WPA2 has been cracked

[jagdtigger]

12 hours ago, LAwLz said:

There were multiple exploits published with that white paper. Some are client related, and some are access point related. Honestly, you shouldn't really worry anyway because the attack is tricky to execute (for now) and patches are already rolling out for devices.

It is still recommended to install all updates which fixes the holes related to this.

 

It seems TP-Link thinks otherwise:

11 hours ago, Swatson said:

Good news. http://forum.tp-link.com/showthread.php?101094-Security-Flaws-Severe-flaws-called-quot-KRACK-quot-are-discovered-in-the-WPA2-protocol

Quote

Q: What if there are no security updates for my router?
A: Our main attack is against the 4-way handshake, and does not exploit access points, but instead targets clients.

 

 

 

[LAwLz]

1 hour ago, jagdtigger said:

It seems TP-Link thinks otherwise:

TP-Link disagrees on which point(s) exactly?

Of course they want you to update, but the vulnerability is quite overblown at this point.

 

It is hard to execute.

Clients are already being patched.

Patches to clients removes the main threat.

[Yongtjunkit]

On 10/17/2017 at 8:11 AM, Donut417 said:

Id assume so. 

 

11 hours ago, VagabondWraith said:

Apple will patch this in iOS 11.1 releasing soon.

I'm currently using and iPhone 5 which can't be updated to iOS 11.1, is there any other way other than buying a new device to protect myself from this attack? I'm using am asus rt-ac68u as the router

[LAwLz]

14 minutes ago, Yongtjunkit said:

I'm currently using and iPhone 5 which can't be updated to iOS 11.1, is there any other way other than buying a new device to protect myself from this attack? I'm using am asus rt-ac68u as the router

As far as I am aware, there is no other way to protect yourself other than to install the security patches.

With that being said, there is no need to panic. The attack is hard to execute. It requires skills, and a lot of effort, on top of needing to be in range of your AP and device.

[Yongtjunkit]

44 minutes ago, LAwLz said:

As far as I am aware, there is no other way to protect yourself other than to install the security patches.

With that being said, there is no need to panic. The attack is hard to execute. It requires skills, and a lot of effort, on top of needing to be in range of your AP and device.

Does this solution Protects devices with missing patch(software update?) by using enterprise WPA? 

 

 

Not to mention that my router and access point (powerline adapter) is set to full power if I wasn't mistaken. And I don't usually on the powerline adapter till night time 

[LAwLz]

2 hours ago, Yongtjunkit said:

Does this solution Protects devices with missing patch(software update?) by using enterprise WPA?

 

Not to mention that my router and access point (powerline adapter) is set to full power if I wasn't mistaken. And I don't usually on the powerline adapter till night time

Again, I haven't read the report but my understanding is that WPA2-Enterprise with certificates are vulnerable too. I don't see why it wouldn't be.

[Donut417]

2 hours ago, Yongtjunkit said:

 

I'm currently using and iPhone 5 which can't be updated to iOS 11.1, is there any other way other than buying a new device to protect myself from this attack? I'm using am asus rt-ac68u as the router

Im not sure if updating your router is all you have to do. From my understanding all WiFi devices have this issue. While patched and non patched devices will be able to communicate, Im not sure what this does to your over all security. That being said, Ill assume your up shits creek on this one. Unless the Apple gods decide to just release a stand alone patch for older devices. 

 

I have a feeling your not the only person in this situation. How far back will router manufactures go with patches? My Dlink router hasnt had a firmware update in like 4 years. Lucky for me DDWRT was compatible and was a good upgrade for it. Now I gotta hope DDWRT updates their firmware otherwise Ill be upgrading to the new router. On top of the fact I have a host of devices, 3 phones, 3 tablets, first gen fire stick, second gen fire-stick, roku stick, and my laptop all on the wireless network. I gotta hope all these devices get updated. At this point all we can do is sit and watch. 

[S w a t s o n]

8 hours ago, jagdtigger said:

 

It seems TP-Link thinks otherwise:

If you read the whole thing they are still planning to patch affected devices.

[AnonymousGuy]

Synology patched this last night for their routers, amongst a few other things. 

 

1. Fixed multiple security vulnerabilities regarding WPA/WPA2 protocols for wireless connections (CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13084, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088).

Best router brand I've had.  Just look at the volume of updates they put out: https://www.synology.com/en-us/releaseNote/RT2600ac

[deltron3030]

According to the TP-Link forum, they're saying standard routers aren't affected. Does that sound right or are they just being lazy to provide an update?

