WPA2 vulnerable

2017-10-16

in Geek stuff, Internet matters, Science

It seems the WPA2 encryption system used by most WiFi networks is badly broken:

This follows recent breaks in core security technologies like SSLStrip and Heartbleed.

People with good security practices like defence in depth and compartmentalization of sensitive information might not be too threatened by this. Those relying exclusively on the integrity of WPA2 may be in big trouble.

What are you sharing on your wireless network? Any file servers, cameras, or other sensitive systems?

Do you run your internet traffic through a second layer of encryption like a VPN and stick to HTTPS/TLS for sensitive websites?

Report a typo or inaccuracy

{ 6 comments… read them below or add one }

Myshka October 16, 2017 at 8:02 pm

A very informative website, created by the man who discovered the KRACK vulnerability: https://www.krackattacks.com/
He wrote a paper: ‘Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2’. The website sums up his findings in a concise and approachable way.
His videos

Another informative video

As long as websites implement HTTPS properly, it doesn’t seem like there is a huge risk. Of course, any public WiFi is vulnerable anyway.
Keep in mind that the attacker needs to be in range of your WiFi network, and it seems like a tricky hack which may not be worth trying on just any random network.

Personally, I mistrust 3rd-party VPNs. The free ones in particular are often worthless at best, malicious at worst. If you have your own, though, then I assume it would be very helpful.

. October 18, 2017 at 12:47 am

How did a bug like krack fester in WPA2, the 13-year-old wifi standard whose flaws have rendered hundreds of millions of devices insecure, some of them permanently so?

Thank the IEEE’s business model. The IEEE is the standards body that developed WPA2, and they fund their operations by charging hundreds of dollars to review the WPA2 standard, and hundreds more for each of the standards it builds upon, so that would-be auditors of the protocol have to shell out thousands just to start looking.

It’s an issue that Carl Mamamud, Public Resource and the Electronic Frontier Foundation have been fighting hard on for years, ensuring that the standards that undergird public safety and vital infrastructure are available for anyone to review, audit and criticize.

The need for security standards to be freely auditable was also at the center of the W3C’s catastrophic decision to standardize DRM for 3 billion browser users: EFF proposed that W3C members should pledge not to threaten security researchers who discovered defects in the W3C standard, and the members refused, with the backing of the W3C exec (which is why EFF resigned).

Milan October 18, 2017 at 11:36 am

Myshka,

Thank you for commenting!

I’ll have a look at that site and at the technical details of the attack.

Defence in depth is certainly essential to computer security, but there is a risk it could make people complacent if they don’t keep track of new vulnerabilities like this. For instance, someone using SFTP to protect their credentials might think it’s safe to use FTP on an encrypted home network. A lot of people probably don’t think about the security of their WiFi at all before turning on file sharing, or attaching a security camera or baby monitor.

Like TOR, I see VPNs as constraining some vulnerabilities while worsening others. For instance, they protect you from having your ISP monitor your traffic or throttle video streaming, but the VPN itself might be tracking you or using its position between you and the internet for malicious purposes. In terms of TOR, I expect that all the exit nodes are now monitored by our friends.

On an unrelated note, I am thinking about setting up Google’s new token-based Advanced Protection option.

. October 18, 2017 at 1:34 pm

Krack Attacks (WiFi WPA2 Vulnerability) – Computerphile

Secure WiFi is broken – Dr Mike Pound & Dr Steve Bagley on the Krack Attack discovered by researchers in Belgium.

Mike’s description of crib dragging relates to Professor Brailsford’s discussions of WWII Lorenz cipher cracking: Fishy Codes: https://youtu.be/Ou_9ntYRzzw Zig Zag Decryption: https://youtu.be/yxx3Bkmv3ck

IBM PC: https://youtu.be/fCe0I3RJajY
Password Cracking: https://youtu.be/7U-RbOKanYs

The researchers who discovered the vulnerability: http://bit.ly/C_CrackAttack

anon October 18, 2017 at 10:40 pm

Lots of exploits based on this vulnerability are starting to circulate.

One I like will scan any shared disks on the network, look for executable files, and append malware to them. It checks when the program was last run to find the one where code like ransomwhere or a RAT is most likely to be accessed.

. October 30, 2017 at 3:19 pm

Leave a Comment

You can use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

Previous post:

Next post: