User topics

Article topics

Log in Sign up

WPA2 security in trouble as KRACK Belgian boffins tease key reinstallation bug

A promo for the upcoming Association for Computing Machinery security conference has set infosec types all a-Twitter over the apparent cryptographic death of the WPA2 authentication scheme widely used to secure Wi-Fi connections. The authors of the paper have everything ready except the details of their disclosure: acceptance …

COMMENTS

Post your comment

House rules Send corrections

Add to 'My topics'

Monday 16th October 2017 02:46 GMT Long John Brass

Firmware update or OS?

Hope it just requires updates to the WPA supplicant and not a radio/firmware update

If it's radio firmware then we are all going to be shit out of luck as the radio manufactures never seem to release updates for older hardware or even current hardware for that matter :(

Dangit and I only just turned blue-tooth back on as the fixed finally landed on my phone. Now Wifi

*sigh*

24 0 Reply
1. Monday 16th October 2017 06:13 GMT bombastic bob
  
  Re: Firmware update or OS?
  
  WPA and WPA2 are handled by the main CPU and not the radio, so it's unlikely that radio firmware would need updating [that's typically about modulation and frequencies and things of that nature].
  
  Normally the WPA supplicant (like you mentioned) would be involved.
  
  Radio baseband processors don't (usually) handle anything beyond recognizing where the preamble and the data begin, and sending data out of the antenna. If they do, then the entire firmware would be like one image for all of it [I think there are one or two ARM-based solutions like that out there].
  
  14 1 Reply
2. Monday 16th October 2017 11:21 GMT silks
  
  Re: Firmware update or OS?
  
  Reckon the vuln is in the WPA2 protocol itself rather than in the implementation so it's unlikely there will be any update available?
  
  4 0 Reply
3. Monday 16th October 2017 11:29 GMT Skoorb
  
  Re: Firmware update or OS?
  
  After a read through the (now published) details and paper, another lucky save is that this is a [strong]client[/strong] attack. So unless you are running your routers in a client configuration (like as a repeater) or have fast roaming enabled on them, this does not have any effect.
  
  It's just OSs that need patching, so your PCs, phones and other devices.
  
  It also requires that the attacker is [emphasis]already on the WiFi as a client[/emphasis], i.e. already knows your WPA2 key / has a WPA enterprise connection.
  
  The patch is also fully backwards compatible, so unpatched devices can communicate with patched ones on the same network.
  
  The big patching headache is going to be all the specialist devices used in business and industry that don't receive vendor patches or are a massive pain to patch, and any old home gear lying around that has reached vendor imposed obsolescence - though someone being able to crack the encryption on the connection your WiFi radio uses is unlikely to be a problem.
  
  8 0 Reply
  1. Monday 16th October 2017 11:51 GMT Annihilator
    
    Re: Firmware update or OS?
    
    “It also requires that the attacker is [emphasis]already on the WiFi as a client[/emphasis], i.e. already knows your WPA2 key / has a WPA enterprise connection.“
    
    Yep, that’s how I interpreted it too. To be honest, i always forget this isn’t the case on wifi anyway. I’ve always assumed anyone on the same network as me can sniff my packets (ooh er...)
    
    2 1 Reply
4. This post has been deleted by its author
5. Monday 16th October 2017 12:54 GMT TheVogon
  
  Re: Firmware update or OS?
  
  "the attacker would have to be on the same base station as the victim, which restricts any attack's impact somewhat."
  
  So when using say a high gain Yagi directional antenna that means within a couple of miles line of sight of the Base station then. That doesn't seem to be much of a restriction!
  
  2 0 Reply
  1. Monday 16th October 2017 15:36 GMT Jamie Jones
    
    Re: Firmware update or OS?
    
    I read that as meaning someone already "logged in" via the wpa2 key - surely a Wifi hack requiring someone to be in range of the wifi base station is a given?
    
    2 0 Reply
6. Tuesday 17th October 2017 05:37 GMT Zakhar
  
  Re: Firmware update or OS?
  
  It is already patched for Debian/Ubuntu. That was quick!..
  
  Well, as I am using wired ethernet, I didn't really needed it anyway.
  
  1 0 Reply
Monday 16th October 2017 03:35 GMT chuckufarley

Uncorrectable Horse Staple Battery

I hope it will not be necessary to replace hardware the world over.

On the other hand, I have always said that wireless networking will always be fundamentally insecure because it relies on radio transmissions that anyone can intercept or broadcast. I am amazed that WPA2 has gone this long without someone finding a fatal flaw.

I'll be stocking up on hotdogs and marshmallows just in case the world decides to spontaneously combust.

EDIT: How bad can it be if it only has 10 CVE numbers? Wait...don't answer that...

9 21 Reply
1. Monday 16th October 2017 04:51 GMT Lee D
  
  Re: Uncorrectable Horse Staple Battery
  
  What a silly statement.
  
