"Krack" WIFI Security flaw Found

General Questions, Rumors, Real news & More
Post Reply
Message
Author
shawross
Junior Member
Junior Member
Posts: 357
Joined: Mon Oct 28, 2013 5:48 am
Location: Perth Aus / Thailand

"Krack" WIFI Security flaw Found

#1 Post by shawross » Tue Oct 17, 2017 7:26 am

A security flaw has been discovered that could be used to hack into any device that uses WIFI.

The key reinstallation attacks, or KRACKs, were discovered by Belgian researcher Marty Vanhoef and are so serious the US Department of Homeland Security has issued an official warning.

Microsoft has already supplied Security updates for October that have covered this problem but Google, Apple and others are playing catch up.

If you have an older Android (5.1) as I do then maybe you will never see any updates. I suppose using WIFI on said Androids in less congested areas would be advisable. Not all Androids are as easy to Root either.

This is a major scare and a major industry shakeup.

https://www.cnet.com/news/krack-wi-fi-a ... esponding/
Active --- Love the X series
X301 SU9400 IDA Mod - W 7 / X201 540M - W 7 / X220 2520 - W7

Nostalgia
X61 T7500 / T43's / T42

Rogue daily driver - Samsung RV511 15.6 " Screen - W 7

RealBlackStuff
Admin
Admin
Posts: 18274
Joined: Mon Sep 18, 2006 5:17 am
Location: Mt. Cobb, PA USA
Contact:

Re: "Krack" WIFI Security flaw Found

#2 Post by RealBlackStuff » Tue Oct 17, 2017 7:36 am

These people have a few more patches: http://www.zdnet.com/article/here-is-ev ... right-now/

Puppy
Senior ThinkPadder
Senior ThinkPadder
Posts: 2422
Joined: Sat Oct 30, 2004 4:52 am
Location: Prague, Czech Republic

Re: "Krack" WIFI Security flaw Found

#3 Post by Puppy » Tue Oct 17, 2017 9:57 am

As usually, Windows is the only fully patched secure OS leaving others behind.
ThinkPad (1992 - 2012): R51, X31, X220, Tablet 8

shawross
Junior Member
Junior Member
Posts: 357
Joined: Mon Oct 28, 2013 5:48 am
Location: Perth Aus / Thailand

Re: "Krack" WIFI Security flaw Found

#4 Post by shawross » Tue Oct 17, 2017 8:37 pm

Microsoft has this covered but it doesn't mean that you are necessarily safe. How many routers and devices out there will never get updated? How quickly will Companies provide these updates?

For people in condo's and low to medium density home environments this will obviously have a greater impact.

Outside your home "patched" and protected environment we may just have to assume that we are at risk. Which most do now in reality and we mark these as a "Public Network" when we connect. YMMV

There has been a spate of exploits this year from back doors to now WPA2's holes and it makes one wonder. :??:
Active --- Love the X series
X301 SU9400 IDA Mod - W 7 / X201 540M - W 7 / X220 2520 - W7

Nostalgia
X61 T7500 / T43's / T42

Rogue daily driver - Samsung RV511 15.6 " Screen - W 7

Puppy
Senior ThinkPadder
Senior ThinkPadder
Posts: 2422
Joined: Sat Oct 30, 2004 4:52 am
Location: Prague, Czech Republic

Re: "Krack" WIFI Security flaw Found

#5 Post by Puppy » Wed Oct 18, 2017 1:24 am

shawross wrote:
Tue Oct 17, 2017 8:37 pm
How many routers and devices out there will never get updated? How quickly will Companies provide these updates?
Most of routers won't get any update of course (because it is not Microsoft kernel based) and the only way would be to buy a new one. Similar to majority of Android devices.
ThinkPad (1992 - 2012): R51, X31, X220, Tablet 8

RealBlackStuff
Admin
Admin
Posts: 18274
Joined: Mon Sep 18, 2006 5:17 am
Location: Mt. Cobb, PA USA
Contact:

Re: "Krack" WIFI Security flaw Found

#6 Post by RealBlackStuff » Wed Oct 18, 2017 6:03 am

There are plenty of routers that can be updated with firmware made by Tomato, DD-WRT and the like.
These routers are not depending on (lazy) manufacturers who rather sell you a new one, than update their firmware.

List of KRACK - WPA2 firmware updates: https://www.bleepingcomputer.com/news/s ... erability/
bleepingcomputer wrote:Companies claimed to be not affected by Krack:
Arista Networks, Inc.
Lenovo
Vmware
Not sure that I believe that...

Here's an (incomplete) list of various supported routers:
DD-WRT: https://www.dd-wrt.com/wiki/index.php/Supported_Devices
Tomato : https://en.wikibooks.org/wiki/Tomato_Fi ... ed_Devices
Tomato by Shibby: http://tomato.groov.pl/?page_id=69

Cigarguy
ThinkPadder
ThinkPadder
Posts: 1478
Joined: Thu Aug 09, 2012 3:08 pm
Location: Calgary, Alberta, Canada

Re: "Krack" WIFI Security flaw Found

#7 Post by Cigarguy » Wed Oct 18, 2017 6:29 am

RealBlackStuff wrote:
Wed Oct 18, 2017 6:03 am
These routers are not depending on (lazy) manufacturers who rather sell you a new one, than update their firmware.
Laziness got nothing to do with it. It's all about the $$$. Everyone in every industry is doing it and have been doing it for a long time. We tolerate it so why wouldn't they.

shawross
Junior Member
Junior Member
Posts: 357
Joined: Mon Oct 28, 2013 5:48 am
Location: Perth Aus / Thailand

Re: "Krack" WIFI Security flaw Found

#8 Post by shawross » Wed Oct 18, 2017 7:07 am

RealBlackStuff wrote:Not sure that I believe that...
Yes I would think you are correct because a quick search brings up 30 Lenovo devices with Android 6 which will be affected the most.

https://www.gsmarc.com/model-finder/len ... rshmallow/

This doesn't take into account all the other Android OS phones Lenovo make.

