cancel
Showing results for 
Search instead for 
Did you mean: 

Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping

Community Veteran
Posts: 2,286
Thanks: 109
Fixes: 4
Registered: ‎18-02-2013

Re: Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping

For those Using DD_WRT Atheros based chipsets etc and wanting a patch that may reduce the risk!, Brainslayer has updated the list.

Nimrod
Hooked
Posts: 5
Thanks: 4
Registered: ‎19-10-2017

Re: Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping

As I understand it, the greatest risk seems to be in using an unpatched laptop/tablet or mobile phone in a public wi-fi area where your device is connected, or is actively seeking to connect, to a vulnerable network. Does that sound right, or do I have it wrong?

Not enablling wi-fi, unless you absoulutely have to, seems the safest course of action at the moment. :undecided:

 

BertieBassett
Grafter
Posts: 45
Thanks: 22
Registered: ‎05-02-2016

Re: Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping

Apologies for the repetition folks, But:-

  1. My laptop is domiciled next to my Plus Net router. I have therefore disabled the WiFi on my laptop and connected a direct ("Ethysomething?") cable. Does this solve the problem short term please?
  2. I have Norton and they are offering a VPN (?) type addition to my Norton Security package. Is this worth it ?

Please?:smiley:

Nimrod
Hooked
Posts: 5
Thanks: 4
Registered: ‎19-10-2017

Re: Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping

@BertieBassett   Hi Bertie, the problem is in the Wi-Fi security protocols (WPA2) currently used on most, if not all, routers and on smartphones. If you are not using Wi-Fi to connect your laptop to the internet and are using an Ethernet cable, then you should be prfectly safe. Microsoft has patched Windows. I am in the same boat as you, waiting to find out if/when Plusnet will patch our routers.

 

Hope this helps a bit.

 

Nimrod :coolsmiley:

BertieBassett
Grafter
Posts: 45
Thanks: 22
Registered: ‎05-02-2016

Re: Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping

Ah thanks Nimrod. That does help. So I'm running a cable from my router to my laptop, windows has been patched and it's (sort of) unlikely that someone will sit outside the house of little old me to pick up my Amazon password from my Kindle fire or Amazon Fire-stick. Onward and upwards methinks. Back to worrying about all life's other little proclivities.  

kjpetrie
Rising Star
Posts: 151
Thanks: 21
Fixes: 2
Registered: ‎19-12-2010

Re: Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping

Garywood84 wrote "And, they would have to care about the data you are transmitting on your network in order to go to the effort of bothering to hack."

I respectfully disagree. If I were a hacker seeking to gain access to a neighbour's network, it would probably be less about reading their data than sending my own illegal or antisocial content through their connection so they and not I got the blame! Think spam, jihadist nonsense or child porn. Think of the police turning up on your doorstep at 5 am to take you away. That is probably the real threat to the ordinary user.

As for devices only being vulnerable at the moment of connection, it would be trivial to transmit a burst of interference to disrupt the connection to force the device to reconnect, so they wouldn't have to be there at the moment you happened to switch on.

 

 

Highlighted
garywood84
Grafter
Posts: 289
Thanks: 3
Registered: ‎30-07-2007

Re: Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping

I would be worried about this too @kjpetrie. But my reading of the vulnerability is that this wouldn't happen. I could be wrong, but from what I've read, I don't think there's a risk of a hacker gaining access to your network by logging on to it with their own device and using the network as if they were a legitimate user. Rather, the vulnerability enables a hacker to break into legitimate connections from your devices and spy on data you're transmitting.

kjpetrie
Rising Star
Posts: 151
Thanks: 21
Fixes: 2
Registered: ‎19-12-2010

Re: Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping

Apparently eavesdropping is one of the things the hacker can do. The other is "hijack unencrypted web sessions". That would give the hacker the opportunity to divert or modify packets, so using the session to inject their own material. Presumably that could be outgoing or incoming and either could be used to achieve undesirable results - incoming by gaining access to install malware and outgoing by sending material out onto the web.

 

Geebee
Newbie
Posts: 4
Thanks: 2
Registered: ‎17-10-2017

Re: Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping

So is Plus Net going to give us any info on any router firmware upgrades or are they going to leave their customers with insecure boxes?

The majority of people are not tech savvy and it could have a negative impact on business and the brand.

