This KRACK Hack Kills Your Wi-Fi Privacy

Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Generic Questions
Author Message
mwchang
DD-WRT Guru


Joined: 26 Mar 2013
Posts: 573
Location: Hung Hom, Hong Kong

PostPosted: Tue Oct 17, 2017 14:39    Post subject: This KRACK Hack Kills Your Wi-Fi Privacy Reply with quote
Full story: https://www.forbes.com/sites/thomasbrewster/2017/10/16/krack-attack-breaks-wifi-encryption/#7d4501442ba9

It's time to get patching again. Another widespread vulnerability affecting practically everyone and everything that uses Wi-Fi was revealed on Monday, allowing hackers to decrypt and potentially look at everything people are doing online.

Researcher Mathy Vanhoef, from Belgian university KU Leuven, released information on his hack, dubbing it KRACK, for Key Reinstallation Attack. Vanhoef's description of the bug on his KRACK website is startling: "This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on. The attack works against all modern protected Wi-Fi networks. Depending on the network configuration, it is also possible to inject and manipulate data. For example, an attacker might be able to inject ransomware or other malware into websites."

What's behind the vulnerability? It affects a core encryption protocol, Wi-Fi Protected Access 2 (WPA2), relied on by most Wi-Fi users to keep their web use hidden and secret from others. More specifically, the KRACK attack sees a hacker trick a victim into reinstalling an already-in-use key. Every key should be unique and not re-usable, but a flaw in WPA2 means a hacker can tweak and replay the "handshakes" carried out between Wi-Fi routers and devices connecting to them; during those handshakes, encryption keys made up of algorithmically-generated, one-time-use random numbers are created. It turns out that in WPA2, it's possible for an attacker to manipulate the handshakes so that the keys can be reused and messages silently intercepted.

The researchers, who said the attack was particularly severe for Android and Linux users, showed how devastating an attack could be in the demonstration video below:

https://youtu.be/Oh4WURZoR98

... more ....

For those users whose routers, PCs and smartphones don't yet have updates, there are some measures they can take to protect their online privacy. A Virtual Private Network (VPN) software could protect them, as it will encrypt all traffic. Only using HTTPS encrypted websites should also benefit the user, though there are exploits that can remove those protections. Changing the Wi-Fi password won't prevent attacks, but it's advisable once the router has been updated.

Vanhoef is promising more too. Though he admitted some of the KRACK attacks would be difficult to carry out, he's to release more information on how to make them significantly easier to execute, especially for Apple's macOS and the OpenBSD operating system.

_________________
Router: Asus RT-N18U (rev. A1)

May the Force and farces be with you! Live long and proper!

Facebook: https://www.facebook.com/changmanwai
Website: https://sites.google.com/site/changmw
SETI@Home profile: http://setiathome.berkeley.edu/view_profile.php?userid=211832
Sponsor
Satras
DD-WRT User


Joined: 11 Jun 2007
Posts: 52

PostPosted: Tue Oct 17, 2017 17:55    Post subject: Reply with quote
So, where are we going with this ?

Will there be an update for all Models ?
nsafootpt
DD-WRT Novice


Joined: 17 Oct 2017
Posts: 1

PostPosted: Tue Oct 17, 2017 20:22    Post subject: Reply with quote
here they fixed the vulns:
https://forum.lede-project.org/t/critical-wifi-vulnerability-found-krack/7450/4
JNehru
DD-WRT Novice


Joined: 31 Aug 2018
Posts: 8

PostPosted: Mon Sep 03, 2018 12:49    Post subject: Reply with quote
I used Ivacy vpn and Kaspersky. I remained untouched and unaffected in the attack.
bepseventeen
DD-WRT Novice


Joined: 09 Dec 2018
Posts: 1

PostPosted: Tue Dec 11, 2018 19:48    Post subject: Reply with quote
Some belated follow-up because this thread doesn't say anything about DD-WRT's fixes. Keep in mind these fixes happened over a year ago.

DD-WRT ticket #6005 comment 11 wrote:
​KRACK fixes for Broadcom were completed in ​33678, including k26 (33655) & k24 (33656), but build 33679 is missing many files. Thus, use 33772 (or newer).


As for other chipsets besides Broadcom, the build above already includes fixes for "most devices" (i.e. non-proprietary drivers), Mediatek, QCA/Atheros, and Marvell based chipsets (source 1, source 2). I don't know when any chipsets besides those ones were fixed.

Remember, your clients also need to be patched against the KRACK vulnerability (clients = your PCs and smartphones and stuff).
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Generic Questions All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum