LANSHARKS.NET – Apple, Internet and Network Consulting Services

Fixing Macs and Networks Since 1990

  • About Us
  • Priority Access
  • Tech Articles
  • 510-601-5475

KRACK: WiFi WPA2 Encryption Broken?

Update: Thursday, October 19th 10:50pm:

Dave Hamilton and the folks at The Mac Observer are keeping and updating a list of router vendors who have updated their firmware to block the different CVE’s (vulnerabilities):

https://www.macobserver.com/news/list-of-krack-patches-routers/

(older updates in red at the bottom of this post, newest posts are a the bottom)

Reports are surfacing across the internet tonight with rumors of the WiFi WPA2 encryption mechanism as being “compromised.” What does this mean?

When you connect to a password protected WiFi network (you’re NEVER joining non-password protected WiFi networks, right?!?), the traffic between your device and the WiFi access point (often your internet router) is encrypted using WPA2 (“Wi-Fi Protected Access”).  This scrambling of your data means the information your Mac, iPhone or iPad sends/receives isn’t visible to another party (i.e. someone sitting in their car, outside your house) as it flies through the air, between your devices.

While some websites and software services also encrypt your data using something called “SSL”, this isn’t always the case and WiFi users have come to rely on the basic security of WPA2 to keep any non-SSL data transmission from prying eyes.

Tonight’s reports seem to indicate that researchers have found a way to break the security of WPA2. This means that even password protected WiFi networks are no longer secure.

This story is just coming to light and I anticipate big press coverage tomorrow and in the days following. I will update this as we know more. Here is the current take from Ars Technica:

https://arstechnica.com/information-technology/2017/10/severe-flaw-in-wpa2-protocol-leaves-wi-fi-traffic-open-to-eavesdropping/

For now, I (as always) recommend connecting devices with Ethernet whenever possible and securing WiFi connections using a VPN.

 

Update 10/16/2017 @ 8:15am:

All the gory details are available here: https://www.krackattacks.com

The KRACK vulnerability demonstrated:

https://www.youtube.com/watch?time_continue=263&v=Oh4WURZoR98

  • It appears this vulnerability in WPA2 *may* be able to be patched with a software update from either side (client device or the WiFi access point). If true, this is good news as it means you wouldn’t need to replace your router if the manufacturer is out of business or isn’t planning to release a firmware update for your model: “Implementations can be patched in a backwards-compatible manner. This means a patched client can still communicate with an unpatched access point, and vice versa. In other words, a patched client or access points sends exactly the same handshake messages as before, and at exactly the same moments in time. However, the security updates will assure a key is only installed once, preventing our attacks. So again, update all your devices once security updates are available.” To exploit this, an attacker must be within range of your WiFi network (i.e ~several hundred feet). This does NOT allow someone to access your devices, data or network from afar.
  • Unless you have some serious enemies (foreign governments, a highly tech-savvy Ex), hackers are likely to start trying this vulnerability on larger targets (big companies with credit card data, health data, financial records), rather than your small office or home network.
  • This is reportedly worse for devices running Android (non-Apple mobile phones) and Linux (many servers).
  • My recommendations above remain true – use Ethernet where possible and VPN when on WiFi.

 

Update 10/16/2017 @ 11:45am:

A good podcast with relevant KRACK information from The Mac Observer here:

 

Update 10/16/2017 @ 3:50pm:

Apple says they’ve fixed the exploit in the latest beta releases of iOS 11.1:

https://www.macrumors.com/2017/10/16/krack-wifi-vulnerabilities-patched-apple-ios-macos/

This release is available to developers as well as a public beta now.

Still no word on a firmware update for AirPort hardware…

Update 10/17/2017 @ 5:25pm:

iDownloadblog.com is reporting “The hack doesn’t seem to exploit access points such as Apple’s AirPort wireless appliances.” and “AirPort hardware not vulnerable”:

http://www.idownloadblog.com/2017/10/17/wi-fi-wpa2-krack-attack-apple-os-betas-fixed/

I have not seen proof of this claim yet and Apple has’t officially commented, so take it with the appropriate grain of salt…

Kirk van Druten

LANsharks Consulting

Contact

To contact Kirk or inquire about a consulting project, please email
kirk at lansharks.net
or call 510-601-5475. Operators are standing by.

Recent Posts

  • Good Reminders to Avoid Getting Scammed During the Holidays
  • Thoughts on macOS Ventura
  • Thoughts on Apple’s August 17th Security Updates
  • Avoid Getting Hacked: On Using Unique Passwords and NOT Sharing Personal Information on Social Media
  • Common Sense Advice about Scams and Anti-Virus Software

Categories

Archives

  • November 2022
  • October 2022
  • August 2022
  • April 2022
  • February 2022
  • December 2021
  • October 2021
  • June 2021
  • November 2020
  • September 2020
  • July 2020
  • May 2020
  • March 2020
  • January 2020
  • October 2019
  • May 2019
  • January 2019
  • November 2018
  • July 2018
  • February 2018
  • January 2018
  • October 2017
  • January 2016
  • October 2015
  • January 2013

Copyright © 2023 · LANsharks Consulting · All rights reserved · site by 5 happiness webmaster

blah
blah

Log in