 

Does Synology not make a lower level router? Cheapest I see is a 1900AC, which is over a $100. I'd be fine with a 1200AC level for well under a $100.

[LAwLz]

9 hours ago, deltron3030 said:

According to the TP-Link forum, they're saying standard routers aren't affected. Does that sound right or are they just being lazy to provide an update?

 

Does Synology not make a lower level router? Cheapest I see is a 1900AC, which is over a $100. I'd be fine with a 1200AC level for well under a $100.

There were multiple vulnerabilities disclosed. There are several small ones which aren't as serious, and some of those appear to affect all routers. Then there are some which don't affect all (because they lack support for 802.11r), and then there were some really big client vulnerabilities (which are unrelated to the routers).

 

The important updates are to the clients (so Windows, Android, MacOS, GNU/Linux, and so on) and not the routers. As long as your clients are patched you are relatively safe.

[Sniperfox47]

2 hours ago, LAwLz said:

There were multiple vulnerabilities disclosed. There are several small ones which aren't as serious, and some of those appear to affect all routers. Then there are some which don't affect all (because they lack support for 802.11r), and then there were some really big client vulnerabilities (which are unrelated to the routers).

 

The important updates are to the clients (so Windows, Android, MacOS, GNU/Linux, and so on) and not the routers. As long as your clients are patched you are relatively safe.

Android is going to be the main issue... The upcoming November security patch will plug it for all Nexus and Pixel devices, but who knows for other devices...

[Donut417]

3 hours ago, Sniperfox47 said:

Android is going to be the main issue... The upcoming November security patch will plug it for all Nexus and Pixel devices, but who knows for other devices...

Id figure One Plus will patch their devices as Ive gotten 4 or 5 patches since getting my One Plus One in January. Samsung will probably patch their devices. But yeah, a lot of these rink a dink manufactures probably wont issue patches. 

[Sniperfox47]

1 hour ago, Donut417 said:

Id figure One Plus will patch their devices as Ive gotten 4 or 5 patches since getting my One Plus One in January. Samsung will probably patch their devices. But yeah, a lot of these rink a dink manufactures probably wont issue patches. 

There have been 10 months since January. You should have gotten 10 security patches. Instead 1+ updates every two months... ish... if they feel like it...

 

Google, Blackberry, Fujitsu, General Mobile, Gionee, LG, Motorola, Oppo, Samsung, Sharp, Sony, and Vivo can all stay on top of patches every month, why not 1+?

[vanished]

7 hours ago, Sniperfox47 said:

Android is going to be the main issue... The upcoming November security patch will plug it for all Nexus and Pixel devices, but who knows for other devices...

Why is it android is still un-patched against this?  I had heard Windows got it months ago...

[jagdtigger]

1 minute ago, Ryan_Vickers said:

Why is it android is still un-patched against this?  I had heard Windows got it months ago...

Because manufacturers(well the very big majority of them) wont patch/update anything that is older than 1 or 2 year...

[vanished]

Just now, jagdtigger said:

Because manufacturers(well the very big majority of them) wont patch/update anything that is older than 1 or 2 year...

fail

[Donut417]

8 hours ago, Sniperfox47 said:

There have been 10 months since January. You should have gotten 10 security patches. Instead 1+ updates every two months... ish... if they feel like it...

 

Google, Blackberry, Fujitsu, General Mobile, Gionee, LG, Motorola, Oppo, Samsung, Sharp, Sony, and Vivo can all stay on top of patches every month, why not 1+?

The Fact is a lot of device manufactures dont support devices like One Plus. Thats part of the issue. The fact they have been patching it the way they have its good. Because to tell you what, LG never patched this way when I had the LG G3, never received regular patches from HTC when I had one of their devices. Samsung only patches because the US government made them. Google is the only company I know who regularly patches android devices, but the its their OS, so its expected. So the fact is 1+ in my eyes are doing what they need to do. They dont need to patch monthly, as long as the patches come in, thats all the matters. 

[Buurvrouw]

On ‎16‎.‎10‎.‎2017 at 3:04 AM, Ryujin2003 said:

Might just be better to reduce the power on your router. I can't access my network outside of my house, so someone would have to break in to attack WiFi... Internet security would be the least of problems at that point.

Does this only make my range less or also my speed? Else this would be an option for me.

 

@all, I also have a Pi-Hole. Does this also help with security regarding hackers etc.?

