Page 1 of 1

Ouch! Severe flaw in WPA2 protocol leaves Wi-Fi traffic open

PostPosted: 2017-10-16 14:14
by alan stone

Re: Ouch! Severe flaw in WPA2 protocol leaves Wi-Fi traffic

PostPosted: 2017-10-16 14:43
by GarryRicketson
Interesting, I thought most people all ready knew about this, part , on the
https,....

The site went on to warn that visiting only HTTPS-protected Web pages wasn't automatically a remedy for the risk.

"Although websites or apps may use HTTPS as an additional layer of protection, we warn that this extra protection can (still) be bypassed in a worrying number of situations," the researchers explained. "For example, HTTPS was previously bypassed in ---- snip-----

There is another article here, it actually looks like a copy:
https://www.krackattacks.com/

Re: Ouch! Severe flaw in WPA2 protocol leaves Wi-Fi traffic

PostPosted: 2017-10-16 16:03
by Thorny
Patched
October 16, 2017
Debian Security Advisory DSA-3999-1

That is jessie-->Sid patched. They don't mention Wheezy, Garry.

Re: Ouch! Severe flaw in WPA2 protocol leaves Wi-Fi traffic

PostPosted: 2017-10-16 16:32
by GarryRicketson
Actually I am not using Debian Wheezy any more, but any way, good to see they got it patched.
I don't use Wi-Fi either, I used to when I was travelling sometimes, but even then not that much. Any way that would be another topic.

Re: Ouch! Severe flaw in WPA2 protocol leaves Wi-Fi traffic

PostPosted: 2017-10-17 00:57
by n_hologram
What precautions should be taken with a router? I'm pretty sure mine isn't getting another firmware update anytime soon.

Re: Ouch! Severe flaw in WPA2 protocol leaves Wi-Fi traffic

PostPosted: 2017-10-17 01:33
by HuangLao
n_hologram wrote:What precautions should be taken with a router? I'm pretty sure mine isn't getting another firmware update anytime soon.


as big as this flaw was, you may get an update for the router....If not, look into openWRT or DD-WRT, they work especially well for Linsys routers, DD-WRT works well with many other brands as well.

Re: Ouch! Severe flaw in WPA2 protocol leaves Wi-Fi traffic

PostPosted: 2017-10-17 03:45
by alan stone
Any WiFi cellphones/tablets and home/SOHO/shop/bar/restaurant/airport/... access points out there, who will remain unpatched and vulnerable? :roll:

EDIT:

Let’s get digital, digital,
I wanna get all digital, let’s get all digital
Let me hear your cellphone talk,
Your cellphone talk, let me hear your cellphone talk.
(adapted from: let's get physical)

Re: Ouch! Severe flaw in WPA2 protocol leaves Wi-Fi traffic

PostPosted: 2017-10-17 06:15
by dilberts_left_nut
It is just the handshake process that is vulnerable to this exploit (reports of the 'death' of WPA2 encryption seem premature).

From my reading, it looks like as long as the CLIENT is patched, you can safely connect to an unpatched AP.

Re: Ouch! Severe flaw in WPA2 protocol leaves Wi-Fi traffic

PostPosted: 2017-10-17 10:13
by arochester
Ubuntu, Debian, Fedora and elementary OS All Patched Against WPA2 KRACK Bug

http://news.softpedia.com/news/ubuntu-d ... ign=buffer

Re: Ouch! Severe flaw in WPA2 protocol leaves Wi-Fi traffic

PostPosted: 2017-10-17 12:34
by TonyT
dilberts_left_nut wrote:It is just the handshake process that is vulnerable to this exploit (reports of the 'death' of WPA2 encryption seem premature).

From my reading, it looks like as long as the CLIENT is patched, you can safely connect to an unpatched AP.

Correct. From the Q&A: https://www.krackattacks.com/
What if there are no security updates for my router?

Our main attack is against the 4-way handshake, and does not exploit access points, but instead targets clients. So it might be that your router does not require security updates. We strongly advise you to contact your vendor for more details. In general though, you can try to mitigate attacks against routers and access points by disabling client functionality (which is for example used in repeater modes) and disabling 802.11r (fast roaming). For ordinary home users, your priority should be updating clients such as laptops and smartphones.

Re: Ouch! Severe flaw in WPA2 protocol leaves Wi-Fi traffic

PostPosted: 2017-10-17 20:45
by alan stone
Required functionality of both WPA and WPA2, and used by all protected Wi-Fi networks, is the 4-way handshake. Even enterprise networks rely on the 4-way handshake. Hence, all protected Wi-Fi networks are affected by our attacks.
Source: https://papers.mathyvanhoef.com/ccs2017.pdf

Finally, although an unpatched client can still connect to a patched AP, and vice versa, both the client and AP must be patched to defend against all attacks!
Source: https://www.krackattacks.com/#faq

Vulnerable enterprise systems, hospitals, ...
Government systems?