• Hey, guest user. Hope you're enjoying NeoGAF! Have you considered registering for an account? Come join us and add your take to the daily discourse.

All your WiFi devices are broken, Android/Linux devices particularly devastated

Entroyp

Entroyp

Member
People need not to stress too much from this, your most sensitive PII is already out there thanks to equifax.

On a serious note, make sure you update all your devices and not think much about this for now.
 
T

ty_hot

Member
Just to check if I understood:

with this breach someone can come and, with the right equipment and after finding a device that is not patched (easy), pretends that he is the router, so that he can read all infor that goes through tihs network (including the 'safe' devices, patched)?

And where does the router comes in the equation? Few pages back there was people saying that there are already update files for some routers (dd wrt). How does it change anything? In the other thread it was speculated that if your device or your router is patched you are safe. Is it?

I just updated my router to dd wrt (I was already going to do it, just stopped in the middle of the process a few months ago lol anyway, I dont think its a patched fw because its from 10/10).
 
H

Hello? This is Hailun!

Member
ViciousDS said:
the one fucking person on my network using an android device is my step dad........damn it

Can patching the router alone and at least leave all other devices and updated units safe if someone else connects with an un-updated device?
Click to expand...

1> Your step dad's android being compromised (which isn't going to happen) wouldn't break it for you.

2> Patching your router isn't the fix, patching your device is. The exploit happens when your device tries to reassociate with an AP either due to roaming, time out, association drop, etc.
 
H

Hello? This is Hailun!

Member
ty_hot said:
Just to check if I understood:

with this breach someone can come and, with the right equipment and after finding a device that is not patched (easy), pretends that he is the router, so that he can read all infor that goes through tihs network (including the 'safe' devices, patched)?
Click to expand...

Can only read your transmissions. Has to basically be in the room with you. Has to wait for your device to reassociate with an AP.
 
V

ViciousDS

Banned
Hello? This is Hailun! said:
1> Your step dad's android being compromised (which isn't going to happen) wouldn't break it for you.

2> Patching your router isn't the fix, patching your device is. The exploit happens when your device tries to reassociate with an AP either due to roaming, time out, association drop, etc.
Click to expand...

awesome.....time to patch a bunch of stuff in the next week.....this doesn't seem too bad, but I avoid public Wi-Fi's like the plague even when they have it anyways


So basically someone has to be literally right there when I'm establishing connection to the router......with my routers info.....yes, its definitely a problem but I can't see home networks unless you are in a massively rich area being effected and public wifis would be insanely easy to target
 
N

Noema

Member
ViciousDS said:
the one fucking person on my network using an android device is my step dad........damn it

Can patching the router alone and at least leave all other devices and updated units safe if someone else connects with an un-updated device?
Click to expand...

Don't worry too much about it unless you live in a crowded condo filled with wanna be hackers. And your network is unlikely to be compromised by one vulnerable device. Feasible but super unlikely.
 
H

Hello? This is Hailun!

Member
ViciousDS said:
awesome.....time to patch a bunch of stuff in the next week.....this doesn't seem too bad, but I avoid public Wi-Fi's like the plague even when they have it anyways


So basically someone has to be literally right there when I'm establishing connection to the router......with my routers info.....yes, its definitely a problem but I can't see home networks unless you are in a massively rich area being effected and public wifis would be insanely easy to target
Click to expand...

Some stuff was secretly patched over the past month, some stuff patches dropped today.




Android is a particular worry because if someone is *really* smart they could hack the actual wifi network, send deauths, force the exploit, and then sent apt-get or apt-put to android phones to install software.
 
RoadHazard

RoadHazard

Gold Member
ViciousDS said:
awesome.....time to patch a bunch of stuff in the next week.....this doesn't seem too bad, but I avoid public Wi-Fi's like the plague even when they have it anyways


So basically someone has to be literally right there when I'm establishing connection to the router......with my routers info.....yes, its definitely a problem but I can't see home networks unless you are in a massively rich area being effected and public wifis would be insanely easy to target
Click to expand...

How do you figure that? I can see like 15 Wi-Fi networks on my phone from my living room.
 
M

MikeHaggar

Member
Isn't it relatively easy to brute force someone's wifi password? Assuming it is, once you are on the network you can set up packet sniffer and catch everything. How is this worse than that scenario?
 
G

GodofWine

Member
So a black van with some Wifi antennas on the roof outside my house is an issue...

This sounds like a nightmare for hospitals and major industries, and not so much for a typical person.
 
H

Hello? This is Hailun!

Member
MikeHaggar said:
Isn't it relatively easy to brute force someone's wifi password? Assuming it is, once you are on the network you can set up packet sniffer and catch everything. How is this worse than that scenario?
Click to expand...

It's easy in that you basically setup the software to do it.

But that requires deauth, capturing the handshake, and then running decrypt on the key, which can take *years*.
 
V

ViciousDS

Banned
RoadHazard said:
How do you figure that? I can see like 15 Wi-Fi networks on my phone from my living room.
Click to expand...

I can limit the power output on my router to only work within my house if need be


Hello? This is Hailun! said:
It's easy in that you basically setup the software to do it.

But that requires deauth, capturing the handshake, and then running decrypt on the key, which can take *years*.
Click to expand...


Yes, this sounds like its more of a nightmare for hospitals, banks and major corps which will obviously be the bigger targets....if not THE targets they want data from
 
RoadHazard

RoadHazard

Gold Member
MikeHaggar said:
Isn't it relatively easy to brute force someone's wifi password? Assuming it is, once you are on the network you can set up packet sniffer and catch everything. How is this worse than that scenario?
Click to expand...

