-
Hey, guest user. Hope you're enjoying NeoGAF! Have you considered registering for an account? Come join us and add your take to the daily discourse.
All your WiFi devices are broken, Android/Linux devices particularly devastated
- Thread starter emag
- Start date
unless there is a hacker in your neighborhood, then it is safe, the hacker has to literally be in the range of your wifi at home
Fulminator
Member
Can someone explain like I'm five on how this can affect me
close to the edge
Member
Yes. Otherwise, how would they get access to your wifi?
The thread title is sensationalist. There's going to be patches for most devices (with an asterisk, if you have an Android phone that's no longer receiving updates or some obscure IoT device, you might be SOL). Currently, there's no easy way to use the exploit, since the security researcher didn't publish his proof-of-concept code yet (he wants to wait until all the big vendors have released patches). As we speak, there's probably black hats (criminal hackers) scrambling to make a piece of software to exploit this vulnerability, depending on how easy it is to implement, it might be done, might not be done for a while. Most importantly, a lot of your traffic will still be safe, since it's already encrypted.
yes
Ever hear of wardriving? People drive around looking for vulnerable WiFi.
Hari Seldon
Member
Well someone outside of your neighborhood can park near your house and do it I would assume.
mullet2000
Member
Right. You would be putting the device at risk.
xKilltheMx
Member
Wait so limiting my router to only connect to specific Mac Addresses won't help or will help?
You can sample MAC addresses with trivial snooping even without this exploit, then spoof the MAC. Completely useless.
Similarly, that does nothing at all.
Technically, this could be used away from your home network, if the attacker knows your homenetwork's SSID. Most devices are set to autoconnect to known networks, no matter where they are.
So an attacker could be in a well visited and crowded place and use this hack on a common/well known SSID name, and potentially get many phones and laptops to connect to it.
Edit: come to think of, you'd probably still need the homenetwork to send the initial handshake that you hijack, so yeah, probably not possible
You would never communicate unsecure data over a public wireless access point because other people also have access to that access point by virtue of it being public, so it doesn't matter.
moustascheman
Member
So my phone uses android 5.1. How screwed am I?
StarCreator
Member
A lot of public places actually use WPA2 instead of leaving their network open. - mostly to make sure only customers are using it, I'm sure. Even then, people tend to think of those networks as more secure, but this exploit basically makes a WPA2 network as secure as an unsecured one.
A hacker wouldnt need this exploit to hack devices this way. But he would need some good antennas.
Mechanized
Member
I haven't kept up with the concept at all, but can't people just wardrive to get on your network even if the SSID isn't broadcasted?
itwasTuesday
He wasn't alone.
Aww great.
velociraptor
Junior Member
What does 'wardrive' mean?
screwed unless the phone manufacturer releases a security update
esmith08734
Member
Hiding SSID is like, the most basic first step in protection. It really does nothing and won't work here.
esmith08734
Member
People will drive-by and identify potential vulnerabilities in someone's network.
They dont need the SSID, they use the MAC, which is always broadcast no matter what (it is on a lower level than this attack)
esmith08734
Member
MS claims to have a patch.
Yes. MS says theyve already patched the vulnerability so it sounds like W7/8/10 are safe.
Naked Snake
Member
I use dd-WRT on an old Linksys router as a repeater... Need to start looking for a new one, right?
What?
So if I have a fiber line going into an Asus router what do I need to do? I dont have any android devices other than a hardwired Sony android tv.
Im honestly not sure if Im running wep wpa or wpa2 but its the one that lets you use pretty much any password you want.
Pretty sure thats just WEP, which Ive always just stuck with because I like to set my own password. Always something with characters and caps and numbers etc, but its just nice to have something I can actually remember vs a bunch of random garbage.
So if I have a fiber line going into an Asus router what do I need to do? I dont have any android devices other than a hardwired Sony android tv.
Im honestly not sure if Im running wep wpa or wpa2 but its the one that lets you use pretty much any password you want.
Pretty sure thats just WEP, which Ive always just stuck with because I like to set my own password. Always something with characters and caps and numbers etc, but its just nice to have something I can actually remember vs a bunch of random garbage.
Fulminator
Member
So is this more of a concern about privacy, or like uploading viruses or whatever on to ones device?
Or both?
Or both?
The Pet of the Month
Member
Ah jeez, now I have to wait and see what Netgear's patched. They released a security update not too long ago, but it seems in their usual fashion they didn't bother telling us what they fixed -_-
But then they can poison your DNS, so you think youre connecting to a secure site but youre connecting to the hackers laptop. Also a lot of sites dont do HTTPS perfectly.
Where did you assume they have to be connected already? Which phrase?
"As Hudson notes, the attacker would have to be on the same base station as the victim, which restricts any attack's impact somewhat."
But I clearly misunderstood what that meant
No, I am serious. Where is this 'Hudson' thing from? I asked another person in another thread and they never replied.
valinthyne
Member
So does this essentially mean POS systems are compromised and credit card data is there for the taking till they're patched?
sssstententen
Member
Essentially, yes, any that are on Wireless networks. So especially newer stores with mobile POS systems.
texhnolyze
Banned
I still don't get it.
If my PC use a wifi from a router, will it be safe?
Also, is it worldwide?
j0hnny_385
Member
sssstententen
Member
Yes its worldwide, yes you need to update, and no using WiFi is not safe.
Anyone who cant or doesnt know how to patch their network/devices who can get hardwired should do so.
Transistor
Banned
If those POS machines use wifi, yes
The router youre using doesnt have much to do with whether or not youre vulnerable to this attack.
Your PC is the client. If the client is patched, then its OK. Microsoft said theyve already pached the problem so you should be OK if youre running a fully updated Windows 7, 8, or 10.
Id like some confirmation on MS fix though.
And yes, this affects virtually all wifi devices worldwide.
D
Deleted member 465307
Unconfirmed Member
I have a lot of old devices. I don't really care if people spy on which YouTube videos I watch or which NeoGAF pages I visit. However, I obviously do care about banking information and similar content.
Can I continue to use my standard WiFi for most things and then switch to Ethernet for all financials? Or would that approach still make me unsafe?
Can I continue to use my standard WiFi for most things and then switch to Ethernet for all financials? Or would that approach still make me unsafe?
I took it from the other thread, but a quick google shows that it was Alex Hudson, Iron Group CTO
https://www.theregister.co.uk/2017/10/16/wpa2_inscure_krackattack/
Not sure if reliable at all...
Vanillalite
Ask me about the GAF Notebook
Yes.
It's these types of instances that are of a bigger worry than people's home WiFi.
Technically, you might be OK to use those financial sites on a compromised device. So long as the site has a proper implementation of HTTPS, the most an attacker would be able to see are data packets filled with encrypted text (gibberish).
I wouldnt rely on this, however. All you can be certain of is whether or not a site is using HTTPS. Its effectively impossible for you to know if its implemented perfectly and its best to be on a secure device just in case theres a problem.
Similar threads
- Locked