-
Hey, guest user. Hope you're enjoying NeoGAF! Have you considered registering for an account? Come join us and add your take to the daily discourse.
All your WiFi devices are broken, Android/Linux devices particularly devastated
- Thread starter emag
- Start date
Just to check if I understood:
with this breach someone can come and, with the right equipment and after finding a device that is not patched (easy), pretends that he is the router, so that he can read all infor that goes through tihs network (including the 'safe' devices, patched)?
And where does the router comes in the equation? Few pages back there was people saying that there are already update files for some routers (dd wrt). How does it change anything? In the other thread it was speculated that if your device or your router is patched you are safe. Is it?
I just updated my router to dd wrt (I was already going to do it, just stopped in the middle of the process a few months ago lol anyway, I dont think its a patched fw because its from 10/10).
with this breach someone can come and, with the right equipment and after finding a device that is not patched (easy), pretends that he is the router, so that he can read all infor that goes through tihs network (including the 'safe' devices, patched)?
And where does the router comes in the equation? Few pages back there was people saying that there are already update files for some routers (dd wrt). How does it change anything? In the other thread it was speculated that if your device or your router is patched you are safe. Is it?
I just updated my router to dd wrt (I was already going to do it, just stopped in the middle of the process a few months ago lol anyway, I dont think its a patched fw because its from 10/10).
Hello? This is Hailun!
Member
1> Your step dad's android being compromised (which isn't going to happen) wouldn't break it for you.
2> Patching your router isn't the fix, patching your device is. The exploit happens when your device tries to reassociate with an AP either due to roaming, time out, association drop, etc.
Hello? This is Hailun!
Member
Can only read your transmissions. Has to basically be in the room with you. Has to wait for your device to reassociate with an AP.
awesome.....time to patch a bunch of stuff in the next week.....this doesn't seem too bad, but I avoid public Wi-Fi's like the plague even when they have it anyways
So basically someone has to be literally right there when I'm establishing connection to the router......with my routers info.....yes, its definitely a problem but I can't see home networks unless you are in a massively rich area being effected and public wifis would be insanely easy to target
Don't worry too much about it unless you live in a crowded condo filled with wanna be hackers. And your network is unlikely to be compromised by one vulnerable device. Feasible but super unlikely.
Hello? This is Hailun!
Member
Some stuff was secretly patched over the past month, some stuff patches dropped today.
Android is a particular worry because if someone is *really* smart they could hack the actual wifi network, send deauths, force the exploit, and then sent apt-get or apt-put to android phones to install software.
Transistor
Banned
So the October Android Security Patch level should fix this?
RoadHazard
Gold Member
How do you figure that? I can see like 15 Wi-Fi networks on my phone from my living room.
MikeHaggar
Member
Isn't it relatively easy to brute force someone's wifi password? Assuming it is, once you are on the network you can set up packet sniffer and catch everything. How is this worse than that scenario?
Google says November 6.
I guess those of us in urban areas are hit harder than rural folks.
No.
Hello? This is Hailun!
Member
It's easy in that you basically setup the software to do it.
But that requires deauth, capturing the handshake, and then running decrypt on the key, which can take *years*.
I can limit the power output on my router to only work within my house if need be
Yes, this sounds like its more of a nightmare for hospitals, banks and major corps which will obviously be the bigger targets....if not THE targets they want data from
RoadHazard
Gold Member
If it's a very weak password, I guess? Not if it's strong. Would take a very long time, and wouldn't be worth the effort I'd think.
Hello? This is Hailun!
Member
1> Not really, because if you're associated with your AP and it doesn't completely dump your client when your device goes to sleep, you won't reassociate for the black van to potentially see the exploit.
2> Most important info like CC, health records, etc are often transmitted on hardwire systems anyway.
Hello? This is Hailun!
Member
You tha real MVP.
However, in MDU and suburbs over the next 5 years or so? Yeah, my job is working to fix the "help I'm surrounded by 73 SSIDs" problem.
ooooooo,
sound like fun lol
I already can see 15 networks.....only 3 are actual routers though lol
for those who want a short term solution that i think might work
Opera has a VPN built right into their browser for easy use.....maybe use that for the time being if you wish to browse and don't want to pay
McStickenstein
Member
So my old Dell tablet stuck on Android 5.0 is out of luck with an update? Dell already officially announced that they dropped support for it a while back.
