrangLov
join:2012-03-28

DrStrangLov

Member

From Wikipedia,

KRACK (Key Reinstallation Attack) is an attack on the Wi-Fi Protected Access protocol that secures Wi-Fi connections. It was discovered in 2017[1] by Belgian researchers Mathy Vanhoef and Frank Piessens of the University of Leuven.[2] Vanhoef's research group published details of the attack in October 2017.[3]

The vulnerability affects all major software platforms, including Microsoft Windows, macOS, iOS, Android, and Linux.[3]

»en.wikipedia.org/wiki/KRACK

dbirdman
MVM
join:2003-07-07
usa

1 recommendation

dbirdman to wh7qq

MVM

to wh7qq
said by wh7qq:

The fix will have to come from the chip set makers such as Broadcom, Realtek, Ralink, etc and filter through to the update channels for the client devices...it may take a while.

There does not appear to be much agreement with that statement. Microsoft says that it was fixed for Windows 10 in the October 10th update, and Apple and Google say that software patches are coming. The WiFi alliance says "This issue can be resolved through straightforward software updates, and the Wi-Fi industry, including major platform providers, has already started deploying patches to Wi-Fi users"
DrStrangLov
join:2012-03-28

DrStrangLov

Member

said by dbirdman:

There does not appear to be much agreement..Microsoft says that it was fixed for Windows 10 in the October 10th update...

"Fixed?"

"The Windows security updates patched the client and server flavors of Microsoft's OS, but even then, users may be at risk, the firm warned. "When affected Windows-based systems enter a connected standby mode in low-power situations, the vulnerable functionality may be offloaded to installed Wi-Fi hardware," Microsoft said. "To fully address potential vulnerabilities, you are also encouraged to contact your Wi-Fi hardware vendor to obtain updated device drivers."
wh7qq
join:2012-06-12

wh7qq

Member

They are all pointing fingers at each other. Don't hold your breath!
DrStrangLov
join:2012-03-28

DrStrangLov

Member

said by wh7qq:

...Don't hold your breath!...

Key Assessment - "Researchers have disclosed a serious weakness in the WPA2 protocol that allows attackers within range of vulnerable device or access point to intercept passwords, e-mails, and other data presumed to be encrypted, and in some cases, to inject ransomware or other malicious content into a website a client is visiting."

Hence, for rural folks, a very remote chance of being affected.
===============================

Specific details...Micrsoft

AUSCERT External Security Bulletin Redistribution

ESB-2017.2603
CVE-2017-13080 | Windows Wireless WPA Group Key
Reinstallation Vulnerability
17 October 2017
...
...
...
"The security update addresses the vulnerability by changing how Windows
verifies wireless group key handshakes."

dbirdman
MVM
join:2003-07-07
usa

dbirdman

MVM

said by DrStrangLov:

e-mails, and other data presumed to be encrypted

outside the scope of the topic, but I note the "presumed." I wonder how many people, when they log into a secure server such as gmail and send an e-mail, presume that it stays encrypted to the destination? If you send me an e-mail to my normal (non gmail or other large provider) e-mail address that presumption would always be wrong, and I doubt that I'm a huge exception. Same goes if I send an e-mail, including to gmail.
DrStrangLov
join:2012-03-28

DrStrangLov to wh7qq

Member

to wh7qq
On a related topic, there is a small program to download, at another site, to check on Meltdown/Spectre. PCWorld’'s article's link is provided below, along with site that provides this utility for Microsoft based users. I don't know if there is a MAC version.

Is your PC vulnerable to Meltdown and Spectre CPU exploits?
...
...
...
Gibson Research recently released InSpectre, a wonderfully named, dead simple tool that detects if your PC is vulnerable to Meltdown and Spectre.
wh7qq
join:2012-06-12

wh7qq

Member

I can't address the Mac but Steve definitely did not include Linux in his tool.
wh7qq

wh7qq to DrStrangLov

Member

to DrStrangLov
I can't speak to the Mac but Steve's tool is Windows only so Linux is not included. I mostly work with the Raspberry Pi which uses an arm processor that is not vulnerable...only their latest and greatest is at risk. Not so sure about my Atom and AMD cpu's.
DrStrangLov
join:2012-03-28

DrStrangLov

Member

said by wh7qq:

Not so sure about my Atom and AMD cpu's.

1. Meltdown and Spectre: Good news for AMD users, (more) bad news for Intel
Windows patches are fixed, but microcode updates are causing even more trouble.

2. Microsoft Resumes Meltdown & Spectre Updates for AMD Devices

"The Meltdown flaw does not affect AMD devices, but these updates include an OS-level patch for the Spectre flaw. An additional CPU microcode (firmware) update is also needed to fully patch the Spectre bug. AMD said it was working on firmware updates it hoped to have ready by the end of the current month."

In second article, they list specific updates. My AMD was updated with January 9, 2018—KB4056894, without issue; CPU: AMD A6-3620 APU with Radeon(tm) HD Graphics, 2200 Mhz, 4 Core(s), 4 Logical Processor(s). but with this video card installed, NVIDIA GeForce GT 1030
DrStrangLov

DrStrangLov to wh7qq

Member

to wh7qq
Additionally,

Jan 19, 2018 - Google is patching a bug that slows down Wi-Fi networks connected to both Android and Chromecast devices

The update is out today
...
...
...
Google says it has identified the issue, and the fix will be issued via a Google Play service update. The company says users experiencing the problem should reboot their phones and check that their Wi-Fi router has been updated with the latest firmware.