If it's a very weak password, I guess? Not if it's strong. Would take a very long time, and wouldn't be worth the effort I'd think.
 
H

Hello? This is Hailun!

Member
GodofWine said:
So a black van with some Wifi antennas on the roof outside my house is an issue...

This sounds like a nightmare for hospitals and major industries, and not so much for a typical person.
Click to expand...

1> Not really, because if you're associated with your AP and it doesn't completely dump your client when your device goes to sleep, you won't reassociate for the black van to potentially see the exploit.


2> Most important info like CC, health records, etc are often transmitted on hardwire systems anyway.
 
S

Sesha

Member
Oh wow. Crazy.

Shame my Windows laptop screen is broken and needs fixing, I don't have the money to have it fixed rn, and the only other convenient access I have is Mac devices.
 
V

ViciousDS

Banned
Hello? This is Hailun! said:
You tha real MVP.


However, in MDU and suburbs over the next 5 years or so? Yeah, my job is working to fix the "help I'm surrounded by 73 SSIDs" problem.
Click to expand...

ooooooo,

sound like fun lol


I already can see 15 networks.....only 3 are actual routers though lol


for those who want a short term solution that i think might work


Opera has a VPN built right into their browser for easy use.....maybe use that for the time being if you wish to browse and don't want to pay
 
M

McStickenstein

Member
So my old Dell tablet stuck on Android 5.0 is out of luck with an update? Dell already officially announced that they dropped support for it a while back.
 
C

CreepingFear

Member
this-is-fine.0.jpg
Click to expand...
.
 
LoveCake

LoveCake

Member
I just had an update on my Linux Mint.

WPA and WPA2 are methods for securing wireless networks, the former using IEEE 802.1X, and the latter using IEEE 802.11i. This software provides key negotiation with the WPA Authenticator, and controls association with IEEE 802.11i networks.
Click to expand...

This site seems to explain it pretty well for the non-technically minded people.
KRACK Wi-Fi attack threatens all networks: How to stay safe and what you need to know
https://www.pcworld.com/article/3233308/security/krack-wi-fi-security-flaw-faq-tips.html?
 
RoadHazard

RoadHazard

Gold Member
ViciousDS said:
ooooooo,

sound like fun lol


I already can see 15 networks.....only 3 are actual routers though lol


for those who want a short term solution that i think might work


Opera has a VPN built right into their browser for easy use.....maybe use that for the time being if you wish to browse and don't want to pay
Click to expand...

Opera is also owned by a Chinese company since some time back, so... I dunno?
 
K

Koren

Member
cpp_is_king said:
Problem is bad, but OP is going a little too far. Attacker still cannot see https encrypted data (which honestly in this day and age covers pretty much everything important
Click to expand...
Well, I discover this summer that you can't even create a website that ask login/password on non https that won't make Firefox go mad.

It was a hassle (I just wanted some documents not totally public) to get a cert just because of this (Firefox also refuse self-signed certs and some referees) but I guess that means there's not much non-https indeed.

But if they can inject packets, couldn't there be some elaborate DNS spoofing and man in the middle attacks?
 
S

shockdude

Member
Everyone's been saying that a bad guy can basically impersonate a router in the worst case.
Can a bad guy impersonate a client and access a router, and thus access the whole network? I don't think that's possible but I'd like to confirm anyway.

edit: only if you're using AES-GCMP, a Wireless-AC/WiGig feature that is probably not yet enabled in modern networking hardware. Probably.
 
B

Blizzard

Banned
I've read over this about 3 times and I'm still not sure I understand the limitations here.

1. Is this attack ONLY possible by faking router radio packets during the handshake?

2. Once the attack has been executed, since the wireless network key appears not to be revealed and they can't join the network, the hacker can still sniff the packets and possibly decrypt them if they guess some known content, even without THEMSELVES being allowed onto the network?


If both of the above are true that's bad but it seems to be that anyone should treat non HTTPS connections as insecure anyway. The possibility of this attack allowing a man in the middle attack on an HTTPS connection is more concerning to me.
 
B

BolognaSoup

Member
ViciousDS said:
awesome.....time to patch a bunch of stuff in the next week.....this doesn't seem too bad, but I avoid public Wi-Fi's like the plague even when they have it anyways


So basically someone has to be literally right there when I'm establishing connection to the router......with my routers info.....yes, its definitely a problem but I can't see home networks unless you are in a massively rich area being effected and public wifis would be insanely easy to target
Click to expand...

So Furthermore if you don’t broadcast your network ID then you would be even harder to breach?
 
B

Brandon F

Well congratulations! You got yourself caught!
2017 stays winning.

So shit what do I do now? I have exactly 137 devices that connect to WiFi seemingly...
 
M

mrkgoo

Member
I wonder if older devices will be patched, or if they will patch older operating systems without requiring updating. Speaking about Apple here, specifically, but it applies to everything.
 
You must log in or register to reply here.

Similar threads

PlayStation’s first Remote Play dedicated device, PlayStation Portal remote player, to launch later this year at $199.99
13 14 15 16 17
846
36K
mckmas8808 replied
How Nacon, The Publisher of The Sinking City, Cracked and Pirated The Game
32
5K
ManaByte replied
  • Locked
Hide yo Wifi, new wireless Android/iOS exploit allows for fatal phone hijacks
14
4K
Coreda replied
RetroArch 1.8.2 (and onwards)
2 3 4
192
39K
Teslerum replied
  • Locked
O-MG, It's time for Android O (Dev Preview)
2
73
7K
Pyrokai replied
Top Bottom