Scheduled Maintenance: We are aware of an issue with Google, AOL, and Yahoo services as email providers which are blocking new registrations. We are trying to fix the issue and we have several internal and external support tickets in process to resolve the issue. Please see: viewtopic.php?t=158230
Ouch! Severe flaw in WPA2 protocol leaves Wi-Fi traffic open
- alan stone
- Posts: 269
- Joined: 2011-10-22 14:08
- Location: In my body.
- GarryRicketson
- Posts: 5644
- Joined: 2015-01-20 22:16
- Location: Durango, Mexico
Re: Ouch! Severe flaw in WPA2 protocol leaves Wi-Fi traffic
Interesting, I thought most people all ready knew about this, part , on the
https,....
https://www.krackattacks.com/
https,....
There is another article here, it actually looks like a copy:The site went on to warn that visiting only HTTPS-protected Web pages wasn't automatically a remedy for the risk.
"Although websites or apps may use HTTPS as an additional layer of protection, we warn that this extra protection can (still) be bypassed in a worrying number of situations," the researchers explained. "For example, HTTPS was previously bypassed in ---- snip-----
https://www.krackattacks.com/
Re: Ouch! Severe flaw in WPA2 protocol leaves Wi-Fi traffic
Patched
October 16, 2017
Debian Security Advisory DSA-3999-1
That is jessie-->Sid patched. They don't mention Wheezy, Garry.
October 16, 2017
Debian Security Advisory DSA-3999-1
That is jessie-->Sid patched. They don't mention Wheezy, Garry.
- GarryRicketson
- Posts: 5644
- Joined: 2015-01-20 22:16
- Location: Durango, Mexico
Re: Ouch! Severe flaw in WPA2 protocol leaves Wi-Fi traffic
Actually I am not using Debian Wheezy any more, but any way, good to see they got it patched.
I don't use Wi-Fi either, I used to when I was travelling sometimes, but even then not that much. Any way that would be another topic.
I don't use Wi-Fi either, I used to when I was travelling sometimes, but even then not that much. Any way that would be another topic.
-
- Posts: 459
- Joined: 2013-06-16 00:10
Re: Ouch! Severe flaw in WPA2 protocol leaves Wi-Fi traffic
What precautions should be taken with a router? I'm pretty sure mine isn't getting another firmware update anytime soon.
the crunkbong project: scripts, operating system, the list goes on...bester69 wrote:There is nothing to install in linux, from time to time i go to google searching for something fresh to install in linux, but, there is nothing
Re: Ouch! Severe flaw in WPA2 protocol leaves Wi-Fi traffic
as big as this flaw was, you may get an update for the router....If not, look into openWRT or DD-WRT, they work especially well for Linsys routers, DD-WRT works well with many other brands as well.n_hologram wrote:What precautions should be taken with a router? I'm pretty sure mine isn't getting another firmware update anytime soon.
- alan stone
- Posts: 269
- Joined: 2011-10-22 14:08
- Location: In my body.
Re: Ouch! Severe flaw in WPA2 protocol leaves Wi-Fi traffic
Any WiFi cellphones/tablets and home/SOHO/shop/bar/restaurant/airport/... access points out there, who will remain unpatched and vulnerable?
EDIT:
Let’s get digital, digital,
I wanna get all digital, let’s get all digital
Let me hear your cellphone talk,
Your cellphone talk, let me hear your cellphone talk.
(adapted from: let's get physical)
EDIT:
Let’s get digital, digital,
I wanna get all digital, let’s get all digital
Let me hear your cellphone talk,
Your cellphone talk, let me hear your cellphone talk.
(adapted from: let's get physical)
- dilberts_left_nut
- Administrator
- Posts: 5347
- Joined: 2009-10-05 07:54
- Location: enzed
- Has thanked: 13 times
- Been thanked: 66 times
Re: Ouch! Severe flaw in WPA2 protocol leaves Wi-Fi traffic
It is just the handshake process that is vulnerable to this exploit (reports of the 'death' of WPA2 encryption seem premature).
From my reading, it looks like as long as the CLIENT is patched, you can safely connect to an unpatched AP.
From my reading, it looks like as long as the CLIENT is patched, you can safely connect to an unpatched AP.
AdrianTM wrote:There's no hacker in my grandma...
-
- Emeritus
- Posts: 2435
- Joined: 2010-12-07 19:55
- Has thanked: 14 times
- Been thanked: 54 times
Re: Ouch! Severe flaw in WPA2 protocol leaves Wi-Fi traffic
http://news.softpedia.com/news/ubuntu-d ... ign=bufferUbuntu, Debian, Fedora and elementary OS All Patched Against WPA2 KRACK Bug
Re: Ouch! Severe flaw in WPA2 protocol leaves Wi-Fi traffic
Correct. From the Q&A: https://www.krackattacks.com/dilberts_left_nut wrote:It is just the handshake process that is vulnerable to this exploit (reports of the 'death' of WPA2 encryption seem premature).
From my reading, it looks like as long as the CLIENT is patched, you can safely connect to an unpatched AP.
What if there are no security updates for my router?
Our main attack is against the 4-way handshake, and does not exploit access points, but instead targets clients. So it might be that your router does not require security updates. We strongly advise you to contact your vendor for more details. In general though, you can try to mitigate attacks against routers and access points by disabling client functionality (which is for example used in repeater modes) and disabling 802.11r (fast roaming). For ordinary home users, your priority should be updating clients such as laptops and smartphones.
- alan stone
- Posts: 269
- Joined: 2011-10-22 14:08
- Location: In my body.
Re: Ouch! Severe flaw in WPA2 protocol leaves Wi-Fi traffic
Required functionality of both WPA and WPA2, and used by all protected Wi-Fi networks, is the 4-way handshake. Even enterprise networks rely on the 4-way handshake. Hence, all protected Wi-Fi networks are affected by our attacks.
Source: https://papers.mathyvanhoef.com/ccs2017.pdf
Vulnerable enterprise systems, hospitals, ...Finally, although an unpatched client can still connect to a patched AP, and vice versa, both the client and AP must be patched to defend against all attacks!
Source: https://www.krackattacks.com/#faq
Government systems?