I suppose this raises the question whether Google or the other Chinese makers like Lenovo should provide updates.

Both Google and the Chinese makers are fully prepared to put their bloatware onto these phones but when a major exploit is found they are all ducking and diving.
Many of these Chinese Androids are basically clones with only different badges so I wouldn't think it would be too difficult for Google to implement through the websites of the Chinese makers.
Active --- Love the X series
X301 SU9400 IDA Mod - W 7 / X201 540M - W 7 / X220 2520 - W7

Nostalgia
X61 T7500 / T43's / T42

Rogue daily driver - Samsung RV511 15.6 " Screen - W 7

Neil
Senior ThinkPadder
Senior ThinkPadder
Posts: 2936
Joined: Sun Aug 07, 2005 5:41 pm
Location: Paragould AR USA

Re: "Krack" WIFI Security flaw Found

#9 Post by Neil » Wed Oct 18, 2017 7:24 am

While I suppose it would be best for all devices to be patched, including routers, here is what the krackattacks.com web site has to say about the situation:
What if there are no security updates for my router?

Our main attack is against the 4-way handshake, and does not exploit access points, but instead targets clients. So it might be that your router does not require security updates. We strongly advise you to contact your vendor for more details. In general though, you can try to mitigate attacks against routers and access points by disabling client functionality (which is for example used in repeater modes) and disabling 802.11r (fast roaming). For ordinary home users, your priority should be updating clients such as laptops and smartphones.
Collection = T500 - R400 - X300 - X200 - T61 (14" WXGA+) - T61 (14.1" SXGA+) - T60 (15" SXGA+) - X40 - T43p - T43 - T42p - A30P

RealBlackStuff
Admin
Admin
Posts: 18274
Joined: Mon Sep 18, 2006 5:17 am
Location: Mt. Cobb, PA USA
Contact:

Re: "Krack" WIFI Security flaw Found

#10 Post by RealBlackStuff » Wed Oct 18, 2017 8:10 am


jdrou
Senior Member
Senior Member
Posts: 604
Joined: Tue Feb 10, 2009 6:15 pm
Location: Madison Heights, MI

Re: "Krack" WIFI Security flaw Found

#11 Post by jdrou » Wed Oct 18, 2017 1:08 pm

RealBlackStuff wrote:
Wed Oct 18, 2017 8:10 am
And there is more: RSA Encryption has also become "crackable"
Or at least RSA as implemented using Infineon TPM chips.
Current Thinkpads:
X31, X40, X61T, X61, X201, X220 (i7 IPS), W520 (2720QM/2000M/FHD), T440p (i7-4800MQ/GF730GT/FHD)
Dells: Latitude C840, Precision M70, Precision M4400, M6400 (WUXGA), M6600, M6700
Daily driver: Dell XPS 13 w/Kaby Lake+Iris Pro+TB3

jaspen-meyer
Senior Member
Senior Member
Posts: 719
Joined: Wed May 19, 2010 11:21 pm
Location: Pardubice, Czech Republic
Contact:

Re: "Krack" WIFI Security flaw Found

#12 Post by jaspen-meyer » Sun Oct 22, 2017 12:49 pm

Puppy wrote:
Tue Oct 17, 2017 9:57 am
As usually, Windows is the only fully patched secure OS leaving others behind.
Debian released their patch Oct 16th.
https://www.debian.org/security/2017/dsa-3999 dated

OpenBSD released their patch August 30th.
https://www.openbsd.org/errata60.html
"041: SECURITY FIX: August 30, 2017 All architectures
State transition errors could cause reinstallation of old WPA keys. "
T420 i7 3612QM; T420 i7 3630QM; T400 Q9100; x60s libreboot, led; x24 xiphmont led

Dekks
Junior Member
Junior Member
Posts: 483
Joined: Thu Jun 26, 2014 9:38 am
Location: Birmingham, UK

Re: "Krack" WIFI Security flaw Found

#13 Post by Dekks » Sun Oct 22, 2017 2:29 pm

Puppy wrote:
Tue Oct 17, 2017 9:57 am
As usually, Windows is the only fully patched secure OS leaving others behind.
Openbsd got there first, there was a NDA on the bug to co-ordinate release of patches, most6 of the usual suspects had patches ready to go on the expiry of the NDA. Openbsd & MS decided to release early.
Home Win10/i5 Arch//Openbox R61//GNOME 3 X201i/X230 Tablet //Spectrwm T61/X61/X61 Debian 9.2/X32/T60p
Work - Win7/X220T BunsenLabs/Debian 9 T43
Retired T60/X30/X31/X61S RIP T400/T21/X61T/X200T

Post Reply
  • Similar Topics
    Replies
    Views
    Last post

Return to “GENERAL ThinkPad News/Comments & Questions”

Who is online

Users browsing this forum: No registered users and 4 guests