• Krack Attack


    Hello

    Is it known if Antergos (Arch) is affected by this: https://www.krackattacks.com/

    If yes does anyone know when it will be patched?

    Cheers

  • I’m not sure if it addressed the problem you’re referring to, but we did receive several network and geoip updates the past week.

    Thinkpad E570 Intel core i5 (Kaby lake)
    8 GB RAM
    256 GB SSD + 1 TB HDD
    Intel HD Graphics

  • @amilopowers said in Krack Attack:

    Arch

    here are some simple ways on how to stay safe from KRACK:

    • Update the firmware of your router immediately
    • Use Ethernet instead of Wi-Fi
    • Use cellular data instead of Wi-Fi on cellphones
      Sadly, not everyone can afford the continuous use of cellular data, and using an Ethernet cable is just not viable since it takes away the mobility we have all grown accustomed to.

    So, when it comes to a complete solution for KRACK Wi-FI protection, the best tool to trust is a VPN, especially PureVPN since they offer:

    • Unbreakable WiFi security
    • Military-grade encryption
    • Antivirus and anti-malware
    • Content filter
    • Internet Kill Switch
      And much more for KRACK Wi-Fi protection
  • Attached is the list of companies and details of whether they released the patch or not https://www.purevpn.com/blog/krack-wifi-security-fixes/

  • ASA-201710-22 generated external raw
    
    [ASA-201710-22] wpa_supplicant: man-in-the-middle
    Arch Linux Security Advisory ASA-201710-22
    ==========================================
    
    Severity: High
    Date    : 2017-10-16
    CVE-ID  : CVE-2017-13077 CVE-2017-13078 CVE-2017-13079 CVE-2017-13080
              CVE-2017-13081 CVE-2017-13082 CVE-2017-13087 CVE-2017-13088
    Package : wpa_supplicant
    Type    : man-in-the-middle
    Remote  : Yes
    Link    : https://security.archlinux.org/AVG-447
    
    Summary
    =======
    
    The package wpa_supplicant before version 1:2.6-11 is vulnerable to
    man-in-the-middle.
    
    Resolution
    ==========
    
    Upgrade to 1:2.6-11.
    
    # pacman -Syu "wpa_supplicant>=1:2.6-11"
    
    The problems have been fixed upstream but no release is available yet.
    
    Workaround
    ==========
    
    None.
    
    Description
    ===========
    
    - CVE-2017-13077 (man-in-the-middle)
    
    A vulnerability has been discovered that allows reinstallation of the
    pairwise encryption key (PTK-TK) in the 4-way handshake.
    
    - CVE-2017-13078 (man-in-the-middle)
    
    A vulnerability has been discovered that allows reinstallation of the
    group key (GTK) in the 4-way handshake.
    
    - CVE-2017-13079 (man-in-the-middle)
    
    A vulnerability has been discovered that allows reinstallation of the
    integrity group key (IGTK) in the 4-way handshake.
    
    - CVE-2017-13080 (man-in-the-middle)
    
    A vulnerability has been discovered that allows reinstallation of the
    group key (GTK) in the group key handshake.
    
    - CVE-2017-13081 (man-in-the-middle)
    
    A vulnerability has been discovered that allows reinstallation of the
    integrity group key (IGTK) in the group key handshake.
    
    - CVE-2017-13082 (man-in-the-middle)
    
    A vulnerability has been discovered that allows accepting a
    retransmitted FT Reassociation Request and reinstalling the pairwise
    key (PTK) while processing it.
    
    - CVE-2017-13087 (man-in-the-middle)
    
    A vulnerability has been discovered that allows reinstallation of the
    group key (GTK) when processing a Wireless Network Management (WNM)
    Sleep Mode Response frame.
    
    - CVE-2017-13088 (man-in-the-middle)
    
    A vulnerability has been discovered that allows reinstallation of the
    integrity group key (IGTK) when processing a Wireless Network
    Management (WNM) Sleep Mode Response frame.
    
    Impact
    ======
    
    A remote attacker within physical proximity to the target WiFi network
    is able to decrypt all data that the victim transmits, inject arbitrary
    packets to hijack TCP connection or replay unicast and group-addressed
    frames.
    
    References
    ==========
    
    

    https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt
    https://papers.mathyvanhoef.com/ ccs2017.pdf
    https://www.kb.cert.org/vuls/id/228519
    https://www.krackattacks.com/
    https://w1.fi/cgit/hostap/commit/?id=53bb18cc8b7a4da72e47e4b3752d0d2135cffb23
    https://w1.fi/cgit/hostap/commit/?id=0adc9b28b39d414d5febfff752f6a1576f785c85
    https://w1.fi/cgit/hostap/commit/?id=cb5132bb35698cc0c743e34fe0e845dfc4c3e410
    https://w1.fi/cgit/hostap/commit/ ? id = 0e3bd7ac684a2289aa613347e2f3ad54ad6a9449
    https://w1.fi/cgit/hostap/commit/?id=e760851176c77ae6de19821bb1d5bf3ae2cb5187
    https://w1.fi/cgit/hostap/commit/?id=2a9c5217b18be9462a5329626e2f95cc7dd8d4f1
    https://w1.fi/cgit/ hostap / commit /? id = 87e2db16bafcbc60b8d0016175814a73c1e8ed45
    https://security.archlinux.org/CVE-2017-13077
    https://security.archlinux.org/CVE-2017-13078
    https://security.archlinux.org/CVE- 2017-13079
    https://security.archlinux.org/CVE-2017-13080
    https://security.archlinux.org/CVE-2017-13081
    https://security.archlinux.org/CVE-2017-13082
    https://security.archlinux.org/CVE-2017-13087
    https://security.archlinux.org/CVE-2017-13088

  • @judd only for linux users ?

