Key Reinstallation Attacks

General discussions and other topics.
5 posts Page 1 of 1
by ronks » Mon Oct 16, 2017 9:45 am
First of all, best wishes to the Sonic staff and others affected by the North Bay firestorm; we lived through the 1991 event in the East Bay, so I have some idea of what you must be going through.

Second, a technical question. Recent notices about the breaking of WPA2 security via the KRACK exploit recommend ensuring that your wireless router is up to date. Ours came from Sonic when we shifted from DSL to Fusion a few years ago. I can find the model number if necessary; the logo reads "AT&T U-verse".
Have never taken steps to update the router and have no clear idea how to. Do I need to, and what is the procedure?
by sysops » Mon Oct 16, 2017 12:50 pm
I'm sure Sonic will have some sort of clarification coming sooner or later, but the things that actually need patching are WiFi clients rather than your router.

The attack is against wireless clients instead of routers themselves. So it's someone tricking your phone or laptop into re-using encryption keys and nonces. Since some wireless routers (AP's) can also act as wireless clients, those types of devices would need and update if you're using it in AP client mode, otherwise, worry about patching your Linux laptops, Android phones, and other wireless clients.

This overview seems to offer some indication that it may be impractical to exploit this against iOS and Windows clients so that could be a relief.

Also remember, the person needs to be within wireless range (a few hundred feet) of your device in order to exploit it.
Proud Sonic customer since 1999. Ask me about internet privacy, VPN, anonymity and security.
by miken » Mon Oct 16, 2017 2:35 pm
The KRACK exploit seems to use the clients (your devices) themselves for the exploit, like Sysops has said. If you are concerned about security until your devices get patched, please feel free to utilize the free Sonic VPN that comes with your service! https://wiki.sonic.net/wiki/VPN_Service
Mike N.
Development Trainer
Sonic
by ronks » Mon Oct 16, 2017 4:30 pm
Thanks for the info. If I understand correctly, the risk is not great in my case. Especially if the attacker has to be physically close enough to access the devices.
I have only two wireless devices that access the router: an iPod 6 Touch and a Windows 7 laptop. I would guess that both Apple and Microsoft are the folks who need to correct the vulnerability on those client devices, if one exists. Not me, not Sonic.
by miken » Mon Oct 16, 2017 4:46 pm
ronks wrote:If I understand correctly, the risk is not great in my case. Especially if the attacker has to be physically close enough to access the devices.
The main risk is probably going to be for large corporate or government networks, less so for individuals connecting to their home networks.
ronks wrote:I have only two wireless devices that access the router: an iPod 6 Touch and a Windows 7 laptop. I would guess that both Apple and Microsoft are the folks who need to correct the vulnerability on those client devices, if one exists. Not me, not Sonic.
From what I've read, Android is the most exploitable OS with this situation. Microsoft has reported supplied a patch already (although you may want to see if your network drivers have their own standalone patch for added security). This article dives into a good wealth of that information if you are curious: https://arstechnica.com/information-tec ... sdropping/
Mike N.
Development Trainer
Sonic
5 posts Page 1 of 1

Who is online

In total there are 25 users online :: 0 registered, 0 hidden and 25 guests (based on users active over the past 5 minutes)
Most users ever online was 999 on Mon May 10, 2021 1:02 am

Users browsing this forum: No registered users and 25 guests