midgetwaiter
10-16-2017, 04:19 PM
Looks like this is going to to be pretty heavily covered in the news over the next couple of days but it never hurts to get the word out a bit. A researcher has discovered several significant flaws in the way that WPA2 Wifi encryption is implemented in basically everything. In the most heavily impacted products a malicious actor can use these flaw to trick a wifi client into using a bad encryption key allowing the bad actor to decrypt all of the wifi traffic.
This means that someone could not only read all of the traffic on your wifi network, they could possibly execute what is known as a man in the middle attack which would allow them to change that data before it reaches the client device, injecting a virus for example. However if that traffic is also encrypted through SSL/TLS like when you put your credit card details into a secured online store they wouldn't be able to read it right away, There are methods such as the TLS LOGJAM attack one can use on traffic from websites using outdated encryption protocols to get into the middle of that data stream as well though so it's not something you want to ignore.
Vendors of affected products were notified of the problem at the end of August and as such some of them have updates available already, more will become available shortly. Here's a list from US-CERT which is the primary tracking organization for such things.
http://www.kb.cert.org/vuls/byvendor?searchview&Query=FIELD+Reference=228519&SearchOrder=4
Microsoft had patches out last week that mitigate this, Apple has fixes in testing for their devices. Patches for Linux are available from Debian/Ubuntu now but not Redhat yet. Andriod is vulnerable to the simplest forms of this attack but patches will probably have to go from Google to device makers and then carriers so they could take a while. IOT devices like cameras , storage devices and speakers will be vulnerable as well but there isn't a definitive guide out there yet. Many of them use versions of Linux so the fix is available for the manufacturers to integrate.
And here is the researcher's website on the issues:
https://www.krackattacks.com/
This means that someone could not only read all of the traffic on your wifi network, they could possibly execute what is known as a man in the middle attack which would allow them to change that data before it reaches the client device, injecting a virus for example. However if that traffic is also encrypted through SSL/TLS like when you put your credit card details into a secured online store they wouldn't be able to read it right away, There are methods such as the TLS LOGJAM attack one can use on traffic from websites using outdated encryption protocols to get into the middle of that data stream as well though so it's not something you want to ignore.
Vendors of affected products were notified of the problem at the end of August and as such some of them have updates available already, more will become available shortly. Here's a list from US-CERT which is the primary tracking organization for such things.
http://www.kb.cert.org/vuls/byvendor?searchview&Query=FIELD+Reference=228519&SearchOrder=4
Microsoft had patches out last week that mitigate this, Apple has fixes in testing for their devices. Patches for Linux are available from Debian/Ubuntu now but not Redhat yet. Andriod is vulnerable to the simplest forms of this attack but patches will probably have to go from Google to device makers and then carriers so they could take a while. IOT devices like cameras , storage devices and speakers will be vulnerable as well but there isn't a definitive guide out there yet. Many of them use versions of Linux so the fix is available for the manufacturers to integrate.
And here is the researcher's website on the issues:
https://www.krackattacks.com/