  Encryption is DESIGNED so that anyone can capture the packets and still not be able to decrypt the message. The medium matters not. if you operate your systems on the basis that it's difficult to send / recieve rogue packets, you're just leaving yourself open for compromise. Encrypt, VPN (even over home wifi - why not?). All media are equally risky if anyone else is on them at all.
  
  In this case it looks like they've forced poor implementations to behave improperly (nonce reuse), which has little to do with the actual encryption. Maybe the protocol is poor, like WEP. But notice how no-one is saying AES is broken?
  
  If you just work on the assumption that all media are vulnerable, then encrypt with known-good encryption (not RC5 or TKIP, and yes you MUST keep up to date with what's safe!), it really doesn't matter what happens or who can send you packets.
  
  VPN over WPA2 on every home network I've had. Zero latency (I game a lot). And survived the whole WEP/WPA/TKIP vulnerabilities with time enough to safely upgrade.
  
  Always assume every network interface is sniffable. Encrypt everything.
  
  38 1 Reply
  1. Monday 16th October 2017 05:11 GMT chuckufarley
    
    Re: Uncorrectable Horse Staple Battery
    
    Encrypt everything. That is very sound advice for the most part. For wifi: how about encrypting the encryption handshake? But then we would need to encrypt the handshake of the handshake for the encryption handshake. And then the...
    
    You see where this is going.
    
    I say let's go with more than one form of security. Something like ssh RSA keys and 2FA for wifi anyone? I would like that...I think.
    
    2 17 Reply
  2. Monday 16th October 2017 06:15 GMT bombastic bob
    
    Re: Uncorrectable Horse Staple Battery
    
    "But notice how no-one is saying AES is broken?"
    
    true - it won't be until we see the details that we'll know the extent of the problem.
    
    my guess is that 'Michael' will do its job if things get out of sync, more times than not.
    
    0 0 Reply
    1. Monday 16th October 2017 09:22 GMT Doctor Syntax
      
      Re: Uncorrectable Horse Staple Battery
      
      "But notice how no-one is saying AES is broken?"
      
      true - it won't be until we see the details that we'll know the extent of the problem.
      
      If they'd broken AES they'd have a different title for their talk.
      
      16 0 Reply
      1. Monday 16th October 2017 09:52 GMT Roger 11
        
        Re: Uncorrectable Horse Staple Battery
        
        And it would be far more serious.
        
        8 0 Reply
  3. Monday 16th October 2017 08:58 GMT Anonymous Coward
    
    Re: Uncorrectable Horse Staple Battery
    
    "VPN (even over home wifi - why not?)"
    
    Depending on whether you mean to VPN to a VPN provider, or to a local VPN server within your (wired) network...
    
    To a provider... I trust my home ISP more than I trust a commercial VPN provider. As a lot of data leaving the VPN will be unencrypted, it's a great place to snaffle data that people think is secured. Yes, I'm paranoid about that sort of thing, but that's generally seen as a good thing.
    
    To your own server within your network... I can't see much advantage here and there is the added complications and overheads of running the VPN services etc. But I live in a fairly quiet neighbourhood with friendly (and not particularly IT savvy) neighbours, so no reason to expect that my WPA2 would already be compromised. Even if it had, everything remotely sensitive is then run over SSL or SSH anyway, because I don't trust the ISP 100%.
    
    5 1 Reply
    1. Tuesday 17th October 2017 08:47 GMT Kiwi
      
      Re: Uncorrectable Horse Staple Battery
      
      To your own server within your network... I can't see much advantage here and there is the added complications and overheads of running the VPN services etc.
      
      I have an Acer that lshw identifes as "Aspire M1200/3200/5200" running as a semi-media centre at a mate's place. He uses it to watch old movies on Youtube, and when I'm there we'll watch other media on it as well (including some high definition videos, and sometimes live stuff over Kodi). The current CPU is a "AMD Phenom(tm) 8450 Triple-Core Processor" which I installed this past weekend, previously it had the default CPU with the model (a 2core of about the same speed). Video is "RS780 [Radeon HD 3200]" and it has 8Gb of RAM in it.
      
      This machine does it's work as his media machine, also currently acts to, well, it gathers media from certain sites and allows others with similar interests (eg in a certain bay) to get that content from us (to a certain ratio). It also has one of my Owncloud servers running which my mate and another mate use for backup purposes.
      
      And on top of all that it runs an instance of OpenVPN that half a dozen devices access. Not for video streaming, he's only able to get ADSL where he is so his upload speeds are sucky, but the VPN provides no noticeable overhead on the network, even when all devices are connected.
      
      (That said, the devices are generally on slower connections anyway, and doing fairly mundane stuff like this one on El Reg, my tablet on the odd page check (and maybe banking stuff if I'm away from home using someone else's wifi (VPN encrypted plus banking site's encryption should make things nice'n'safeenough - vpn is by cert not username/password), and other mundane stuff.
      
