for display only
Big Blue Interactive The Corner Forum  
Back to the Corner

Archived Thread

NFT: Belgian researchers discover WPA flaw - WiFi security borked

jcn56 : 10/16/2017 8:25 am
WPA is the mechanism used to secure the vast majority of wifi AP& lt;-& gt;client access. Over the summer, these guys made a presentation at the world's largest hacker conference indicating they had something big, and per industry standard operation they've kept the details quiet until now.

It will take some time to go from disclosure to exploit tools, so your wifi isn't instantly compromised, but it's only a matter of time from today to when tools may be available.
https://arstechnica.com/information-technology/2017/10/severe-flaw-in-wpa2-protocol-leaves-wi-fi-traffic-open-to-eavesdropping/ - ( New Window )
.  
FStubbs : 10/16/2017 8:46 am : link
Sadly I bet Russia already knows about this.
Great  
DC Gmen Fan : 10/16/2017 8:56 am : link
more stuff to worry about
Damn  
antdog24 : 10/16/2017 9:00 am : link
that's not good. Does it that include WPA2 Enterprise? I know the protocols are different.
WPA?  
Joey in VA : 10/16/2017 9:12 am : link
If you are using that it's 2005 and you are stupid. Of course it's exploitable it's why no serious admin would even touch it. That's akin to saying that not locking your front door is unsafe.
RE: WPA?  
jcn56 : 10/16/2017 9:17 am : link
In comment 13651379 Joey in VA said:
Quote:
If you are using that it's 2005 and you are stupid. Of course it's exploitable it's why no serious admin would even touch it. That's akin to saying that not locking your front door is unsafe.


WPA2 obviously - and we're not talking about enterprise grade devices that should be using RADIUS, we're talking about home users and devices or users that are incapable of using anything else.

It's going to be easy pickings for some unscrupulous folks.
RE: WPA?  
Bill in Del : 10/16/2017 9:19 am : link
In comment 13651379 Joey in VA said:
Quote:
If you are using that it's 2005 and you are stupid. Of course it's exploitable it's why no serious admin would even touch it. That's akin to saying that not locking your front door is unsafe.


The article refers to WPA2 which is pretty much the standard wifi security protocol these days. To your point if your using WPA your past due to upgrade.
RE: RE: WPA?  
antdog24 : 10/16/2017 9:41 am : link
In comment 13651400 jcn56 said:
Quote:
In comment 13651379 Joey in VA said:


Quote:


If you are using that it's 2005 and you are stupid. Of course it's exploitable it's why no serious admin would even touch it. That's akin to saying that not locking your front door is unsafe.



WPA2 obviously - and we're not talking about enterprise grade devices that should be using RADIUS, we're talking about home users and devices or users that are incapable of using anything else.

It's going to be easy pickings for some unscrupulous folks.

Guess it's time to fire up the ESX server and set up a domain controller and a radius server.
kind of an important passage here.  
Heisenberg : 10/16/2017 9:44 am : link
Quote:
Both Windows and iOS aren't believed to be vulnerable to the most effective attacks. Linux and Android appear to be more susceptible, because attackers can force network decryption on clients in seconds with little effort. Linux patches are available but it's not immediately clear when they will become available for various distributions and for Android users. Patches are also available for some but not all Wi-Fi access points.


Keep that in mind as you gauge how much to panic. :)
You left out the most important sentence in that passage though  
jcn56 : 10/16/2017 9:47 am : link
Quote:
The researchers went on to say that the weakness allows attackers to target both vulnerable access points as well as vulnerable computers, smartphones and other types of clients with differing levels of difficulty.


The concern here is less the hosts and more the access points. So although your PC or Mac might be less vulernable, the WiFi access point they're connecting to isn't (more than likely).
Please Explain in English  
Samiam : 10/16/2017 10:21 am : link
I don't understand half of what is written here but it looks like I should be doing something. Can someone explain? I use mac products but my wife uses a Windows laptop. We have Verizon FIos if it matters
RE: Please Explain in English  
DC Gmen Fan : 10/16/2017 11:02 am : link
In comment 13651553 Samiam said:
Quote:
I don't understand half of what is written here but it looks like I should be doing something. Can someone explain? I use mac products but my wife uses a Windows laptop. We have Verizon FIos if it matters


basically dust off the dial up modem....and get off the phone cuz Im trying to sign on!
I wonder what it would take for the world to just throw up it's hands  
Ten Ton Hammer : 10/16/2017 11:04 pm : link
and revert back to paper records for critical security.
RE: I wonder what it would take for the world to just throw up it's hands  
jcn56 : 10/17/2017 12:02 am : link
In comment 13652746 Ten Ton Hammer said:
Quote:
and revert back to paper records for critical security.


You know all those articles you read about how automation is going to catastrophically disrupt the job market over the next 20 years? Doesn't happen if just about all transactions aren't electronic over that timespan.

In layman's terms - the mechanism your WiFi router uses to encrypt the communications between the router and your computer (or laptop/smartphone) can be compromised.

The good news is that the attack focuses in on the client side - so having your laptops/computers/phones patched is the priority. A patched client communicating with an unpatched endpoint should remain secure.

The bad news it that you still want to patch the access points as well, and it's harder to patch hardware devices like routers, security cameras, printers, and vendors are slower to put out updates.

For right now - make sure that your computers are all configured to take the latest security updates and are updating regularly. Take a look at your WiFi access point and see if the manufacturer has any plans (or has made any statements) of releasing an update to your firmware.

If you have IoT devices like online cameras, printers, scanners, etc. - consider disabling the online functionality, or isolating them on your network if possible. Those are going to be a popular backdoor for this one.
Fake  
XBRONX : 10/17/2017 5:52 am : link
News
RE: Fake  
jcn56 : 10/17/2017 7:50 am : link
In comment 13652896 XBRONX said:
Quote:
News


Yeah, US-CERT has a tendency of faking news stories, when they're not busy controlling the weather.
Back to the Corner