WPA2 hacked


Trouble

Noob Whisperer
Moderator
Joined
Nov 19, 2013
Messages
11,964
Reaction score
1,895

Bif

Joined
Oct 17, 2015
Messages
1,161
Reaction score
438
De-Lovely!....
The "unbreakable" becomes broken..it was only a matter of time.
 
Ad

Advertisements

Trouble

Noob Whisperer
Moderator
Joined
Nov 19, 2013
Messages
11,964
Reaction score
1,895
Some additional information if anyone is interested.
https://www.krackattacks.com/

Currently watching the forums for my TP-Link router to see if any firmware / patches are coming soon or at all.
 
  • Like
Reactions: Bif

Bif

Joined
Oct 17, 2015
Messages
1,161
Reaction score
438
Thanks for the heads up Trouble!.. will be contacting my ISP to see what they plan to do (or if they even know about it!)..as our modem/router is theirs.
Never a dull moment..
 
Joined
May 6, 2015
Messages
2,367
Reaction score
364
All our main machines are on Ethernet. Just the tablets, phones and Roku devices on WiFi and we do not do financial transactions on any of them.
 

Trouble

Noob Whisperer
Moderator
Joined
Nov 19, 2013
Messages
11,964
Reaction score
1,895
will be contacting my ISP to see what they plan to do (or if they even know about it!)..as our modem/router is theirs.
I'm kind of in the same boat, although I don't actually use my ISP's provided wifi and instead have placed my own wireless router in the down-stream schema, which is in-turn wired to my ISP device.
Locally, I use Comcast which generally relies on a company called ARRIS to supply their hardware and as such it will probably be up to ARRIS to patch the vulnerability

Something that might be of particular concern is, in my area......
Comcast / xFinity is a big cable network ISP and all of their devices are used in a giant web-like mesh to create a huge hotspot type feature for their customers.
So technically (and I never do), I can (with my xFinity account) use any of their other customer's "hotspot" to connect wirelessly to the internet through that feature.
That doesn't expose any customer's local network as it is completely separate and independent but could certainly be a means of propagating the exploit.

What is even more interesting is......
The exploit was discovered in July, CERN issued their report in August and we're finding out about it today.
 

Trouble

Noob Whisperer
Moderator
Joined
Nov 19, 2013
Messages
11,964
Reaction score
1,895
Just the tablets, phones and Roku devices on WiFi
That's my primary concern right now, with my visiting children and grand children and their phones.
I think I might have to insist that they use their data plans for a while instead of my wireless.
That won't be a problem with mine as we have an unlimited LTE plan which often seems as fast or faster than my wireless.
 
Joined
May 6, 2015
Messages
2,367
Reaction score
364
I also use my own router. Which is a couple of years old, has been superseded by the manufacturer so it wont get patched. As I understand this problem it needs a MITM attack on the data actually over wireless.
Sooooooo living in a solid brick house with a big yard I wonder if moving everything to the 5Ghz band would leave no signal outside the premises. The phones, tablets and Roku can all do 5Ghz.
 
Joined
Feb 22, 2014
Messages
1,291
Reaction score
245
Unless you are a high profile target, you likely have nothing to worry about anyway.
 

Trouble

Noob Whisperer
Moderator
Joined
Nov 19, 2013
Messages
11,964
Reaction score
1,895
I suppose there is still plenty to understand (at least for me) as to how this impacts how I go about my day to day.
Portable devices are just that..... portable and can be used outside my network. Can they then bring that exploit back into my network as a client carrier.
Also many portable devices, phones and tablets are almost always configured for something called "in-app" purchases so I don't know what financial information may be exposed if you've previously made an "in-app" purchase, and some of those apps if you look at their specs, want to interact with a lot of your other configured features.
 
Ad

Advertisements

Joined
Feb 18, 2016
Messages
2,826
Reaction score
622
I believe It's a big concern for the little guys. I doubt that high profile users use WPA2 to do business transactions.

Trouble Thanks! I have just contacted (email) Bell Canada Internet Security Support and asked how they intend to protect customers. I'll the forum updated.
 

Bif

Joined
Oct 17, 2015
Messages
1,161
Reaction score
438
I just got off the blower with Shaw, and much to my surprise (not) they knew NOTHING about it, but after giving them the URL that Trouble provided were very thankful.(shake my head)
Not holding my breath for a speedy patch or response but the ball's in their court now.
 
Joined
Feb 18, 2016
Messages
2,826
Reaction score
622
To me It's all mind boggling. These hackers are always one step ahead, they are the horse on the merry-go-round that no one can ever catch up to.
 
Joined
Apr 22, 2017
Messages
2,519
Reaction score
280
From the way I see it, a hacker must be within (guessing) 50 - 60 metres to hack you via WPA2, chances are they are sitting right under my window to hack me with my luck!. :D:D:D

Thanks for the heads-up @Trouble :):):)
 
Joined
Feb 18, 2016
Messages
2,826
Reaction score
622
My ISP is was aware of the problem and their techs are working with other ISP software security teams and are collaboratively currently working on a patch. They said that WPA2 was the most secure but that is no longer true. I seldom use my WiFi, but as Trouble mentioned the kids do when they come to visit.
 

Bif

Joined
Oct 17, 2015
Messages
1,161
Reaction score
438
To me It's all mind boggling. These hackers are always one step ahead, they are the horse on the merry-go-round that no one can ever catch up to.
I concur!... remember the good old days when the most pressing technical issue was over cooking the potato in the microwave?!..
How I long for those days again!;)
 
Joined
Feb 18, 2016
Messages
2,826
Reaction score
622
Bif With all the new appliance Bluetooth technology, you may find your neighbor dipping his bread in your gravy. LOL
 
Ad

Advertisements

Ad

Advertisements


Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top