      I use it when I visit him as well, and would use a vpn on my own wifi network esp now that this crack is known. I wouldn't bother maybe with wired, but very few tablets have that as an option (though mine has a full fat USB port so I could perhaps get a RJ45 dongle, if it can drive it)
      
      TL:DR; The VPN overheads are actually quite tiny. I run OpenVPN myself and have no problems.
      
      0 0 Reply
  4. Monday 16th October 2017 09:15 GMT FlamingDeath
    
    Re: Uncorrectable Horse Staple Battery
    
    TRUST NO ONE!!!!111
    
    Queue X-Files theme tune!
    
    5 0 Reply
  5. Monday 16th October 2017 10:23 GMT dajames
    
    Re: Uncorrectable Horse Staple Battery
    
    If you just work on the assumption that all media are vulnerable, then encrypt with known-good encryption (not RC5 or TKIP, and yes you MUST keep up to date with what's safe!), it really doesn't matter what happens or who can send you packets.
    
    Up to a point, Lord Copper.
    
    The new study seems to be attacking the key set-up using some sort of man-in-the-middle approach reusing nonces, so it looks very much as though it does depend precisely on the problem of knowing (or not knowing) who is sending you packets.
    
    We shall have to wait and see ...
    
    1 0 Reply
  6. Monday 16th October 2017 11:31 GMT Lomax
    
    Re: Uncorrectable Horse Staple Battery
    
    > What a silly statement.
    
    I live in a street with very heavy tourist footfall; even on a quiet day there are hundreds of people passing outside, every single one of whom is carrying a smartphone device from one of only two OS vendors, every single one of which has a WiFi radio built in, every single one of which is at least theoretically capable of hosting any kind of malware, whether the owner is aware of it or not. My (two) SSIDs are constantly bombarded by AP scans from these devices. On my LAN are several hardware devices which do not / cannot use additional encryption such as VPN, including VOIP phones, printers, projectors and other media hardware, all of which get very infrequent firmware updates (if at all), all of which in theory could be vulnerable to some kind of attack that I do not know about. Although I have split my WLAN into two (one for guests, one for me) and I spend more time than most people trying to stay on top of security issues, I cannot escape a feeling of unease. The fact that is that in theory anyone (or any software) that could connect to my privileged AP could gain local network access and could (in theory) attack any of the many always-on hardware devices present on it, and it would be pretty hard for me to tell (yes, I do log pretty much everything - but I find there's not enough time in the day for me to look through it all). If WPA2 is crackable that's definitely very serious indeed. To be equally exposed using a wired LAN I would literally have to place a signposted Ethernet jack out on the street, all smartphones would need to be equipped with an Ethernet port, and everyone who passes by would need to stop for a moment and connect up to it. There *is* a difference.
    
    11 0 Reply
    1. Monday 16th October 2017 12:15 GMT chuckufarley
      
      Re: Uncorrectable Horse Staple Battery
      
      OK, so the details of the attack have been released. It turns out they ARE attacking one part of the connection: The handshake. Will we ever see wifi networks with fool proof encryption?
      
      Well, based on the votes my other posts received that would be a waste of time because fools are still self evident. So go on and down vote this post too. You know you want to. It's natural. It's what I deserve for predicting the outcome based on what I read about their previous work. Yes, I admit it: I used my brain before posting. So go ahead, create a second account so you can down vote twice.
      
      4 0 Reply
      1. Monday 16th October 2017 15:41 GMT Jamie Jones
        
        Re: Uncorrectable Horse Staple Battery
        
        Hmm, I actually upvoted your original post, but was very tempted to downvote this little temper-tantrum!
        
        3 0 Reply
      2. Monday 16th October 2017 19:44 GMT Lee D
        
        Re: Uncorrectable Horse Staple Battery
        
        The handshake is part of the protocol. Not the encryption.
        
        As I predicted / guessed / inferred / lucked-out-on: The protocol is broken and re-uses data that it shouldn't (presumably in order to account for wifi noise). Nobody's broken Diffie-Helman. Nobody's broken AES. If you treat your wifi as an UNTRUSTED NETWORK (yes, my clients are firewalled even ON the wifi such that it's "the internet" to them), then you're not affected. Maybe someone can browse Google on your wifi, at best.
        
        So you do what I suggest - treat the wifi as UNTRUSTED. Make it so that clients have to VPN into a router/server even on the WLAN, so that even if someone is sitting reading EVERY PACKET of your wifi connection, they still can't get online / talk to your network / interfere with your devices without first connecting to and authenticating against the VPN server too.
        
