Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Plusnet Community
- :
- Forum
- :
- Help with my Plusnet services
- :
- My Router
- :
- Re: Severe flaw in WPA2 protocol leaves Wi-Fi traf...
Re: Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping
20-10-2017 4:02 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
For those Using DD_WRT Atheros based chipsets etc and wanting a patch that may reduce the risk!, Brainslayer has updated the list.
Re: Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping
20-10-2017 5:23 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
As I understand it, the greatest risk seems to be in using an unpatched laptop/tablet or mobile phone in a public wi-fi area where your device is connected, or is actively seeking to connect, to a vulnerable network. Does that sound right, or do I have it wrong?
Not enablling wi-fi, unless you absoulutely have to, seems the safest course of action at the moment.
Re: Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping
20-10-2017 6:20 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Apologies for the repetition folks, But:-
- My laptop is domiciled next to my Plus Net router. I have therefore disabled the WiFi on my laptop and connected a direct ("Ethysomething?") cable. Does this solve the problem short term please?
- I have Norton and they are offering a VPN (?) type addition to my Norton Security package. Is this worth it ?
Please?
Re: Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping
20-10-2017 6:58 PM - edited 20-10-2017 7:10 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
@BertieBassett Hi Bertie, the problem is in the Wi-Fi security protocols (WPA2) currently used on most, if not all, routers and on smartphones. If you are not using Wi-Fi to connect your laptop to the internet and are using an Ethernet cable, then you should be prfectly safe. Microsoft has patched Windows. I am in the same boat as you, waiting to find out if/when Plusnet will patch our routers.
Hope this helps a bit.
Nimrod
Re: Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping
21-10-2017 9:31 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Ah thanks Nimrod. That does help. So I'm running a cable from my router to my laptop, windows has been patched and it's (sort of) unlikely that someone will sit outside the house of little old me to pick up my Amazon password from my Kindle fire or Amazon Fire-stick. Onward and upwards methinks. Back to worrying about all life's other little proclivities.
Re: Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping
21-10-2017 5:25 PM - edited 21-10-2017 5:30 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Garywood84 wrote "And, they would have to care about the data you are transmitting on your network in order to go to the effort of bothering to hack."
I respectfully disagree. If I were a hacker seeking to gain access to a neighbour's network, it would probably be less about reading their data than sending my own illegal or antisocial content through their connection so they and not I got the blame! Think spam, jihadist nonsense or child porn. Think of the police turning up on your doorstep at 5 am to take you away. That is probably the real threat to the ordinary user.
As for devices only being vulnerable at the moment of connection, it would be trivial to transmit a burst of interference to disrupt the connection to force the device to reconnect, so they wouldn't have to be there at the moment you happened to switch on.
Re: Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping
21-10-2017 7:01 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
I would be worried about this too @kjpetrie. But my reading of the vulnerability is that this wouldn't happen. I could be wrong, but from what I've read, I don't think there's a risk of a hacker gaining access to your network by logging on to it with their own device and using the network as if they were a legitimate user. Rather, the vulnerability enables a hacker to break into legitimate connections from your devices and spy on data you're transmitting.
Re: Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping
21-10-2017 10:06 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Apparently eavesdropping is one of the things the hacker can do. The other is "hijack unencrypted web sessions". That would give the hacker the opportunity to divert or modify packets, so using the session to inject their own material. Presumably that could be outgoing or incoming and either could be used to achieve undesirable results - incoming by gaining access to install malware and outgoing by sending material out onto the web.
Re: Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping
23-10-2017 11:46 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
So is Plus Net going to give us any info on any router firmware upgrades or are they going to leave their customers with insecure boxes?
The majority of people are not tech savvy and it could have a negative impact on business and the brand.
Re: Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping
24-10-2017 7:40 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
In the meantime, see my earlier post on this thread for why this really isn't that urgent anyway. In short, the risks exist only whilst you are connecting to your router, and not once you have connected. And for anyone to exploit the vulnerability, they would have to be within range of your wifi at the time you are connecting a device to it.
Re: Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping
24-10-2017 4:51 PM - edited 24-10-2017 4:54 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
I have already explained why that last paragraph is not true. Wireless can be jammed, forcing a temporary loss of the connection until the jamming stops, at which point the system will reconnect and be vulnerable as it does so.
Re: Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping
24-10-2017 5:01 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Fair enough. But how many of your neighbours would have any idea (or even care enough) to try and jam your network to gain unauthorised access? This is a risk, and it needs to be fixed, but we need to keep a sense of perspective. You're much more likely to get hit by a car as you carelessly walk down the street reading your phone than you are suffer any negative effects of this issue!
Re: Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping
24-10-2017 6:26 PM - edited 24-10-2017 6:31 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
@garywood84 you have a point, however consider those living in high population density areas in large cities. There may be nefarious individuals who will simply perform "drive-by" attacks and hoover up large amounts of data from multiple victims. Back in the day when wifi networks were unprotected or used the laughable WEP protocol this was definitely a thing.
If you think the range on your router will protect you, something as simple as a pringles tin makes for a very effective directional antenna
It's also a mistake to think that nobody would be interested in your online activity, no matter how mundane you may think it is. But given that I've been a victim of identity theft, maybe I'm just paranoid now.
Still, I'd urge anyone who isn't living on a farm in the middle of nowhere to disable wifi on your phones/laptops if you know they're not going to be patched.
Re: Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping
on 24-10-2017 7:05 PM - last edited on 24-10-2017 9:01 PM by Mav
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
1) The problem disappears for the device when using wired connectivity mate. IF wifi is disabled on your router its a moot point
2) Short answer, No. its a sales tactic, a pretty pathetic one at that.
Longer answer :- Using a VPN to access your wireless is a silly thought, if your connected to an online VPN, then your already online and why would you need to connect to a wireless internet gateway to get online........<scratches head> shame on Symantec and other vendors for using the exploit as a sales tactic.
Also for this attack vector to be a success relies on a couple of prereqs.
1) they need to reroute https traffic.
2) they have to have already cloned your router/setup. (MITM attack vector)
3) they need to be in range of your wireless signal. (look outside of dodgy types sitting on your garden bench with a laptop)
Real world instances of this, will be virtually nil.
Mitigation that can make it harder to compromise via krakattack.
1) use MAC address filtering router side.
2) use https whenever possible.
3) enable AES-CCMP authentication on WPA2 if possible
4) patch all wireless clients if available.
5) if you must use a router bridge (aka a router extending from another router) bridge them via a LAN cable, utilising powerline adapters if its too far/inconvenient to lay cabling (nonwifi models ofc). Then routers are not affected.
Moderator's note by Mike (Mav): Post released from Spam Filter.
Re: Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping
24-10-2017 9:31 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
The biggest danger by far is the exploits potential to redirect browser request to a malicious site, or inject code directly into the browsers cache and call it. Once an attacker installs a trojan the machine is owned, as is everything a user does on it. Typed passwords would be trivial to log, online banking, card payments, paypal, social media, etc.
Only an idiot would encourage users to not take this seriously. How long before the darknet blackhats are selling ready-rolled apps to script kiddies? There's a lot of denial and false information being seeded, it stinks. A 200 yard radius is trivial for anyone with a Wok and a wifi dongle.
Ne'er-do-wells are more tech savvy than you'd think.
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Plusnet Community
- :
- Forum
- :
- Help with my Plusnet services
- :
- My Router
- :
- Re: Severe flaw in WPA2 protocol leaves Wi-Fi traf...