[samcool55]

3 minutes ago, Buurvrouw said:

Does this only make my range less or also my speed? Else this would be an option for me.

 

@all, I also have a Pi-Hole. Does this also help with security regarding hackers etc.?

Speed should be fine as long as the range is decent.

If you are on the edge of the wifi range speeds will drop a lot, but as long as the range is somewhat decent speed shouldn't change mutch. It will change tho, it all depends what hardware you have and what you want from your wifi.

 

Pi-hole doesn't help because to keep it simple. The vulnerable part is between your router/access point and your end device (phone, computer) that is wirelessly connected. Whatever is behind the router doesn't really matter safety wise because the vulnerability isn't there.

[Buurvrouw]

4 minutes ago, samcool55 said:

Speed should be fine as long as the range is decent.

If you are on the edge of the wifi range speeds will drop a lot, but as long as the range is somewhat decent speed shouldn't change mutch. It will change tho, it all depends what hardware you have and what you want from your wifi.

 

Pi-hole doesn't help because to keep it simple. The vulnerable part is between your router/access point and your end device (phone, computer) that is wirelessly connected. Whatever is behind the router doesn't really matter safety wise because the vulnerability isn't there.

and how can I get my Connection secure? I read about that you should use a VPN for wireless devices now with this WPA2 shit. Also I have a AVM Fritzbox and they claimed not to have any probs regarding this.

[samcool55]

18 minutes ago, Buurvrouw said:

and how can I get my Connection secure? I read about that you should use a VPN for wireless devices now with this WPA2 shit. Also I have a AVM Fritzbox and they claimed not to have any probs regarding this.

It's possible they have patched it or it wasn't an issue for them in the first place.

Thing is that your end devices also need patching (i think) which isn't an issue for linux because you can easily update them but android however could be an issue.

Windows is afaik not vulnerable either so that's not a problem either.

 

If the data leaves your end device encrypted (which is the case with HTTPS websites for example) there's no need to worry about it either. Even if the data gets stolen it's quite useless because it's already encrypted.

 

Getting a proper VPN subscription is always a good idea tho, if you can afford it i would get it

[Buurvrouw]

1 minute ago, samcool55 said:

It's possible they have patched it or it wasn't an issue for them in the first place.

Thing is that your end devices also need patching (i think) which isn't an issue for linux because you can easily update them but android however could be an issue.

Windows is afaik not vulnerable either so that's not a problem either.

 

If the data leaves your end device encrypted (which is the case with HTTPS websites for example) there's no need to worry about it either. Even if the data gets stolen it's quite useless because it's already encrypted.

 

Getting a proper VPN subscription is always a good idea tho, if you can afford it i would get it

Cool thanks, yea I have a 5 device PIA subscription =) I run Android 7.1.2 on my OnePlus X and my GF is getting a iPhone 6 and all of my other devices have W10

[Ryujin2003]

47 minutes ago, Buurvrouw said:

Does this only make my range less or also my speed? Else this would be an option for me.

 

@all, I also have a Pi-Hole. Does this also help with security regarding hackers etc.?

Reducing the broadcast power reduces the range not speed. For example, 100% may give you 100m range, but your house is only 50 meters wide. Your overshooting, unless you want/need WiFi outside. Otherwise, anyone that wants to try and break into your WiFi can sit outside in the road or even a neighbor's house that is in range. Reducing power reduces the range and therefore limits outside access to the network.

 

Think of your router puttibg out a bubble. Everything inside the bubble can access. Adjusting the per changes the size of the bubble, so you can control of it only encapsulates your house or not.

[Buurvrouw]

37 minutes ago, Ryujin2003 said:

Reducing the broadcast power reduces the range not speed. For example, 100% may give you 100m range, but your house is only 50 meters wide. Your overshooting, unless you want/need WiFi outside. Otherwise, anyone that wants to try and break into your WiFi can sit outside in the road or even a neighbor's house that is in range. Reducing power reduces the range and therefore limits outside access to the network.

 

Think of your router puttibg out a bubble. Everything inside the bubble can access. Adjusting the per changes the size of the bubble, so you can control of it only encapsulates your house or not.

Ah cool didn't know that with the power. I will cheeck the specs of my router how much range it has an calculate how much power I Need for how much range =)

 

Cool!

 

And I also thought about a Pi Firewall. Do you recommend such a Thing regarding Speed? Or do I just Need to configure it correctly that every Connection that I want to go out that it goes out normally.

Edited November 3, 2017 by Buurvrouw