On 17/10/2017 00:49, Celejar wrote:
On Mon, 16 Oct 2017 21:27:30 +0530 "tv.debian@googlemail.com" <tv.debian@googlemail.com> wrote:On 16/10/2017 21:12, Curt wrote:https://www.krackattacks.com/ Our attack is especially catastrophic against version 2.4 and above of wpa_supplicant, a Wi-Fi client commonly used on Linux. Here, the client will install an all-zero encryption key instead of reinstalling the real key. Uh-oh.It was addressed in Debian by DSA-3999-1 I think, but will probably linger for a long time on routers, phones, appliances and IoT all over the world. After Bluetooth a few weeks ago, now wpa2 wifi, most of the wireless consumer electronic have it's base covered and ripe for cracking...It's crucial to understand that there's a huge difference in severity between BlueBorne and and KRACK: the former "allows attackers to take control of devices", and "does not require the targeted device to be paired to the attacker’s device, or even to be set on discoverable mode" (!) [https://www.armis.com/blueborne/], whereas the latter 'simply' breaks WPA2, and can't really hurt you insofar as you're using secure higher level protocols (ssh, SSL/TSL, HTTPS). I don't mean to say that KRACK isn't nevertheless a huge problem, but it doesn't seem to be nearly as serious as BlueBorne, and it isn't going to be catastrophic to anyone not treating WiFi as a really secure protocol. E.g., on my home network, I do use WPA, but I still require SSH and so on for internal communication between my local hosts. Celejar
Agreed, my post was just a quick reaction to an 'OT' labeled thread, not a lecture on the respective merits of those vulnerabilities, or an attempt to spread F.U.D.. Sorry if it came out this way (not a native speaker).
That being said, for a lot of the common use cases having an attacker sit on the assumed-to-be secured wifi and able to intercept traffic for days, weeks, months maybe since the patching will be as usual "patchy", is bad enough. It is not the same as the "bombing the dhcp server and throwing everyone off the wifi" prank. From the paper:
"We show that an attacker can force these nonce resets by collecting and replaying retransmissions of message 3. By forcing nonce reuse in this manner, the data-confidentiality protocol can be attacked, e.g., packets can be replayed, decrypted, and/or forged. The same technique is used to attack the group key, PeerKey, and fast BSS transition handshake. When the 4-way or fast BSS transition handshake is attacked, the precise impact depends on the data-confidentiality protocol being used. If CCMP is used, arbitrary packets can be decrypted. In turn, this can be used to decrypt TCP SYN packets, and hijack TCP connections. For example, an adversary can inject malicious content into unencrypted HTTP connections. If TKIP or GCMP is used, an adversary can both decrypt and inject arbitrary packets."So using https or better for communications on the local network is a good idea, but is it the norm? Many router firmwares or built-in webservers from cameras to printers default to http, sometime don't even offer https as an option.
This isn't as bad as blueborne but it is nonetheless another of the most widely used wireless standard being broken in a short time.
It's patched in most distributions, and in router firmwares like LEDE already, was patched in some BSD even before publication, but how long before we see a patches for all affected devices?
By the way, since we are security OT'ing, check your RSA keys if you used Infineon products to generate it.[1]
[1] https://lwn.net/Articles/736520/rss