Sign in / up

back to article YouTube sin-bins account of KRACK WPA2 researcher

The YouTube account of the researcher behind the KRACK WPA2 Wi-Fi vulnerability was restored early on Thursday hours after it was shut down for violating "community guidelines". Mathy Vanhoef‏ was told that his YouTube account had been sin-binned late on Wednesday. The move provoked criticism from security pros. Around two …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. Hans 1
    Paris Hilton

    Coverage ?

    Ohhh, so, you covered the announcement of imminent KRACK WPA2 Vuln disclorsure, now you cove the closure of the youtube account of one of the boffins who found the vuln ... hm, OK ... tell me, when are you gonna cover the vuln in detail ?

    0 30 Reply
    1. JudeKay (Written by Reg staff)
      Reply Icon

      Re: Coverage ?

      Hi. Since the announcement, we've published https://www.theregister.co.uk/2017/10/17/kracken_patches/ (on Tuesday) and https://www.theregister.co.uk/2017/10/16/wpa2_krack_attack_security_wifi_wireless/ (on the day of the disclosure)...

      PARIS, because Stars are Blind .... https://www.youtube.com/watch?v=6Mj776YiPCU

      28 0 Reply
      1. Hans 1
        Reply Icon
        Facepalm

        Re: Coverage ?

        I forgot to add, Paris, coz she likes coverage ... as do I ...

        https://www.theregister.co.uk/2017/10/17/kracken_patches/

        was what I indeed missed ... OpenBSD ? Oh no!

        In my futile defense, though, I looked quite thoroughly, including google search (note: no later than this morning!)...

        [ icon => so self-inflicted face-palm]

        5 0 Reply
      2. Pan Handle Door Handle With Care
        Reply Icon

        Re: Coverage ?

        It is true, however, that there hasn't been the kind of well-informed, detailed explanation of the vulnerability that The Register would normally do.

        Possibly because the paper hasn't been presented yet?

        TP-Link have come out with a statement which suggests they could benefit from just such an explanation:

        http://uk.tp-link.com/faq-1970.html

        It says, "Time Window: An attack can only happen when a client device is connecting or reconnecting to a Wi-Fi network."

        They either don't know, or don't want to point out, that the reconnection can be forced.

        Either way, it doesn't sound as if they are planning to roll out any kind of clever mitigation measures on their routers to take account of smartphones, printers and other devices which will never be patched.

        And it isn't clear, more generally, whether and how that might be possible. A question which El Reg might be expected to answer in the course of thorough coverage to come...

        2 0 Reply
        1. diodesign (Written by Reg staff) Silver badge
          Reply Icon

          Re: Re: Coverage ?

          "It is true, however, that there hasn't been the kind of well-informed, detailed explanation of the vulnerability that The Register would normally do."

          The flaw is fairly complex but well-explained in the paper, which is public. We've linked to it in previous coverage. You should read it if you're interested in nonces and key installation. If you're aware of WPA2's cryptography, it's an easy read.

          Instead, we've focused on the impact - that's what matters most.

          C.

          3 0 Reply
          1. Pan Handle Door Handle With Care
            Reply Icon

            Re: Coverage ?

            I read the paper before commenting, although possessed of no specific prior interest in nonces nor particular knowledge of WPA keystreams. Hope that's OK.

            It is a complex exploit; but not, apparently, too difficult to automate and build upon.

            Importantly, the impact is obscured by the complexity.

            That it is hard at this stage to fully explain the ramifications is not surprising. So no criticism intended.

            It is a big hole, though. And one the significance of which can only be properly understood through detailed and nuanced exposition of practicalities. Well, I'd find that useful, personally.

            Not too many malicious people will walk through the hole, in the grand scheme of things. But they always can if they want to.

            I've left my keys in the front door (on the outside) overnight before now. Kicked myself; but nobody, in fact, availed themselves of the opportunity to either let themselves into my house or guess which car was mine on the street and use that key to steal it.

            If someone had let themselves in, they would have found that many valuables were not locked away. Because we do still tend to trust the perimeter. Frequently, there isn't much choice.

            2 0 Reply
    2. Anonymous Coward
      Reply Icon
      Anonymous Coward

      Re: Coverage ?

      "Linux and Android devices, the most vulnerable class of client devices."

      Quite.

      0 0 Reply
    3. Anonymous Coward
      Reply Icon
      Anonymous Coward

      Re: Coverage ?

      Can this be used to get access to WPA2 protected networks for "free" WiFi?

      0 0 Reply
  2. Mike 125

    patches

    "Patching is already well under way."

    There seems to be debate about whether the router and client both need patching. In a domestic setting, (DSL router serving pcs and phones), do we need to hassle the ISP for new router FW?

    Thanks.

    4 0 Reply
    1. Hans 1
      Reply Icon
      FAIL

      Re: patches

      Android 6 and Linux 2.4 DEFINITELY need switching off until patches are available. For others, although it is trickier to pull off, both need to be patched, hello, anybody in ?????

      In an ideal world, patch what you can, phase out what cannot be patched.

      The exploit vid clearly shows the client being 0wned, getting redirected to an attackers' AP ... some CVE's are server-related, others client related ....

      So, the correct answer is, as usual, both need to be patched, not really rocket science, I do not understand what the debate is about.

      2 1 Reply
      1. MyffyW Silver badge
        Reply Icon

        Re: patches

        I'm considering having two home WiFi networks - one for devices I can patch and trust, another for my own unpatchable devices and visitors devices. But I am starting to feel like a corporate IT department.

