WPA2 has been cracked

[Yongtjunkit]

What's going to happen to my iPhone 5 running iOS 10.3.3? Is it going to be vulnerable forever?

[Donut417]

Just now, Yongtjunkit said:

What's going to happen to my iPhone 5 running iOS 10.3.3? Is it going to be vulnerable forever?

Id assume so. 

[Yongtjunkit]

Just now, Donut417 said:

Id assume so. 

Will I be safe if Asus release an firmware update for Asus rtac68u?

 

[Donut417]

11 minutes ago, Yongtjunkit said:

Will I be safe if Asus release an firmware update for Asus rtac68u?

 

I assume so. Thought you will only be safe till the next vulnerability if found. As I figure this will become a regular thing. 

[Yongtjunkit]

1 hour ago, Donut417 said:

I assume so. Thought you will only be safe till the next vulnerability if found. As I figure this will become a regular thing. 

So basically an update on either the router or the client, then I would be safe then right?

[Donut417]

12 minutes ago, Yongtjunkit said:

So basically an update on either the router or the client, then I would be safe then right?

That I dont know. Basically all I know is patch and unpatched devices will be able to talk to each other.  

[Prox1ma]

12 hours ago, LAwLz said:

Apple - No statement yet but as with Windows, it seems like it is largely unaffected by this.

Any idea why?

[vanished]

5 hours ago, Donut417 said:

I assume so. Thought you will only be safe till the next vulnerability if found. As I figure this will become a regular thing. 

why?

[Donut417]

5 hours ago, Ryan_Vickers said:

why?

Because this shit happens over and over and over. Too many things have been hacked over the last few years. While Im sure they will find a fix, how long until someone discovers another hole? Then you have the issue of manufactures not wanting to support devices long term. So what happens if your using a device no longer supported? Not all users have the money to buy a new device. 

[kingfurykiller]

17 hours ago, silentprototipe said:

Well shit, Update everything? 

This is a good policy most of the time.  Cept if it's a windows update. Wait a day and check forums first.

 

Or if it's an Apple update, just buy a new phone.

[kingfurykiller]

8 hours ago, Ezilkannan said:

Any idea why?

From what I've heard, Windows does not fully follow the spec for WPA2. In a shocking sense of irony, this caused them to not be vulnerable to how this attach works

[TVwazhere]

12 hours ago, Yongtjunkit said:

Will I be safe if Asus release an firmware update for Asus rtac68u?

I updated mine last night, no idea if it included a fix for this, as I cant find patch notes on the Asus UI... (I'm a super networking noob for the most part so it might be right in front of my face. I did use AES encryption so thats at least one thing I got right :^) )

[Silentprototipe]

11 minutes ago, kingfurykiller said:

Or if it's an Apple update, just buy a new phone.

Hah I get it 

[LAwLz]

9 hours ago, Ezilkannan said:

Any idea why?

Haven't looked into it but my guess is that their have either patched it already (it's been known for quite a while, but not made public) or their implementation of the spec (IEEE 802.11i which WPA2 is based on is not super well defined) is just not vulnerable. 

 

Windows was patched back in October apparently.

 

 

Cisco has started releasing updates for their APs now. My college spoke to a Cisco rep and they will hopefully push out updates for more devices in the coming days.

You can check which models have gotten an update using this link.

[Drak3]

31 minutes ago, kingfurykiller said:

Or if it's an Apple update, just buy a new phone.

Spend $2,500 every year.

Auto login in OS X after it sleeps 3 times.

 

Decisions, decisions.

[DroidIt!]

I haven't read all 125 comments but here's a great summary article https://www.xda-developers.com/wpa2-wifi-protocol-vulnerability-krack/ What makes it worse is it's not just routers, but also appears to affect any Android device running 6.0 (Marshmallow) released back in fall 2015 as per the article. Nasty stuff.

 

However, if you're into rooting and can load a newer Lineage OS build, you can patch your phone yourself that way https://www.xda-developers.com/future-lineageos-14-1-builds-safe-krack/

[vanished]

4 hours ago, Donut417 said:

Because this shit happens over and over and over. Too many things have been hacked over the last few years. While Im sure they will find a fix, how long until someone discovers another hole? Then you have the issue of manufactures not wanting to support devices long term. So what happens if your using a device no longer supported? Not all users have the money to buy a new device. 

But Wifi security methods though?  Really?  The last one I recall was WEP and that was ages ago... afaik it's been pretty solid actually.  Not much precedent for this happening again soon.

[Prox1ma]

5 hours ago, LAwLz said:

Haven't looked into it but my guess is that their have either patched it already (it's been known for quite a while, but not made public) or their implementation of the spec (IEEE 802.11i which WPA2 is based on is not super well defined) is just not vulnerable. 

 

Windows was patched back in October apparently.

 

 

Cisco has started releasing updates for their APs now. My college spoke to a Cisco rep and they will hopefully push out updates for more devices in the coming days.

You can check which models have gotten an update using this link.

So, if I just have a router with WPA2-AES and don't have any android/linux devices connected to the network I shouldn't be worried?

[LAwLz]

13 minutes ago, Ezilkannan said:

So, if I just have a router with WPA2-AES and don't have any android/linux devices connected to the network I shouldn't be worried?

There were multiple exploits published with that white paper. Some are client related, and some are access point related. Honestly, you shouldn't really worry anyway because the attack is tricky to execute (for now) and patches are already rolling out for devices.

It is still recommended to install all updates which fixes the holes related to this.

[EvilLemur]

2 hours ago, Ezilkannan said:

So, if I just have a router with WPA2-AES and don't have any android/linux devices connected to the network I shouldn't be worried?

this is directly from who found the exploit.. Note that if your device supports Wi-Fi, it is most likely affected. During our initial research, we discovered ourselves that Android, Linux, Apple, Windows, OpenBSD, MediaTek, Linksys, and others, are all affected by some variant of the attacks. 

 

So if there is someone connected to the wifi then its susceptible... tho...  they say you have to be 1 meter away to be able to do the attack (to avoid having your packets not override the targets)  means that this exploit has alot of restrictions. so what worries me more is the final question and quote they have on there site. 

 

So you expect to find other Wi-Fi vulnerabilities?

“I think we're just getting started.”  — Master Chief, Halo 1

 

So the question is what else did they find?!? did they figure out how to break wpa2 like wep?

[S w a t s o n]

On 10/16/2017 at 12:36 PM, deltron3030 said:

Ditto. Last FW update is over a year old for my router.

Good news. http://forum.tp-link.com/showthread.php?101094-Security-Flaws-Severe-flaws-called-quot-KRACK-quot-are-discovered-in-the-WPA2-protocol

[Jito463]

On 10/16/2017 at 9:07 AM, LAwLz said:

From my understanding (I can't stress it enough that I have not looked into this very much) you will be safe if either the AP or the client (or preferably both) are patched. So a patched client connected to an unpatched AP will be safe, and an unpatched client connected to a patched AP will be safe (I've only spent like 5 minutes reading this so I might be wrong).

Well in that case, I'm pretty much hosed without buying new equipment.  My phone hasn't been upgraded past 7.0 (not even the 7.1 update), and the last security update for my phone was from August 1st.  Not to mention that the latest firmware for my router is from 2014.

On 10/16/2017 at 9:14 AM, Sniperfox47 said:

To be fair to router manufacturers, D-Link provided a firmware update to their ancient DIR-655 routers a few months back to fix a couple exploits in their web interface, and that's D-Link of all companies.

Given that my router is D-Link and the last update was 2014, I doubt I'll be seeing an update for it.

On 10/16/2017 at 10:24 AM, Crion said:

So I feel I must correct a misconception that I've seen circulating the internet regarding this.  This is a vulnerability in the implementation of WPA2 by various manufacturers, not the WPA2 protocol itself.

Well, yes and no.  Given that the protocol permits the implementation that's currently exploitable, then the issue does lie in the actual protocol itself.  However, some router manufacturers (such as MikroTik) use a more secure implementation which avoids this flaw.

 

So the flaw is in the implementation, but it exists because the protocol allows it.

[VagabondWraith]

Apple will patch this in iOS 11.1 releasing soon.

[deltron3030]

2 hours ago, Swatson said:

Good news. http://forum.tp-link.com/showthread.php?101094-Security-Flaws-Severe-flaws-called-quot-KRACK-quot-are-discovered-in-the-WPA2-protocol

Thanks, I feel a little bit better now. Just hope it all gets resolved soon.

And dude, where is your avatar from? It's so crazy.

[S w a t s o n]

56 minutes ago, deltron3030 said:

And dude, where is your avatar from? It's so crazy.

To be honest I'm not even sure the exact source. I saw the gif some years ago and liked it. This is the closest I've found to any source or context. Volume Warning
 

Spoiler