CreepingFear
Member
./cdn.vox-cdn.com/uploads/chorus_image/image/49493993/this-is-fine.0.jpg)
LoveCake
Member
I just had an update on my Linux Mint.
This site seems to explain it pretty well for the non-technically minded people.
KRACK Wi-Fi attack threatens all networks: How to stay safe and what you need to know
https://www.pcworld.com/article/3233308/security/krack-wi-fi-security-flaw-faq-tips.html?
This site seems to explain it pretty well for the non-technically minded people.
KRACK Wi-Fi attack threatens all networks: How to stay safe and what you need to know
https://www.pcworld.com/article/3233308/security/krack-wi-fi-security-flaw-faq-tips.html?
Hello? This is Hailun!
Member
Yes but no telling how many security flaws are on that thing so no sense in getting worked up over it now.
RoadHazard
Gold Member
Opera is also owned by a Chinese company since some time back, so... I dunno?
Well, I discover this summer that you can't even create a website that ask login/password on non https that won't make Firefox go mad.
It was a hassle (I just wanted some documents not totally public) to get a cert just because of this (Firefox also refuse self-signed certs and some referees) but I guess that means there's not much non-https indeed.
But if they can inject packets, couldn't there be some elaborate DNS spoofing and man in the middle attacks?
Not around me. Every doctor office and hospital I have been to lately use tablets which have all your data on the screen.
polyh3dron
Banned
Something tells me the 3DS won't get a firmware update to address this...
sixteen-bit
Member
Stability tho
It's still getting security updates, so I wouldn't rule it out entirely.
Everyone's been saying that a bad guy can basically impersonate a router in the worst case.
Can a bad guy impersonate a client and access a router, and thus access the whole network? I don't think that's possible but I'd like to confirm anyway.
edit: only if you're using AES-GCMP, a Wireless-AC/WiGig feature that is probably not yet enabled in modern networking hardware. Probably.
Can a bad guy impersonate a client and access a router, and thus access the whole network? I don't think that's possible but I'd like to confirm anyway.
edit: only if you're using AES-GCMP, a Wireless-AC/WiGig feature that is probably not yet enabled in modern networking hardware. Probably.
I've read over this about 3 times and I'm still not sure I understand the limitations here.
1. Is this attack ONLY possible by faking router radio packets during the handshake?
2. Once the attack has been executed, since the wireless network key appears not to be revealed and they can't join the network, the hacker can still sniff the packets and possibly decrypt them if they guess some known content, even without THEMSELVES being allowed onto the network?
If both of the above are true that's bad but it seems to be that anyone should treat non HTTPS connections as insecure anyway. The possibility of this attack allowing a man in the middle attack on an HTTPS connection is more concerning to me.
1. Is this attack ONLY possible by faking router radio packets during the handshake?
2. Once the attack has been executed, since the wireless network key appears not to be revealed and they can't join the network, the hacker can still sniff the packets and possibly decrypt them if they guess some known content, even without THEMSELVES being allowed onto the network?
If both of the above are true that's bad but it seems to be that anyone should treat non HTTPS connections as insecure anyway. The possibility of this attack allowing a man in the middle attack on an HTTPS connection is more concerning to me.
BolognaSoup
Member
So Furthermore if you dont broadcast your network ID then you would be even harder to breach?
Morrigan Stark
Arrogant Smirk
My phone is pretty old (Samsung Galaxy S3). Am I already dead?
Dominican Power
Member
Has verizon issued a response?
BreezyLimbo
Banned
So if I have a windows computer and use wifi through a linksys usb stick, what should I be updating? Windows or the stick?
Dominican Power
Member
Windows already updated on the 10th.
NekoFever
Member
If anyone's waiting to hear from Apple, they've apparently said it's fixed in the latest iOS, macOs, etc betas. Based on past update schedules the x.1 releases come out in mid-late October so the public releases should be very soon.
If I'm reading this from MS properly, it looks like Windows 7, 8, 10, Server 2008, Server 2012, and Server 2016 were all patched last week as part of October's monthly patches.
good question since they need to impersonate your router for the handshake don't they?
Jazzy Network
Member
Using a VPN has a lesser chance of being exploited?
BreezyLimbo
Banned
Yeah but should I be worried because my linkys usb stick that gives my computer wifi isnt updated? Does that have to be updated seperately?
Transistor
Banned
You need to patch your routers AND your devices