        Wifi is - and always has been - insecure. Because you rely on the fact that every client is "safe" and whitelisted, including your laptop, if you have the right password. It's stupid. Stop it. Treat Wifi like an Ethernet cable that goes through a wall into... what? Who knows? Could be anything happening back there.
        
        Public-key encryption, proper security, public-keys, and to an authenticated destination that's the only machine you have to trust (instead of EVERY SINGLE client and device on your network).
        
        1 0 Reply
Monday 16th October 2017 03:41 GMT john.jones.name

Key Reinstallation Attack (KRACK).

It breaks the WPA2 protocol by forcing nonce reuse in encryption algorithms used by Wi-Fi

if you force the reuse of the nonce then...game over man...

Nonce reuse allows an attacker to recover the authentication key. this allows the Attacker can modify messages with high precision.

https://john.jones.name

9 1 Reply
Monday 16th October 2017 04:17 GMT Anonymous Coward

I hope they're allowed to return to Belgium..

Given what happens to security researchers in the US, going to conferences there may not be a good idea.

48 1 Reply
1. Monday 16th October 2017 12:03 GMT Sir Runcible Spoon
  
  Re: I hope they're allowed to return to Belgium..
  
  I've done a bit more digging and found some more info on Hutchinson - (by which I mean I discovered an analysis done by someone else).
  
  Not so sure Hutchinson doesn't have a few skeletons in his closet now.
  
  2 0 Reply
Monday 16th October 2017 04:17 GMT Anonymous Coward

So in theory

There is a window where someone could feasibly hack into a machine while it is downloading Windows/AV/etc updates using a Wifi based MITM attack.

This is especially nasty when a lot of POS machines use Wifi (hopefully encrypted) and someone could then capture the traffic and break the encryption offline with a large enough supercomputer.

How would you defend against this (hopefully theoretical) attack? Literally everyone's machines could be compromised and we'd never know.

There was I concerned about a WPA2 based rainbow table attack using >128GB SD cards and most common passwords, this replaces it with in principle a $1 microcontroller.

0 5 Reply
1. Monday 16th October 2017 04:37 GMT chuckufarley
  
  Re: So in theory
  
  As long as the download is secured with https or VPN that data should still be encrypted. Breaking that kind encryption on the fly should still be non-trivial. So I think in this case the best you could do is spy after the fact with captured data, not inject "corrected" packets. I am far more worried about Windows leaking weakly hashed passwords to an attacker that has broken into a wifi network.
  
  6 0 Reply
  1. Monday 16th October 2017 05:17 GMT JeevesMkII
    
    Re: So in theory
    
    If someone knows your session key, they can with some cheap software defined radio gear start attacking the ancient, completely insecure protocols that precede TLS connections and VPNs, DHCP and DNS.
    
    You can't really trust TLS if you're not really sure if the hostname resolved to the right address. Doubly so if the security is totally non-interactive and it's vulnerable to the DNS returning PTR records.
    
    3 4 Reply
    1. Monday 16th October 2017 07:09 GMT Adam 1
      
      Re: So in theory
      
      > You can't really trust TLS if you're not really sure if the hostname resolved to the right address.
      
      Sure you can. The fake server cannot fake a signed public key (let's exclude Symantec et al giving out fake ones for the minute) so even if they send you fake content then you are going to get warnings about self signed certificates or mismatched URIs from your browser. They can definitely do a downgrade attack (eg POODLE) when intercepting your handshake. They can definitely block your service. But they cannot trick you*
      
      *I guess another exception is the fruity browser that did a few too many goto fails and thereby passed over that check.
      
      12 1 Reply
2. Monday 16th October 2017 08:04 GMT Anonymous Coward
  
  Re: So in theory
  
  This is where I get to be smug that all the PoS systems I'm responsible for are hardwired.
  
  Oh wait, the customer insisted that they communicate with a tablet to harvest customer emails? Over wifi?
  
  FML :(
  
  7 0 Reply
3. Monday 16th October 2017 11:34 GMT DaLo
  
  Re: So in theory
  
  It's equivalent to being as secure as you would be on a public WiFi network. Anything you wouldn't do on a public WiFi network you wouldn't want to do if you thought your WPA2 network may be compromised.
  
  4 0 Reply
  1. Wednesday 18th October 2017 03:52 GMT Anonymous Coward
    
    Re: So in theory
    
    Why all the downvotes?
    
    Also the Zero W has the advantage of being very low powered.
    
    For my purposes (ie hacking an FM radio into it using the unused ext_ant and some micro-soldering under the BGA Cypress chip) I can fit it onto a continuous rotation servo based around a defunct video recorder cylinder assembly as its heatsink and host.
    
    Its a perfect size and I can even reuse the existing video signal coils to charge the battery while it is rotating, storage can be onboard (16GB £10 WHs) and also use my recently discovered chip antenna to get FM coverage for triangulation of its location etc. For my purposes they are already tuned and ready to go with a very simple 13.56 MHz based induction drive.
    
