cancel
Showing results for 
Search instead for 
Did you mean: 

Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping

Geebee
Newbie
Posts: 4
Thanks: 2
Registered: ‎17-10-2017

Re: Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping

I understand what everyone is saying but a few providers have already released patches and firmware to negate the problem. ISP's and manufactures were given months notice before it was made public knowledge to give them time to implement these fixes. 

My issue is, I pay good money to my ISP for them to provide me with an insecure and possibly catastrophic service? Now its public every tom dick and script kid will be looking for openings. PlusNet have been great, but I feel they are dragging their heels on this. Please PlusNet get your head down and [-Censored-] in the air and work on resolving this!

Very concerned customer here.

 

Browni
Aspiring Hero
Posts: 2,565
Thanks: 751
Fixes: 52
Registered: ‎02-03-2016

Re: Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping

@Geebee can you provide links to back up your claims?
Ex-Plusnetter now living life in the G,fast lane!
Geebee
Newbie
Posts: 4
Thanks: 2
Registered: ‎17-10-2017

Re: Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping

Browni copy and paste (KRACK patches) in to your internet browser.

You will find plenty of patches that have been made available by the likes of Microsoft and Apple. If you read some of the articles you will see that the vendors where informed of the threat before it was made public. 

Protech
Rising Star
Posts: 69
Thanks: 30
Fixes: 3
Registered: ‎26-09-2017

Re: Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping

Here's some hopefully helpful guidance notes for consumer users on the Krack exploit and some practical mitigation steps that can be taken until fixes are rolled out to both client devices and routers.

Who is at risk?

All unpatched WiFi connected devices using WPA2 are potentially affected, however the highest risk group are currently those using android 6+ phones and tablets due to the numbers of devices involved and ease of decryption.

Where am I most at risk?

The highest risk environment is in public spaces using using free WiFi connections, also high density domestic WiFi environments.

What is at risk?

Capture of sensitive and personal data, potential to hijack and spoof connection. The use of HTTPS does not guarantee security on all websites.

What can I do ?

Mobile devices - eg phones , tablets , laptops.

Switch off WiFi and use a 3G or 4G mobile data connection.

If your mobile device only has WiFi, connect to a very local secure WiFi hotspot owned by you , tethering to the internet via a mobile data connection , this should help reduce, but not eliminate the risk.

Fixed devices - eg desktops , games platforms , smart TVs

Use a wired connection , direct Ethernet or via Powerline adaptors
This will not only improve security , performance should benefit as well.


Comments and suggestions to improve these notes are welcomed.

You can check out but you can never leave ( easily)
kjpetrie
Aspiring Pro
Posts: 177
Thanks: 23
Fixes: 4
Registered: ‎19-12-2010

Re: Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping

I suspect patches for routers might not be forthcoming. Firstly, routers are not particularly vulnerable unless they are secondary devices connecting by wi-fi to another as an access point. That is a rare scenario only likely to happen in larger premises which are already public (hotels where they have not wired their routers together, for instance) or private (larger houses where the opportunity for an eavesdropper to get close might be more limited). A single router in a typical suburban house or city flat shouldn't be vulnerable. Secondly, routers can have a much longer life than envisaged. The expected life is around 5 years but they are solid state devices and can last a lot longer than that in a cool climate. Many that are giving good service are therefore considered obsolete by their makers. Do we really expect every manufacturer to release patches for every router they've ever made for every ISP's custom edition of the firmware? They clearly couldn't afford that as the personnel required would be huge.

Thirdly, most users wouldn't know how to apply the patch and ISP's would have to find out which customers were still using the ISP-provided router if they were to try to apply the patch remotely. Fourthly, users would probably need a computer running Windows to apply the patch. Those are less common than they used to be.

All for something most users won't need anyway. It's client devices, not access points, which need patching. Apple, Linux and Windows have already done that, leaving Android the only vulnerable devices and many of those, still giving faithful service, are considered obsolete, which is where the real problem lies.

 

bobminors
Aspiring Pro
Posts: 170
Thanks: 35
Fixes: 3
Registered: ‎19-09-2016

Re: Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping


@Protech wrote:
<snip>

Comments and suggestions to improve these notes are welcomed.


It occurs to me that WiFi-connected printers are potentially vulnerable too.

We can't rely on the printer makers to patch their products, so maybe the safest thing to do is to take our printers off WiFi and connect by USB (assuming that's an option).

 

30FTTC06
Community Veteran
Posts: 2,286
Thanks: 72
Fixes: 4
Registered: ‎18-02-2013

Re: Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping

The fun starts when the tools are shared!

30FTTC06
Community Veteran
Posts: 2,286
Thanks: 72
Fixes: 4
Registered: ‎18-02-2013

Re: Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping

DD-WRT 33607 Brainslayer build just dropped for those using/wanting it.

BertieBassett
Grafter
Posts: 49
Thanks: 21
Registered: ‎05-02-2016

Re: Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping

Quote:-  "they need to be in range of your wireless signal. (look outside of dodgy types sitting on your garden bench with a laptop)". Thanks for that Mando. Never did get on with the guy next door who is an I.T. techie: Shocked

 

 

 

 

 

 

 

 

bobminors
Aspiring Pro
Posts: 170
Thanks: 35
Fixes: 3
Registered: ‎19-09-2016

Re: Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping

I live in a quiet residential street and I'm within range of six of my neighbours' WiFi routers (BT routers seem popular around here - and BT pride themselves on the range of their WiFi ...). I'm not vulnerable to them, but they are vulnerable to me. Should I tell them?

If you think I would be unlikely to catch them connecting? When we get a power cut (which we do, occasionally, and it affects the whole street) all their routers go down and come back up at the same time and I know when it happens. My laptop will still be running ...

Lucky for the neighbourhood that I'm honest. Can't vouch for the neighbours' teenage sons, though..

Yes, it is a router problem too.

chg
Newbie
Posts: 1
Registered: ‎15-01-2018

Re: Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping

When I asked Customer Service aka Technical Support, about KRACK & also the USB Port on the Hub One Modem Router, I was told they do not support the HubOne Router.

Tags (3)