Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping

A little security "education" for those worrying about their routers and KRACK. This WPA2 vulnerability is only a client side attack. This means your router is ONLY at risk if you are using it as a client. To do this you would have to be running in bridge or repeater mode. Almost all of the home retail routers come as default with BRIDGE off. Thus the router is not a client and is not going to entertain the handshake at risk here. l forgot to bring the link with me but Netgear has some great articles about this on their website.

Computer wifi users running Linux (Ubuntu, Debian,etc.. which are new enough to still be receiving system updates) and Windows ( running versions 7-- > 10) have no fears regarding KRACK IF you have updated the OS. This was a simple patch and its already in the rear view mirror for these systems.

Android and Apple users are at the mercy of their providers pushing the needed, yet simple, updates. My Google Pixel (running Android Oreo 8 already) is being pushed the stable version fix on Nov 6, while the Google Pixel beta testors are running it now. Google pushes almost immediately to their phones. Remember Google is the Android code. Everybody else will wait in a long and tedious line at the mercy of their phone provider. Even the also expensive Note 8 is still running Android 7 and will be for many more months, shame. Some providers are terrible and will never push the updated code, but will still happily take your money to operate a smartphone that is wayyyyyyy out of date.

 

"The WPA2 vulnerability"?

I think you mean, vulnerabilities

KRACK is the combination of 10 exploits.

You can read more about the exploits by clicking the CVE links on the main website: https://www.krackattacks.com/#details

Yes, you 100% need to patch your router. If you can't, throw it out and buy a newer one that gets patches or look into custom firmware (there is many to choose from).

Don't just trust that something like this won't happen again in future.

 

Per the above link:

Since Microsoft has already issued a patch for Windows, I would say at this point your risk from this vulnerability is minimal. If you're a laptop, tablet, etc. user, you should be already employing safe security practices if using a public Wi-Fi, Internet cafe, or like high risk connection environments.

 

Another thing that needs to be noted is this vulnerability only applies to 802.11r. Per the krackattacks link:

Using a Linksys router for example:

https://www.linksys.com/gb/support-article?articleNum=200528

-EDIT- Also Linksys is not on the list of CERT's vendors. Suspect they aren't affected since they are using a proprietary ver. of 802.11r.

 

Good counter points guys! My fairly new router has been patched for "family machine" using WPA2. For this and related computers its all Cat 6 and no wifi on a different LAN and router connected to it. No wireless on this router at all.

Question: would MAC lock (access control) on the router tend to stop this attack (from an amateur) just cruising around in war drive mode? Since the router wouldn't respond to a MAC not in the approved list would someone maybe think its a patched router and just move on?

 

It depends first and foremost if 802.11r is being used. I just checked my AT&T Pace/Motorola router and its Wi-Fi 2.4 and 5Ghz connections don't even support 802.11r.

 

I see in my husband laptop (Fujitsu) that it has 802.11n wi fi so the laptop is used only at home and is a windows 10 with security patch. Is at risk? what is the difference between 802.11n and 802.11r?

 

802.11n determines the max theoretical bandwidth.
802.11r provides Fast BSS Transition. It is useful if you have a multi-floor building and one, big Wifi network and several routers/APs and mobile devices roaming between these routers/APs.

 

No.

 

many thanks for the reply. So even if the router will be never patched the laptop is secure?

 

Yes as long as you don't install a second router and switch the first to "pass through" all traffic to the second router. Also both routers would have to be Wi-Fi routers. Most ISP's issue Ethernet routers since the connection is via DSL.

 

Industrial Products Also Vulnerable to KRACK Wi-Fi Attack

http://www.securityweek.com/industrial-products-also-vulnerable-krack-wi-fi-attack

 

Apple has released security updates which also include a fix for KRACK:
https://support.apple.com/en-us/HT201222

 

More Industrial Products at Risk of KRACK Attacks

http://www.securityweek.com/more-industrial-products-risk-krack-attacks

 

Researchers KRACK Wi-Fi Again, More Efficiently This Time
October 9, 2018
https://www.securityweek.com/researchers-krack-wi-fi-again-more-efficiently-time

Research paper (PDF): https://papers.mathyvanhoef.com/ccs2018.pdf