    This is surely going on Hackaday very soon and adding 5.2 GHz is also trivial via external mPCIe card and adaptor.
    
    0 0 Reply
Monday 16th October 2017 04:56 GMT Lysenko

...the attacker would have to be on the same base station as the victim...

If that's the case then it is somewhat analogous to a locksmith demonstrating the ability to come round to your house and pick the front door lock. The fact that such an attack exists doesn't instantly obsolete every domestic door lock on the planet.

"Security" isn't a two state condition, it's a sliding scale calibrated to threat level. If you want to keep out someone with locksmith skills then typical domestic door furniture isn't adequate, however that doesn't concern most people because they aren't trying to defend against that sort of threat.

19 0 Reply
1. Monday 16th October 2017 05:18 GMT Kevin Fairhurst
  
  Re: ...the attacker would have to be on the same base station as the victim...
  
  As with all these things, this starts as “has to be on same base station” but people will work out a way to replicate this approach without having to authenticate first...
  
  In the meantime, disconnect from public WiFi...
  
  7 2 Reply
  1. Monday 16th October 2017 08:12 GMT chivo243
    
    Re: ...the attacker would have to be on the same base station as the victim...
    
    @ Kevin Fairhurst
    
    +1
    
    "on same base station" is only one step removed from physical access. So, I won't be worrying about this. I'll leave that to the professional paranoids.
    
    C'mon Reg, where is that tinfoil hat icon?
    
    8 0 Reply
2. Monday 16th October 2017 08:19 GMT Anonymous Coward
  
  Re: ...the attacker would have to be on the same base station as the victim...
  
  "Security" isn't a two state condition, it's a sliding scale calibrated to threat level.
  
  and budget vs risk tolerance..
  
  9 0 Reply
3. Tuesday 17th October 2017 08:11 GMT dajames
  
  Re: ...the attacker would have to be on the same base station as the victim...
  
  If that's the case then it is somewhat analogous to a locksmith demonstrating the ability to come round to your house and pick the front door lock.
  
  A better analogy might be a locksmith demonstrating that he can open all the internal doors in your house when what's important is that he can't open the front door from the outside.
  
  Of course, if you let him in he has the run of the place.
  
  2 0 Reply
Monday 16th October 2017 06:14 GMT Anonymous Coward

I've kept wondering why we haven't seen a WPA3 yet

Just because no one had broken WPA2 is no reason not to see a WPA3 and even WPA4 standardized and deployed. Had they done that, if WPA2 is broken you'd simply need to deprecate WPA2 on your router (i.e. only allow it if the client doesn't support anything newer) and it would be a simple fix.

If WPA2 gets broken wide open, we're all screwed because there's no alternative to go to even on those devices that can easily have their firmware updated.

That's the biggest flaw with security standards like WPA, HDCP, and so forth. Once they believe they have it secure, they assume they'll be fine forever and only react after they wake up in the morning and find the barn empty.

9 4 Reply
1. Monday 16th October 2017 07:41 GMT Lysenko
  
  Re: I've kept wondering why we haven't seen a WPA3 yet
  
  What would be the point? If you don't know where the problem is then simply meddling with the protocol isn't necessarily going to help and will probably introduce new vulnerabilities. Attacks like these don't break AES (which is what WPA2 essentially is) so mindlessly increasing key lengths wouldn't make any difference. If anything, causing protocol proliferation would just fragment research/auditing efforts and risk increasing the attack surface as the lesser used protocol(s) come under reduced scrutiny.
  
  The integrity of cryptography rests on a published mechanism resisting sustained attack by cryptographers over a period of time lengthy enough to confer credibility. That makes it a problem domain where you absolutely should not set about trying to "fix" things until you know exactly where and how they are broken.
  
  26 0 Reply
  1. Monday 16th October 2017 11:08 GMT Anonymous Coward
    
    Re: I've kept wondering why we haven't seen a WPA3 yet
    
    WPA2 already had known weaknesses, the biggest one being that simply by capturing one 4-packet exchange, you can perform an offline brute-force attack against the pre-shared key.
    
    5 0 Reply
    1. Monday 16th October 2017 21:37 GMT Anonymous Coward
      
      Re: I've kept wondering why we haven't seen a WPA3 yet
      
      The point is that different people come up with different things. There are multiple encryption algorithms, that have different weaknesses. Why wouldn't different WPA implementations also have different weaknesses? When you learn about a weakness in one (like this one for WPA2) odds are you don't have the same weakness in WPA3. And if some group is working on what will become WPA4, they can take the new information into account and protect it against what affected WPA2.
      
