ethernet master race
Though seriously this is why i dont use wifi outside a few specific places. ISP routers and public wifi isnt going to be patched for ages and im honestly thankful i dont use that anymore.
So is the “wi-fi” internet service providers are now literally “open sourcing” browser activity of everyone?
This is not the ISPs fault, stop being so dramatic.
Well…Good the world is basically screwed…again…
It was a good practice to never do anything important over public Wi-Fi ever…Now it is pretty much a necessity.
Hmmm I wonder how long until my ISP send an over the wire update… im going to go with never
Yeah i would never count on it either…I would use wifi only through my own router.
If you use RADIUS then this problem won’t affect you, most access points support WPA enterprise, you just need something to run freeradius on.
Pfsense box inline here we come
If I ever am forced to use a public wifi, I use VPN to hopefully help keep my communications secure. It doesn’t completely prevent MIM attacks in the short time I connect to wifi and then connect to VPN but its better than nothing.
As for wifi at home, would most people recommend setting up a separate VLAN for your wireless AP? It won’t protect devices connected via wifi, but perhaps it will protect my servers and other wired equipment somewhat. This could be very inconvenient for some services (SMB) in order to maintain some sense of security though… I wonder how long it will take for manufacturers to patch this vulnerability?
How can I check if I am using the insecure version of the protocol?
The article makes no reference to attackers being able to inject packages, only read them. Since ethernet devices don’t send any packages over WiFi they are unaffected.
Ha! Don’t get your hopes up
Can it even be patched? It’s a problem with the protocol after all.
You are correct. This is a fundamental problem with the 4-way handshake and will likely not be corrected but I think it could be patched. The behaviour where the AP resends its key in the 3rd part of the handshake could be patched to instead start the whole handshake all over again. It would suck if you were in a spotty wifi area already but would serve to prevent the attack.
Will manufacturers bother with that? probably not. We may be looking at a situation similar to when WEP was broken. It took many years before I didnt see any WEP being used.
I’m looking forward to playing with it when I get home though.
The router isn’t affected, its a client side attack. So patch the clients, not the router.
Supposedly WPA2 Enterprise is also affected. Not sure exactly how that attack would look but take a look at the Github page
Our main attack is against the 4-way handshake of the WPA2 protocol. This handshake is executed when a client wants to join a protected Wi-Fi network, and is used to confirm that both the client and access point possess the correct credentials (e.g. the pre-shared password of the network). At the same time, the 4-way handshake also negotiates a fresh encryption key that will be used to encrypt all subsequent traffic. Currently, all modern protected Wi-Fi networks use the 4-way handshake. This implies all these networks are affected by (some variant of) our attack. For instance, the attack works against personal and enterprise Wi-Fi networks, against the older WPA and the latest WPA2 standard, and even against networks that only use AES. All our attacks against WPA2 use a novel technique called a key reinstallation attack (KRACK):
I’m not sure how, the handshake is encrypted with TLS in WPA enterprise. They could just mean enterprise wi-fi networks as in the kind of network and not the version of WPA it’s using.
The researchers went on to say that the weakness allows attackers to target both vulnerable access points as well as vulnerable computers, smartphones and other types of clients with differing levels of difficulty. Both Windows and iOS aren’t believed to be vulnerable to the most effective attacks. Linux and Android appear to be more susceptible, because attackers can force network decryption on clients in seconds with little effort. Linux patches are available but it’s not immediately clear when they will become available for various distributions and for Android users. Patches are also available for some but not all Wi-Fi access points.
I find this paragraph odd and little detail is given. If this is a flaw with the protocol, why would Linux be considered more susceptible than Windows? It also mentions patches are available but doesn’t give specifics. How can I be sure I have the correct patches?
This is pretty interesting, it’s odd that this is more of an attack on the OS side than the access point side… so that means we’re having to patch the hardware on the user side to remedy this issue.
I wonder why they’re suggesting these remedies, then:
“Our main attack is against the 4-way handshake, and does not exploit access points, but instead targets clients. So it might be that your router does not require security updates. We strongly advise you to contact your vendor for more details. In general though, you can try to mitigate attacks against routers and access points by disabling client functionality (which is for example used in repeater modes) and disabling 802.11r (fast roaming). For ordinary home users, your priority should be updating clients such as laptops and smartphones.”
From what I got out of the github (still reading it) they can forge packets to the router as well.
EDIT: also the AP isnt checking to make sure the client isnt using an already used key from another client.
Well after I thought about it, you’d still need to patch the AP if you’re using mesh/bouncers since those are talking to each other so it makes sense.
Not sure about 802.11r since I’ve never used that before, so I’m not familiar with it.