  • @Dooremone said in Krack Attack:

    @judd only for linux users ?

    Of course, this has already been solved several days ago in the security audit of Arch

    If you mean Windows or Mac do not know

  • @Dooremone said in Krack Attack:

    Sadly, not everyone can afford the continuous use of cellular data, and using an Ethernet cable is just not viable since it takes away the mobility we have all grown accustomed to.

    It’s however interesting that this is just another example of the message that has been repeatedly sent for a little over a decade that new technologies cannot just be built on top of 40 year old protocols and expect to “just work”. Never before in our 60 year old history of inter-connectivity have we been so exposed. It’s dramatic and it is also having an impact on much more than our individual lives. It’s affecting entire governments and international politics and relationships. And the terrible danger that represents in a world where one half hates the other half.

    So, the advise is REALLY to stop caring so much for one’s mobility, aka convenience. We must really start lowering our expectations of what we want the internet to do for us and not be so damn sold to it. It’s a simple fact, illustrated by the ever increasing number of incidents (and increasing gravity of each), that the internet technology is simply not prepared for the many of the things we are trying to do with it.

    I need to learn to live with the idea that I really don’t need to be connected to the internet when I’m commuting between home and the work. That if I am taking a vacation, I don’t need to make a post on the facebook every time I go to the loo. And certainly I should train myself to become more a spectator and less of an actor on the internet.

    I’m a technologist, make no mistake! A modernist in many respects, and a man of science down to the very marrow of my DNA. I am not advocating going back to the past, nor stopping the development of internet technology. But on the other hand, never before have I witnessed technology being so misused and so childishly applied and, what’s worse, not for the sake of a genuine human need, but as a means to fabricate new needs. Mobility and Convenience, being vague and meaningless words that are nonetheless taking a mantle of importance in our lives that no one in their right mind can justify.

    So yes! Cable internet, cellular phones, more email and less cloud, more desktops and less tablets, this and more (much more) is not an iHermit way of living. It’s instead becoming a necessity and a more prudent way of exposing ourselves and our families to the technological windstorm of the internet. And a clear message to the technologists that we want better, not worse technology. That’s the true definition of technological development.

  • @Krugar said in Krack Attack:

    I need to learn to live with the idea that I really don’t need to be connected to the internet when I’m commuting between home and the work. That if I am taking a vacation, I don’t need to make a post on the facebook every time I go to the loo. And certainly I should train myself to become more a spectator and less of an actor on the internet.

    Absolutely agree, comfort does not give tranquility, it is incredible that a washing machine can be handled from a smartphone and that sooner or later get into your internet line and goodbye, find out absolutely everything, but hey, that’s how, every day we are more public, unfortunately, although we can take precautions each one of us, this runs on our own. only and also also to warn the family and especially if there guys there to penetrate them in the use of the internet. this topic gives a lot, but I think the reelevante is said.-
    Sorry for my english translated by google translate :(

  • @Dooremone I know that Apple already patched it in Sierra and High Sierra, I’m not sure about Windows.

    Thinkpad E570 Intel core i5 (Kaby lake)
    8 GB RAM
    256 GB SSD + 1 TB HDD
    Intel HD Graphics

  • @Bryanpwo said in Krack Attack:

    @Dooremone I know that Apple already patched it in Sierra and High Sierra, I’m not sure about Windows.

    I must warn however that Mac, Linux and Windows patches only protect the operating system stack. Wi-Fi Devices will still be vulnerable until their drivers (or firmware, depending on the hardware device) are updated. So do not use public hotspots for a while, even if you are patched.

    Keep an eye also on your router at home. Your ISP (if it is a rental), or the manufacturer, should be issuing an update soon. If they don’t it is time to get angry.

    And until then disable any standby features on your router, if they exist. Do not allow the router to enter standby mode until it is patched, because it will try to offload data to to your system and that data handshake will be vulnerable to this type of attack. (The router can be powered off, of course. It’s only standby mode that is vulnerable)

  • @Bryanpwo
    As far as I know, Microsoft was the first to patch this WPA2 problem. Good to know that Apple has patched it, too.
    By the way, do you know if Apple has patched iOS, too? I mean, the public version, not the beta?

  • @manuel iOs is also patched, but only 10 and 11, still the advice that @Krugar gives still applies. (btw Apple routers aren’t vulnerable for a Krack attack at this moment, in case you own one.)

    Thinkpad E570 Intel core i5 (Kaby lake)
    8 GB RAM
    256 GB SSD + 1 TB HDD
    Intel HD Graphics

  • @Bryanpwo Thanks for the info. Interesting to know that also Apple routers are patched, however I don’t have one.

  • It has to do with their specific way of encoding things, normally it’s a curse, but in this case it’s useful.

    Thinkpad E570 Intel core i5 (Kaby lake)
    8 GB RAM
    256 GB SSD + 1 TB HDD
    Intel HD Graphics

krack1 attack1 Posts 16Views 411
Log in to reply