      0 0 Reply
Monday 16th October 2017 07:55 GMT Blotto

Application Security trumps network security

You need to secure the information as close to the generating source as possible. If you encrypt from the application to the remote server then bad actors in the path between can’t read the content, even malware on the same machine won’t compimise the data. A VPN on the client is not quite as good as malware on the client could intercept unencrypted data from both ends. A VPN or in this case encrypted between client and network exposes unencrypted data on a local network that could be intercepted and content changed without the client ever knowing by a rogue device on that lan.

A site to site vpn won’t prevent a rogue or remotely controlled device from intercepting unencrypted local traffic, but if the applications sending the traffic where using encryption the data would be safe and it’s integrity intact regardless.

4 0 Reply
Monday 16th October 2017 08:20 GMT Anonymous Coward

erm...

You have to be on the same base station?

So how do I get the password to get onto the base station?

Apologies if I'm not reading this right but if I am it's mostly useless.

Edit: Thinking about this I can force someone to disconnect and handshake without being on the base station so why do you need to be on the base station?

4 0 Reply
1. Monday 16th October 2017 08:36 GMT Craigie
  
  Just because you have the keys to the castle, doesn't mean you're not also a threat.
  
  2 0 Reply
2. Monday 16th October 2017 08:37 GMT thondwe
  
  same base station
  
  You get on the same base station by hacking a weak link via some other avenue- e.g. poorly managed laptop that already has the wireless key/password...
  
  Risks on a University wifi network for example - Students, and worse still staff...
  
  3 2 Reply
  1. Monday 16th October 2017 12:10 GMT Sir Runcible Spoon
    
    Re: same base station
    
    How about Guest-wifi versus trusted connection?
    
    You can have more than one SSID on a base station.
    
    1 0 Reply
Monday 16th October 2017 08:49 GMT Anonymous Coward

So I'm guessing the only way to fix this is to buy a new router and OS?

0 7 Reply
1. Monday 16th October 2017 11:38 GMT Ken Hagan
  
  No. There is (now) a rather good summary near the top of this thread. It is fixable in software, so for most OSes you can expect a fix in the next day or two. the vendors were all warned in advance and should have something ready. It also attacks the clients rather than the access point, so your router is not a problem unless you've chained a few together to extend your range.
  
  The biggest problem I can see is that Android (and Linux in general) can be persuaded to use a null encryption key with this attack. That's "drop trousers and bend over" time for *lots* of mobile phones until such time as phone vendors (and any ISPs who might be cock-blocking the update channel) decide that these "existing customers" are worth some attention.
  
  5 0 Reply
Monday 16th October 2017 09:03 GMT 0laf

But what's the risk?

Unless the hack is trivially easy then the majority of us can stop worrying.

Crooks for the most part aren't daft, it this hack takes hours or weeks to pull off then it's not really going to affect Joe Bloggs in the street. You're not worth the bother tbh.

If you are working in the field protecting assets worth millions or billions; or on major pieces of critical national infrastructure affecting millions of people then you'll need to look a bit more closely.

It's all about the risk.

I wait to hear some details and some rational analysis beyond people screaming "WPA2 is fucked".

13 1 Reply
1. Monday 16th October 2017 12:13 GMT Sir Runcible Spoon
  
  Re: But what's the risk?
  
  If you are working in the field protecting assets worth millions or billions; or on major pieces of critical national infrastructure affecting millions of people then you'll need to look a bit more closely.
  
  If someone is stupid enough to do this, what makes you think they would have enabled WPA2 in the first place?
  
  2 0 Reply
Monday 16th October 2017 09:10 GMT David Roberts

Router firmware updates?

That shouldn't take long.

7 0 Reply
1. Monday 16th October 2017 09:31 GMT Doctor Syntax
  
  Re: Router firmware updates?
  
  "That shouldn't take long."
  
  Shouldn't.
  
  But, in any case, it's irrelevant. It's the base station firmware that needs to be update. Router and radio aren't necessarily the same box.
  
  1 3 Reply
2. Monday 16th October 2017 10:42 GMT Andrew Commons
  
  Re: Router firmware updates?
  
  It looks like an update for my SOHO Access Point has been available for about a week. Check vendor support sites.
  
  1 0 Reply
Monday 16th October 2017 09:28 GMT John Smith 19

So much for rehabilitation.

Re used nonces can't be trusted.

Something to keep in mind.

4 1 Reply
1. This post has been deleted by its author
Monday 16th October 2017 09:31 GMT simmondp

Should you really care.

Irrespective of how serious this flaw *actually* is.....

Back in 2006 the Jericho Forum explained that the world was going de-perimiterised - and that you should rely on encrypted protocols NOT encrypted networks (you may want restrict network access for QoS purposes - not security).

See: https://collaboration.opengroup.org/jericho/Protocols_v1.0.pdf

If you are not concerned with QoS then follow the guidance of OpenWireless.org and run a fully open wireless network (it's a neighbourly thing to do) with the SSID of openwireless.org - just ensure that your traffic using the network uses only secure protocols.

