Prism2v2 Wifi PCMCIA cards & KRACK vulnerability?
So a month ago a WIFI WPA2 vulnerability has been published: https://blog.mojonetworks.com/wpa2-vulnerability And now, we with our old devices may be left at (limited) risk.
Assume our Prism2v2 pcmcia cards we use for our A600/A1200s to hook up to our WLAN also contain this vulnerability, how do we fix? Is this something that has to be done on the firmware level. I fear we then can forget about a fix on an old piece of hardware like this? Or is this something that can be fixed in the prism2v2 device driver? How realistic is it to expect an update there? Or finally is this something that can be fixed in the TCP/IP stack (doubtful), so e.g. Roadshow. I guess just from an active development community the TCP/IP stack update seems the most realistic one to happen, if only it could be fixed on that level. |
I was under the impression the main risk is on routers.
But yeah, the fix has to be done at firmware level, so if they need it, then, well, that's the end of it. Do those cards even support AES2? If you are using WEP, you already are vulnerable to a myriad of attacks. |
No, it's actually a vulnerable way of implementing WPA2 on the clients that is the risk here!
Yes they support WPA2-PSK AES, they don't support WPA2 enterprise unfortunately, which is not vulnerable. |
Quote:
|
OK thanks for that, then.
So, Amiga networking is, as far as we know, forever unsafe, then. As long as you use Wifi. Time to wire them up. |
Yes, bring on that Vampire v4 for the A1200 and a working ethernet driver :)
|
There are already PCMCIA wired ethernet controllers that work fine on the A1200 without a Vampire.
|
I know, I even have one, but it's an ugly impractical solution the cable sticking out on the side. I hopefully find a nicer way to wire the ethernet cable into the A1200 to the vampire.
|
Quote:
Actually, the KRACK attack is kind of limited. The hype is mainly because most people misunderstand the scope of it. A WiFi router will only be affected if it acts as a "client", for example when configured as a repeater or similar role, when configured as a standard router it is not affected. Some things to consider... There is no way for the KRACK attack to be used in order to retrieve the router WiFi password, so that is safe. If you have several patched (up to date) computers/mobile devices logged in as "clients" on the WiFi network, these will not be affected just because you have one vulnerable computer on the network. The attacker, after triggering the vulnerable client handshake, will only be able to decrypt traffic between the vulnerable client and the router. In effect this means that if your Amiga is the only vulnerable client on the WiFi network, after much effort trying to decrypt that slow 802.11b (11mbit) traffic, these are the only packets the attacker can see, between the Amiga and the router, every other updated client on your WiFi network is safe. Keep in mind the attacker can only do this decryption while actively being in range of your WiFi network. If you are not sending any packets from a vulnerable client, then there is nothing to decrypt. Also, if you are using HTTPS on a vulnerable client (doubt you will do that from classic Amiga though, it's too slow), then the attacker will have to break that encryption separately, and that is just as hard as it is to break HTTPS in general, no benefit of using the KRACK attack. In other words, just avoid doing your bank business online using a plaintext HTTP browser on the Amiga and you will most likely be fine. More info here, straight from the source: https://www.krackattacks.com/ |
Quote:
Quote:
But as you said, all of this is only relevant if you're within the Wi-Fi's range. If you live in a remote area, you've probably got nothing to worry about. |
Quote:
Quote:
Quote:
Again, read the info on the site I linked in previous post, it's written by the security researchers who discovered the flaws and named it KRACK. Granted, the researchers in this case tend to apply some naive "better safe than sorry" attitude because the website has been hammered with traffic and questions about the vulnerabilities, so they try to keep it simple. It's important not to encourage the fearmongering, be realistic. PS: The security researchers uploaded the exploit info to an academic institution website on the 19th of May, 2017. However, KRACK was not announced until 1st November, 2017. The academic institution who had these files for review between May and November is known to be compromised by NSA, CIA and others, so they have no doubt used this exploit in the wild during the time until announcement. |
Quote:
|
@spudje
What I think here is that you are overreacting. No one uses online banking or any other serious stuff with their Amigas. Someone will break my WPA2 password to steal what, my aminet patches, whdload games, modules? What about WPA/TKIP cards/protocol? Is it safe to use? |
Well, my only realistic concern is a potential attacker retrieving my samba credentials, as that is what is exchanged between Amiga and NAS over wifi. He could then break in, steal my NAS and access my data, or hack it via the internet. I know, pretty paranoia, but still :) Guess I'll make myself a separate SMB account for my amiga clients with only limited access to the NAS.
|
Quote:
For instance, the attack works against personal and enterprise Wi-Fi networks, against the older WPA and the latest WPA2 standard, and even against networks that only use AES. Quote:
What I did was letting the Amiga use my open guest "/temp" SMB (Samba) resource. It's not ideal to have a read/write access to a SMB share without requiring a valid user login, but at least there are no user login credentials leaking when the WiFi network is under attack. |
Quote:
|
Quote:
|
Quote:
|
Quote:
https://sourceforge.net/projects/ami...smbfs%201.102/ |
Oh that's good to know, thought this never made it into Amiga SMB versions. I'll should look into this!
|
All times are GMT +2. The time now is 10:57. |
Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2024, vBulletin Solutions Inc.