English Amiga Board


Go Back   English Amiga Board > Off Topic > OT - Technical

 
 
Thread Tools
Old 16 October 2017, 13:24   #1
ross
Omnia fert aetas

ross's Avatar
 
Join Date: Mar 2017
Location: Crossing the Rubicon
Age: 47
Posts: 516
Severe WPA2 security flaw

Someone technically involved in WPA2 protocol can explain what can we do in the immediate?
Ok to wait some update, but before?

Main source:
https://www.krackattacks.com/

Last edited by ross; 14 November 2017 at 23:39.
ross is offline  
AdSense AdSense  
Old 17 October 2017, 02:34   #2
esc
Banned
 
Join Date: Jan 2010
Location: Palo Alto, California, USA
Posts: 389
Use a full VPN


Sent from my iPad using Tapatalk Pro
esc is offline  
Old 17 October 2017, 09:47   #3
haps
Rumpig

haps's Avatar
 
Join Date: Aug 2006
Location: The bottom of the bottle
Age: 1
Posts: 142
About all you can do is wait for vendor updates ross or else build your own patched versions of the wpa packages.
haps is offline  
Old 17 October 2017, 14:57   #4
ross
Omnia fert aetas

ross's Avatar
 
Join Date: Mar 2017
Location: Crossing the Rubicon
Age: 47
Posts: 516
Quote:
Originally Posted by esc View Post
Use a full VPN
Never done but can be a viable option.
(used for remote lan or similar situations, but not for all traffic)


Quote:
Originally Posted by haps View Post
About all you can do is wait for vendor updates ross or else build your own patched versions of the wpa packages.
Fortunately my main vendor has already patched the firmware (fast!).
And there is beta version patch for major OSs.

It seems enough to fix only one side of the communication to solve.

But this is one of the biggest damages to WiFi communication ever done.
They told us that WPA2 was impenetrable and then this flashy
error at (handshake) protocol level ...

Last edited by ross; 14 November 2017 at 23:38.
ross is offline  
Old 18 October 2017, 02:33   #5
jmmijo
Junior Member
jmmijo's Avatar
 
Join Date: Jan 2002
Location: PDX
Age: 55
Posts: 2,354
Quote:
Originally Posted by ross View Post
Never done but can be a viable option.
(used for remote lan or similar situations, but not for all traffic)



Fortunately my main vendor has already patched the firmware (fast!).
And there is beta version patch for major OSs.

It seems enough to fix only one side of the communication to solve.

But this is one of the biggest damages to WiFi communication ever done.
They told us that WPA2 was impenetrable and then this flashy
error at (handshake) protocol level ...

Regards,
ross
There is no such thing as *TOTAL* security unless you completely disconnect from the internet

In some way this is good that there was a flaw found so it can be closed, lets hope no more will be found but I bet there will be.
jmmijo is offline  
Old 19 October 2017, 07:37   #6
amiga_Forever
Registered User
 
Join Date: Mar 2011
Location: kkhkj
Posts: 323
Updates from manufacture, is all you can do. This doesn't just affect AP's (Access points) as some other reports led to believe.. *anything* that goes online, as this hack is at the protol level, so password changes are useless. As passwords are not the ones that are cracked, the protocol is, which is used to communicate and bind everything together.

My reasoning is: if u can connect to it, you can hack it

I went outside my house my wi-fi connected iPhone, and as soon as i stepped you into the driveway, it lost connectivity.. thus proving even if u manually typed in SSID on a laptop and used the tool, it still wouldn't be able to connect, too far away... At least that's how i think..

But ya,, it's an issue manufactures need to address. Apple, Microsoft as well

Last edited by amiga_Forever; 19 October 2017 at 07:42.
amiga_Forever is offline  
Old 19 October 2017, 11:37   #7
haps
Rumpig

haps's Avatar
 
Join Date: Aug 2006
Location: The bottom of the bottle
Age: 1
Posts: 142
Quote:
Originally Posted by amiga_Forever View Post
This doesn't just affect AP's (Access points) as some other reports led to believe.. *anything* that goes online
Not *anything* only wireless devices using WPA. The machine I am typing this reply on is 'online' is not affected at all because it does not use a wireless connection.
haps is offline  
Old 21 October 2017, 13:00   #8
Megol
Registered User

Megol's Avatar
 
Join Date: May 2014
Location: inside the emulator
Posts: 246
Quote:
Originally Posted by amiga_Forever View Post
Updates from manufacture, is all you can do. This doesn't just affect AP's (Access points) as some other reports led to believe.. *anything* that goes online, as this hack is at the protol level, so password changes are useless. As passwords are not the ones that are cracked, the protocol is, which is used to communicate and bind everything together.
Actually it is the devices that are attacked. The protocol isn't cracked as such so it can still be used with the proper safeguards in place (detecting the replay attack). The attack is aimed at the handshaking so the encryption, password handling etc. of the protocol is still reliable.

Quote:
My reasoning is: if u can connect to it, you can hack it
Wise. Same as having physical access to a machine.

Quote:
I went outside my house my wi-fi connected iPhone, and as soon as i stepped you into the driveway, it lost connectivity.. thus proving even if u manually typed in SSID on a laptop and used the tool, it still wouldn't be able to connect, too far away... At least that's how i think..
Exactly. And even if they do attack the device it requires quite some effort to actually do something unless running one of the stacks that zero the key when attacked.
The attack gives more time to try to analyse data and attempt to crack the stream key, nothing more, nothing less.

Quote:
But ya,, it's an issue manufactures need to address. Apple, Microsoft as well
Already done. At least by MS.
Megol is offline  
Old 22 October 2017, 00:22   #9
BarryB
Amigaholic

 
Join Date: Dec 2009
Location: UK
Posts: 2,399
This site explains the exploit in full as the OP has mentioned: https://www.krackattacks.com/

While some attacks seem impractical it doesn't mean it CAN'T be done as the paper mentions, but the fact that Android/Linux is the most vulnerable must be worrying!

Last edited by BarryB; 22 October 2017 at 00:27.
BarryB is offline  
Old 28 October 2017, 11:07   #10
Shoonay
Global Caturator
Shoonay's Avatar
 
Join Date: Aug 2004
Location: Porando
Posts: 6,034
Gargoyle, an alternative open firmware solution for routers, has patched this issue: https://www.gargoyle-router.com/phpb...hp?f=3&t=11271

My Archer C5 approves
Shoonay is offline  
Old 28 October 2017, 11:39   #11
ptyerman
Registered User

ptyerman's Avatar
 
Join Date: Jun 2012
Location: Worksop/UK
Age: 53
Posts: 983
Quote:
Originally Posted by Shoonay View Post
Gargoyle, an alternative open firmware solution for routers, has patched this issue: https://www.gargoyle-router.com/phpb...hp?f=3&t=11271

My Archer C5 approves
Is that the same as a Sinclair C5?
ptyerman is offline  
AdSense AdSense  
 


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools

Similar Threads
Thread Thread Starter Forum Replies Last Post
Cannot connect with WPA2-PSK + AES Nobby_UK support.Hardware 8 30 December 2014 06:22
Amiga + WiFi with WPA2? pkersey support.Hardware 12 24 August 2013 10:38
WPA2 added to Amiga WiFi driver alexh News 1 24 July 2011 02:22
Alien Breed 2 & TA severe gfx glitches MethodGit support.WinUAE 4 19 February 2009 13:34
My Amiga was a security system DigitalQuirk Nostalgia & memories 3 17 April 2008 18:39

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT +2. The time now is 20:40.


Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2017, vBulletin Solutions, Inc.
Page generated in 0.20054 seconds with 14 queries