1 0 Reply
1. Monday 16th October 2017 11:41 GMT Ken Hagan
  
  Re: Should you really care.
  
  "If you are not concerned with QoS then follow the guidance of OpenWireless.org and run a fully open wireless network"
  
  Only two problems with that as far as I can see. Firstly, I'm paying for the traffic. Secondly, Amber Fudd would then blame me for all the porn that passers-by downloaded over my link.
  
  6 0 Reply
2. Monday 16th October 2017 12:48 GMT Aitor 1
  
  Re: Should you really care.
  
  I am actually concerned about going to prison when my neighbour decides to do something illegal and I am the one who is the "owner" of the line.
  
  4 0 Reply
Monday 16th October 2017 09:55 GMT Milton

Clarity, please?

Wouldn't be the first time I have exhibited some density, but what I've read so far (El Reg and some slightly more hysterical MSM stuff), I remain unclear about the likelihood of successful penetration of a WiFi-enabled network. Perhaps we need to wait for the presentation to have full visibility.

There's a difference between—

* Any dolt with a run of the mill laptop and a downloaded exploit can hack into my home LAN in five minutes, potentially to gain access to NAS and/or surf nasty websites on my account

—or—

* A knowledgeable and disciplined tech expert using a £3k laptop can, if he's lucky, break in and do the same after 24 solid hours of persistent attack

... because the former implies that profitable wardriving and drive-by hacking might become a common and truly troublesome thing, whereas the latter suggests I need worry only about those who already *know* I have secret plans and clever tricks on my system¹.

Most of my LAN is wired for performance and security reasons, but like most people I have family and guests with mobile devices who need WiFi access.

It sounds like a sensible preliminary precaution would be to ensure ALL WiFi devices can connect only to the Guest network (which I normally use, of course, for visitors), so as to at least keep adversaries off the LAN. I'd be interested in any commenters' thoughts on this or other temp fixes/approaches?

¹ Yeah, as if.

5 0 Reply
1. Monday 16th October 2017 12:43 GMT Blotto
  
  Re: Clarity, please?
  
  @milton
  
  I suspect they used the keywords “same base station” to indicate that ssid is irrelevant and that if you have more than 1 basestation, the attacker must be connected to the same 1 as the victim.
  
  If you have guest WiFi on the same basestation as your private WiFi then it looks like you could be susceptible. It’s to do with part of the wpa setup being reissued to multiple connections, i suspect guest WiFi would reuse the same as private.
  
  2 0 Reply
Monday 16th October 2017 10:29 GMT EnviableOne

https://papers.mathyvanhoef.com/ccs2017.pdf

Havent read it yet, but this seems to be what they are talking about.

if there is no point in WPA3, why do we have SHA3 and eliptic curves, etc

1 0 Reply
Monday 16th October 2017 10:39 GMT Dr_N

Public WiFi

How quaint. I just use 4G. WiFi on the mobile is permanently off.

0 8 Reply
1. Monday 16th October 2017 12:17 GMT Sir Runcible Spoon
  
  Re: Public WiFi
  
  You've basically just told everyone that you aren't concerned about locking the stable door because you live in a field.
  
  9 0 Reply
Monday 16th October 2017 11:22 GMT Parsimonious Tankard

The placeholder website in the article (Krakattack) now has all the gory details. Pass the popcorn...

1 1 Reply
Monday 16th October 2017 11:25 GMT Anonymous Coward

I'm guessing I can just connect to my router with a LAN cable and be unaffected, right?

4 0 Reply
1. Monday 16th October 2017 11:45 GMT Ken Hagan
  
  Yes. And if your client is something that can be plugged into the router with a cable then it (the client) will almost certainly be patched this week.
  
  2 0 Reply
Monday 16th October 2017 12:00 GMT nagyeger

Key phrases

:-( The weaknesses are in the Wi-Fi standard itself.

:-( make sure all your devices are updated, and you should also update the firmware of your router.

:-( Our main attack is against the 4-way handshake, and does not exploit access points, but instead targets clients.

:-( Our attack is especially catastrophic against version 2.4 and above of wpa_supplicant, (linux, android >=6 )...

2 0 Reply
1. Tuesday 17th October 2017 10:21 GMT Kiwi
  
  Re: Key phrases
  
  :-( Our attack is especially catastrophic against version 2.4 and above of wpa_supplicant, (linux, android >=6 )...
  
  Patch already out.
  
  Well, for Linux anyway. Android, well... :(
  
  0 0 Reply
Monday 16th October 2017 12:16 GMT Anonymous Coward

At least Amber Rudd and Theresa May are allowing us to keep end-to-end encryption to protect ourselv- oh, right...

4 0 Reply
Monday 16th October 2017 19:04 GMT emmanuel goldstein

Fucking nonces.

