I was honestly just going to post about this!!
One more friggin’ thing I worry about. Thanks, Technology!!
Technology, being created by people is evil.
Are all thing created by people therefore evil? And if so, what if people create a Technology eraser that wipes out Technology, i.e. wipes out evil. Is the eraser, created by people, also evil even though it wipes out evil?
Have you ever seen one of the plague carriers some call children? Read Lord of the Flies?
The especially infuriating part is that Bruce Schneier outlined exactly how a nonce should be used in his 1996 book; six years before the WPA protocol was cemented. (The key is in the name: “nonce”. If you see one a second time there is trouble.) Even --I-- can see they made a mistake and I’m an idiot when it comes to such things. It’s even in the first sentence here…
It does prove that any security protocol kept secret from the public cannot possibly be trusted. If we, the people who rely on such things, cannot inspect the protocol and source code we should not be using it.
Finally, I thank Mathy Vanhoef for his work. When the dust settles we will all be a little bit more secure through his effort.
meh… took it long enough. not like we can use hotspotsystems.com to run a WPA2 Enterprise access point and lock it further down on the network level.
Good thing this is easy to do with mikrotik hAPs and pi hole.
Too bad ssh is just as insecure as wpa these days.
Well ok “normal use case” ssh. Better when one used gss and Kerberos plus elliptical curve encryption then lock it all inside a chroot root with out any root access. Doing forget the port knocking at a packet level, ssl VPN, and IDS.
Any widely-deployed security method is likely to fail at some point:
- Its ubiquity makes it an attractive target
- It’s apt to be sufficiently lightweight to allow it to run on low-end hardware
- Vendors are apt to deploy it in a shoddy fashion
- It will be around for a long time, meaning flaws will eventually come to light
True but of course some vendors are better than others:
- MikroTik Not Affected 28 Sep 2017 16 Oct 2017 - https://www.kb.cert.org/vuls/byvendor?searchview&Query=FIELD+Reference=228519&SearchOrder=4
Mostly Windows, Android/ChomeBook, and any linux distro that uses wpa_supplicant is affected.
iPhone has been fixed: KRACK WPA2 Wi-Fi exploit already fixed in iOS, macOS, tvOS, watchOS betas | iMore
While Amazon devices will be patched shortly and given that Cyganomod/LineageOS already patched this little bug is on its way out the door quicker than SSL Heartbleed ever was noticed.
Cracking WPA2 requires one to build a rainbow table of both known access point names, common passwords and/or phone numbers, then paired that with both your device’s mac address and that of the base station to build the AES encrypted hash. Sure one can grab a good deal of those base station names from say a war driving map site and build a good dictionary of passwords. Plus a little passive research gives a farely decent list of phone numbers to add to tht dictionary. But that doesn’t include the required mac addresses to plug into one’s massive hadoop+cuda cluster farm.
No, I’m always going to be more concerned with wifi de-auth attacks and mac spoofing than anything else.
Update
Wpa supplicant has been patched in at Fedora, Debian, and Arch.
MSFT has issued a statement claming they have already released a hotfix as of Oct. 10.
Other vendors have release status of patching
Run down:
DD-WRT: (the most popular alternative firmware for Routers): Patch designed, so far not downloadable
Google: Affects only Android 6.0 and above. Patch should be ready by 6 November.
Intel: Updated drivers available
Lineage OS: Patched already
Microsoft: Was fixed before going public on Patch Tuesday (10/10)
Netgear: Advisory issued. New firmware rolling out.
Qualcomm: Patches ready, awaiting customer assurance process
TP-Link: Still working on patches
Ubuntu/Redhat/Arch Linux: wpa-supplicant and hostapd can be updated
Wifi Alliance: Has a tool to detect if vulnerable
Why Trust MicroTik hAP routers?
http://networkingforintegrators.com/2012/12/mikrotik-basic-vlan-example/
