WiFi Vulnerabilities
-
- BronzeLounger
- Posts: 1598
- Joined: 26 Jan 2010, 20:28
- Location: Ottawa ON
WiFi Vulnerabilities
I came across this article today on the BBC site. Does anyone have any further information on this?
Regards,
Paul
The pessimist complains about the wind. The optimist expects it to change. The realist adjusts his sails.
Paul
-
- Administrator
- Posts: 12615
- Joined: 16 Jan 2010, 15:49
- Location: London, Europe
Re: WiFi Vulnerabilities
Here is some more information for you...
https://www.krackattacks.com/
Bottom line is that you should update the patches on every device that has a WiFi adapter as soon as the patches come out.
https://www.krackattacks.com/
Bottom line is that you should update the patches on every device that has a WiFi adapter as soon as the patches come out.
StuartR
-
- Administrator
- Posts: 78545
- Joined: 16 Jan 2010, 00:14
- Status: Microsoft MVP
- Location: Wageningen, The Netherlands
Re: WiFi Vulnerabilities
There are no implementations in the wild yet, so hopefully, the flaw can be repaired in time.
More info:
KRACK attacks
Regarding Krack Attacks — WPA2 flaw
More info:
KRACK attacks
Regarding Krack Attacks — WPA2 flaw
Best wishes,
Hans
Hans
-
- gamma jay
- Posts: 25455
- Joined: 17 Mar 2010, 17:33
- Location: Cape Town
Re: WiFi Vulnerabilities
A bit more useful info to know about...
Regards,
Rudi
If your absence does not affect them, your presence didn't matter.
Rudi
If your absence does not affect them, your presence didn't matter.
-
- Microsoft MVP
- Posts: 1320
- Joined: 24 May 2013, 15:33
- Location: Warminster, PA
Re: WiFi Vulnerabilities
Something I haven't seen in any of the articles about KRACK is whether a WiFi-connected printer is vulnerable. I do notice that none of the major printer manufacturers appear in the lists of companies that have released or promised updates.
Because my printer sits only half a meter from my router, I'm going to reconnect it by Ethernet until I either get an update or read that it isn't vulnerable.
Because my printer sits only half a meter from my router, I'm going to reconnect it by Ethernet until I either get an update or read that it isn't vulnerable.
-
- Administrator
- Posts: 12615
- Joined: 16 Jan 2010, 15:49
- Location: London, Europe
Re: WiFi Vulnerabilities
Since the defect is in the protocol, EVERY device that uses WPA to connect to WiFi is vulnerable. If you are sending confidential data to a WiFi printer then it could be compromised by someone who is close enough to inject and trace WiFi packets.
StuartR
-
- Microsoft MVP
- Posts: 1320
- Joined: 24 May 2013, 15:33
- Location: Warminster, PA
Re: WiFi Vulnerabilities
Thanks, Stuart.
-
- Administrator
- Posts: 12615
- Joined: 16 Jan 2010, 15:49
- Location: London, Europe
Re: WiFi Vulnerabilities
I am pretty sure that if ALL of your clients are patched then you will be OK, even if there is no patch for the router, but I may be wrong.
StuartR
-
- Microsoft MVP
- Posts: 1320
- Joined: 24 May 2013, 15:33
- Location: Warminster, PA
Re: WiFi Vulnerabilities
We have two Windows desktops connected with Ethernet cable, and two Windows 10 (patched) desktops and a Windows 10 (patched) laptop on WiFi, so those are OK. But besides the printer, my phone (an LG on Android 7.0) and a tablet (Samsung Galaxy Tab A on Android 6.0) are on WiFi, and none of them find any patches. The router provided by my ISP (made by Actiontec) has no patch, and the manufacturer hasn't responded about whether they'll provide one.
I'll have to hope there aren't any bad actors cruising our neighborhood looking for vulnerable networks.
I'll have to hope there aren't any bad actors cruising our neighborhood looking for vulnerable networks.
-
- Microsoft MVP
- Posts: 1320
- Joined: 24 May 2013, 15:33
- Location: Warminster, PA
Re: WiFi Vulnerabilities
Following up on one point, it seems my router doesn't need patching. Quoting a knowledgeable poster named Shady Bimmer in the thread https://www.dslreports.com/forum/r31659 ... nerability,
That just leaves the phone, the tablet, and maybe the printer to be updated.The handshake vulnerabilities may only be addressed by client-side updates. Any updates on APs would only be for:In detail, the handshake vulnerabilities specifically leverage a replay attack of the 3rd message of the 4-way handshake. This happens only in the direction to the client and takes advantage specifically of a weakness in the client-side implementation. There is nothing on the AP side that may be done to change this.
- Their STA (client-side) functionality such as in mesh or with wireless uplinks
- Their 802.11r implementation. This would be an AP-only fix for APs supporting BSS fast transition
-
- Administrator
- Posts: 78545
- Joined: 16 Jan 2010, 00:14
- Status: Microsoft MVP
- Location: Wageningen, The Netherlands
Re: WiFi Vulnerabilities
Google has promised a patch for Android (I assume at least versions 7 and 8, hopefully also for version 6) for November 6, 2017. But unfortunately, when this patch will reach your phone depends on its manufacturer. Some brands are notoriously slow at rolling out Android updates...
Best wishes,
Hans
Hans