3 0 Reply
1. Wednesday 18th October 2017 23:05 GMT John Smith 19
  
  " Fucking nonces."
  
  Probably best not to.
  
  1 1 Reply
Thursday 19th October 2017 13:07 GMT paulnick2

OS Updated Details list against KRACK

Here is the updated list of fixes along with company's names and details:

Apple: Apple has ALREADY released a patch update in macOS 10.13.1 (beta only). Apple will likely release the KRACK Wi-Fi patch in iOS 11.1 this week. The company will widely roll out an update for iOS and Mac users in a few days.

Windows: Windows reacted promptly and sent out an automatic update for Windows 7, 8, 8.1 & 10 users.

Linux: Linux worked swiftly and released KRACK Wi-Fi Patches updates for Ubuntu 14.04+, Arch, OpenBSD, Debian, Gentoo, and Linux upstream.

Intel chipsets: Intel released firmware updates for its various chipsets.

Raspberry Pi: Jessian, Stretch has been fixed. Wheezy and others will receive updates by October 17.

Android: Android will fix at patch level by November 6, 2017.

Lineage OS: Fixes have been merged and will be rolled out in next weekly release.

Samsung: Samsung’s flagship devices have received Google security patches, but older models have still not received KRACK Wi-Fi patches.

iOS: Apple will likely release the KRACK Wi-Fi patch in iOS 11.1 this week.

Google Wi-Fi: Google will release a patch soon.

Apple Airport: No news on the Apple Airport.

Netgear: No updates have been released. Expect updates soon.

UniFi: Firmware 3.9.3 solves the concern.

Mikrotik: RouterOS v6.39.3, v6.40.4, v6.41rc and up.

LEDE: Fixes available in night by night updates.

Eero: eerOS 3.5 and up is secure.

AVM: AVM is somewhat aware of the vulnerability but doesn’t feel an update is necessary.

DD-WRT: Fixed in core, waiting for an update.

Meraki: Fixed with Meraki 24.11 and 25.7.

Aruba: Updates are available across Aruba hardware.

FortiNet: FortiAP 5.6.1 and up are secure.

Cisco: Updates are now available on Cisco hardware.

TP-Link: The company, doesn't know much about the vulnerability.

Synology: KRACK Wi-Fi security fix is now available.

KPN (NL): No information on the fix.

Nest: Nest claims that their devices aren't affected.

Sonos: No information on Sonos.

Amazon: Amazon is still in the process of reviewing devices while there is no fix issued for Echo etc.

Belkin: Belkin is aware of the issue, yet there is no fix for Wemo/Linksys devices.

Source: https://www.purevpn.com/blog/krack-wifi-security-fixes/

0 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Other stories you might like

Microsoft catches the Wi-Fi 7 wave with Windows 11

In with the new, but old Insider bugs remain

OSes 24 Feb 2024 | 36

Netgear hauls Huawei to court over Wi-Fi patent spat

Router maker claims Chinese giant refuses to license on reasonable terms

Networks 1 Feb 2024 | 16

Zen Internet warns customers of an impending IP address change

Updated As if by magic, multiple IPv4s may be reduced to just one

Networks 31 Jan 2024 | 114

Wireless priesthood begins blessing Wi-Fi 7 hardware

CES A little more speed and less latency

Networks 9 Jan 2024 | 14

Microsoft puts the 'why?' in Wi-Fi with latest Windows patch

Redmond stuffs IT admin Christmas stockings with network issues

OSes 18 Dec 2023 | 37

Microsoft offers rollback for those affected by Windows wireless futility

See, it wasn't just you

OSes 20 Dec 2023 | 21

EE touts next-gen broadband Smart Hub with Wi-Fi 7 for 2024

Sure to lure in a few in the WFH crowd ... but no pricing yet

Networks 21 Sep 2023 | 20

Washington plans overhaul of wireless spectrum allocation

One person's garbage band is another person's treasure, right Citizen’s Broadband Radio Service?

Networks 14 Nov 2023 | 4

Where do people feel most at risk of being pwned? The pub

Pints, pork scratchings, and password-free Wi-Fi: The nearly perfect brew

Bootnotes 1 Nov 2023 | 36

How to snoop on passwords with this one weird trick (involving public Wi-Fi signals)

Fun technique – but how practical is it?

Research 13 Sep 2023 | 20

The home Wi-Fi upgrade we never asked for is coming. The one we need is not

Column 46Gbps to our sofas. At last, freedom from the nightmare of a mere 9.6

Networks 25 Sep 2023 | 139

How's this for X-ray specs? Wi-Fi can read through walls... if the letters are solid objects

No, miscreants won't be able to use it to read secret printed docs

Networks 13 Sep 2023 | 12

The Register Biting the hand that feeds IT

About Us

Our Websites

Your Privacy

Situation Publishing

Copyright. All rights reserved © 1998–2024