 

garywood84
Grafter
Posts: 289
Thanks: 3
Registered: ‎30-07-2007

Re: Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping

We need to give Plusnet some time on this. Even the big players like Samsung haven't released any announcenents or patches yet. The vulnerability was only announced last week, and it will inevitably take some time for manufacturers and service providers to make patches available to customers. A reasonable timescale for this would be for patches to appear by Christmas.

In the meantime, see my earlier post on this thread for why this really isn't that urgent anyway. In short, the risks exist only whilst you are connecting to your router, and not once you have connected. And for anyone to exploit the vulnerability, they would have to be within range of your wifi at the time you are connecting a device to it.
kjpetrie
Rising Star
Posts: 151
Thanks: 21
Fixes: 2
Registered: ‎19-12-2010

Re: Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping

I have already explained why that last paragraph is not true. Wireless can be jammed, forcing a temporary loss of the connection until the jamming stops, at which point the system will reconnect and be vulnerable as it does so.

 

garywood84
Grafter
Posts: 289
Thanks: 3
Registered: ‎30-07-2007

Re: Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping

Fair enough. But how many of your neighbours would have any idea (or even care enough) to try and jam your network to gain unauthorised access? This is a risk, and it needs to be fixed, but we need to keep a sense of perspective. You're much more likely to get hit by a car as you carelessly walk down the street reading your phone than you are suffer any negative effects of this issue!

easuter
Dabbler
Posts: 13
Thanks: 11
Registered: ‎16-10-2017

Re: Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping

@garywood84 you have a point, however consider those living in high population density areas in large cities. There may be nefarious individuals who will simply perform "drive-by" attacks and hoover up large amounts of data from multiple victims. Back in the day when wifi networks were unprotected or used the laughable WEP protocol this was definitely a thing.

 If you think the range on your router will protect you, something as simple as a pringles tin makes for a very effective directional antenna Smiley

 

It's also a mistake to think that nobody would be interested in your online activity, no matter how mundane you may think it is. But given that I've been a victim of identity theft, maybe I'm just paranoid now.

Still, I'd urge anyone who isn't living on a farm in the middle of nowhere to disable wifi on your phones/laptops if you know they're not going to be patched.

Mando
Newbie
Posts: 4
Thanks: 1
Fixes: 1
Registered: ‎24-10-2017

Re: Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping

@BertieBassett

 

1) The problem disappears for the device when using wired connectivity mate. IF wifi is disabled on your router its a moot point Smiley

2) Short answer, No. its a sales tactic, a pretty pathetic one at that.

Longer answer :- Using a VPN to access your wireless is a silly thought, if your connected to an online VPN, then your already online and why would you need to connect to a wireless internet gateway to get online........<scratches head> shame on Symantec and other vendors for using the exploit as a sales tactic. 

 

Also for this attack vector to be a success relies on a couple of prereqs.

 

1) they need to reroute https traffic. 

2) they have to have already cloned your router/setup. (MITM attack vector)

3) they need to be in range of your wireless signal. (look outside of dodgy types sitting on your garden bench with a laptop)

 

Real world instances of this, will be virtually nil.

 

Mitigation that can make it harder to compromise via krakattack.

1) use MAC address filtering router side.

2) use https whenever possible.

3) enable AES-CCMP authentication on WPA2 if possible

4) patch all wireless clients if available.

5) if you must use a router bridge (aka a router extending from another router) bridge them via a LAN cable, utilising powerline adapters if its too far/inconvenient to lay cabling (nonwifi models ofc). Then routers are not affected.

Moderator's note by Mike (Mav): Post released from Spam Filter.

Tench
Dabbler
Posts: 20
Thanks: 8
Registered: ‎22-04-2015

Re: Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping

The biggest danger by far is the exploits potential to redirect browser request to a malicious site, or inject code directly into the browsers cache and call it. Once an attacker installs a trojan the machine is owned, as is everything a user does on it. Typed passwords would be trivial to log, online banking, card payments, paypal, social media, etc. 

Only an idiot would encourage users to not take this seriously. How long before the darknet blackhats are selling ready-rolled apps to script kiddies? There's a lot of denial and false information being seeded, it stinks. A 200 yard radius is trivial for anyone with a Wok and a wifi dongle.

Ne'er-do-wells are more tech savvy than you'd think.