        2 0 Reply
    2. The obvious
      Reply Icon

      Re: patches

      Just for the avoidance of any doubt - BOTH NEED PATCHING.

      "although an unpatched client can still connect to a patched AP, and vice versa, both the client and AP must be patched to defend against all attacks!" it says on krackattacks.com

      3 0 Reply
    3. The obvious
      Reply Icon

      Re: patches

      I'm going to bet there are a lot of SoHopeless devices that will never get patched...

      2 0 Reply
  3. tim 13

    Why would you want to reuse a nonce to hack wifi?

    "nonce is a slang word for a pariah within a community of prisoners, typically a sex offender, child sexual abuser or one who has turned state's evidence."

    2 10 Reply
  4. tim 13

    Why would you want a to reuse a nonce to hack wifi?

    "nonce is a slang word for a pariah within a community of prisoners, typically a sex offender, child sexual abuser or one who has turned state's evidence."

    1 8 Reply
  5. wangi

    "prospective hacker would have to be within range of the network" - glad you've picked up how wireless networks work.

    7 2 Reply
    1. Jeffrey Nonken
      Reply Icon

      A recap is a method whereby you recount all relevant details, usually in summary, to assure they're fresh in everybody's mind, in turn to assure that they're all operating from the same context. "On the same page." Sometimes that means mentioning details that some of those people haven't forgotten, or details that are obvious to some of them.

      A brief mention of that particular important fact, no matter how obvious to you, shouldn't have inconvenienced you very much. Surely it took less of your time than formulating and entering a reply did.

      There's really no need to get sarcastic about it.

      0 0 Reply
  6. Emma.Parker

    I have a concern here, if I go for patches so I'm cent percent secure from wifi vulnerability or do I need a tool for that (like VPN or something) I have read few blogs where they have voted for patches and few where they have voted for a VPN (like: https://goo.gl/Kbuq5T). Can anyone guide me here?

    Also is there any tool through which I can check either I'm a victim of this vulnerability or not?

    0 0 Reply
    1. diodesign (Written by Reg staff) Silver badge
      Reply Icon

      Re: Emma

      If you apply your patches, you'll be OK. If you're using Windows or iOS, you're pretty much immune anyway. There isn't a tool to check as far as we're aware. If you're using a recent Linux or Android 6+ or macOS or openBSD or an IoT gadget that uses Linux, you're at risk.

      But bear in mind no exploit code attacking the flaw is out there, someone has to be in range, and it's right now tricky to do. Grab the latest security updates for your devices so that you're protected in future.

      C.

      2 0 Reply
      1. Rob D.
        Reply Icon
        Black Helicopters

        Re: Emma

        Given the nature of the vulnerability and the 'relatively' obvious mechanic that exposes it, although there is no reported exploit code known, wouldn't this be one that could reasonably have been providing the various spook groups with a route in to WiFi already, assuming they have enough paid eyes looking at enough standards and implementations? Not offering evidence, just noting that it would be both technically plausible and operationally useful so in a properly paranoid environment it would be reasonable to contemplate prior exploits.

        Wouldn't want to imbue any group with omniscience, of course, at least not before donning my tin foil hat.

        0 0 Reply
  7. Mike 16

    In Range

    AFAICT, one does not have to be "in range" personally. One only need by in _control_ of a device with WiFi, that is in range. There are _many_ WiFi access points "in range" as I type this, and probably significantly more phones/computers/IoT-thingies. The odds that _one_ of them is under the control of some miscreants halfway around the world may be non-negligible.

    0 0 Reply
    1. Jeffrey Nonken
      Reply Icon

      Re: In Range

      "AFAICT, one does not have to be "in range" personally."

      Agreed. I've thought that one way to avoid being spotted suspiciously hanging around a hotspot would be to suitably provision a cheap smartphone, drop it into the bushes, then control it from a remote location at your leisure.

      0 0 Reply
      1. Pan Handle Door Handle With Care
        Reply Icon

        Re: In Range

        This is why a really good explanatory article would be very welcome!

        Two radios are needed, and a lot more power than a smartphone can put out.

        Otherwise, the client will just hop back to the stronger channel.

        2 1 Reply
        1. TheVogon
          Reply Icon

          Re: In Range

          "Otherwise, the client will just hop back to the stronger channel."

          With default roaming settings it won't hop unless the signal level is really low!

          0 0 Reply
  8. Anonymous Coward
    Anonymous Coward

    KRACK Explanation (or so I think)

    Posting as AC because I'm a noob but here's my explanation for the KRACK vulnerability .

    -It affects all wifi (client) devices with WPA

    -It works by duplicating an existing wifi properties

    -With the duplication, it can force vulnerable wifi devices to use it

    -Android and linux are vulnerable as it uses WPA

    -Android 6+ and some linux are worst when hacker can then change https to http do to a bug

    -For now, we 'believe' Windows and Mac are safe

    -Connection on VPN can still protect user

    -Connection that can keep https is still safe

    https://www.xda-developers.com/wpa2-wifi-protocol-vulnerability-krack/

    extra:

    -Some linux has already been patched

    -Official LineageOS has been patched

    El Reg didn't explain that really, but that's what I think of the vulnerability from different sources. El Reg users with better explanation, please do correct me if I'm wrong.

    0 1 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like