Computers & Electronics

LG G Pad III Owners Thread

  • Last Updated:
  • Nov 18th, 2017 4:08 pm
Deal Guru
Jan 7, 2002
10584 posts
3375 upvotes
Waterloo, ON
txenglan wrote:
Oct 20th, 2017 6:18 pm
with the advent of Krack, I think I'll be retiring this tablet
By that logic everyone should "retire" every device and do without WiFi until a new WPA3 standard is accepted and new devices that support it come. And if you really want to be secure from hackers stay off the Internet altogether, whether wired or wireless.
veni, vidi, Visa
Deal Addict
User avatar
Nov 22, 2003
2414 posts
374 upvotes
bylo wrote:
Oct 20th, 2017 9:30 pm
By that logic everyone should "retire" every device and do without WiFi until a new WPA3 standard is accepted and new devices that support it come. And if you really want to be secure from hackers stay off the Internet altogether, whether wired or wireless.
You obviously don't understand the gravity of the situation. If you are using a device that is not going to be patched, yes you should consider doing so.
Deal Guru
Jan 7, 2002
10584 posts
3375 upvotes
Waterloo, ON
txenglan wrote:
Oct 20th, 2017 9:41 pm
If you are using a device that is not going to be patched, yes you should consider doing so.
That covers the vast majority of devices in use, i.e. most devices more than a year or two old.
veni, vidi, Visa
Deal Addict
User avatar
Nov 22, 2003
2414 posts
374 upvotes
bylo wrote:
Oct 20th, 2017 10:35 pm
That covers the vast majority of devices in use, i.e. most devices more than a year or two old.
Correct.
Deal Addict
User avatar
Jan 6, 2002
4931 posts
4870 upvotes
Toronto
txenglan wrote:
Oct 20th, 2017 9:41 pm
You obviously don't understand the gravity of the situation. If you are using a device that is not going to be patched, yes you should consider doing so.
I do understand the gravity of the situation. And I don't care.
I've got a pretty good friend who's seen me at my worst.
He don't care if I'm a blessing or a curse,
But he always shows up when the chips are down.
That's the kind of friend I like to be around.
Sr. Member
May 5, 2008
912 posts
208 upvotes
hoob wrote:
Oct 21st, 2017 12:05 am
I do understand the gravity of the situation. And I don't care.
So, realistically, what is the most serious threat that can come out of this vulnerability?
Someone can spoof ssid wifi ure connecting to, and steal your UNencripted login/password(s)?
Anythkng encrypted,like https (and hence all banking apps and even junk like facebook/instagram)
seems to be almost safe for now?

I'd say the alert level is pretty low for now (not an expert, and done only a few mins of reading, tho)?

Public wifies like in the cafes etc seem most concerning?
Deal Guru
Jan 7, 2002
10584 posts
3375 upvotes
Waterloo, ON
Tichi wrote:
Oct 21st, 2017 12:49 pm
Anythkng encrypted,like https (and hence all banking apps and even junk like facebook/instagram) seems to be almost safe for now?
Not necessarily. I'm no expert either but comments like these disconcert me: Key Reinstallation Attacks
If an attacker can do a man-in-the-middle attack, why can't they just decrypt all the data?
As mentioned in the demonstration, the attacker first obtains a man-in-the-middle (MitM) position between the victim and the real Wi-Fi network (called a channel-based MitM position). However, this MitM position does not enable the attacker to decrypt packets! This position only allows the attacker to reliably delay, block, or replay encrypted packets. So at this point in the attack, they cannot yet decrypt packets. Instead, the ability to reliably delay and block packets is used to execute a key reinstallation attack. After performing a key reinstallation attack, packets can be decrypted.
That said, until we start seeing successful attacks in the wild, rather than just in the lab, it would seem to me that we're safe. And even if/when attacks become widespread, I'd expect hackers to first target business and public WiFi areas before they start looking at residential areas. (If someone came up with a way to defeat standard door locks I'd expect potential thieves to target high-payoff doors before they go after random homes...) So in some ways the wider the exposure the lower likelihood that a particular individual will become a victim.
veni, vidi, Visa
Deal Addict
Mar 7, 2011
2653 posts
773 upvotes
Vancouver
bylo wrote:
Oct 21st, 2017 1:51 pm
That said, until we start seeing successful attacks in the wild, rather than just in the lab, it would seem to me that we're safe. And even if/when attacks become widespread, I'd expect hackers to first target business and public WiFi areas before they start looking at residential areas.
+1
And in order to do that they have to physically be present in that area. So yeah, expect lots of hackers with their laptops camping at/near your local Starbucks to steal your OkCupid (not possible, btw, since it uses https) password ...
/sarcasm :)
Deal Addict
Sep 23, 2013
4185 posts
473 upvotes
NORTH YORK
charlesd79 wrote:
Oct 21st, 2017 6:47 pm
+1
And in order to do that they have to physically be present in that area. So yeah, expect lots of hackers with their laptops camping at/near your local Starbucks to steal your OkCupid (not possible, btw, since it uses https) password ...
/sarcasm :)
I use my Fido tablet SIM
Daniel

Fido $15 3Gb plan
free TextmeUp SMS/MMS/incoming call
Deal Addict
Mar 7, 2011
2653 posts
773 upvotes
Vancouver
danieltoronto wrote:
Oct 21st, 2017 10:12 pm
I use my Fido tablet SIM
Yeah, I almost forgot one can ditch Wi-Fi completely and use it with a data plan.
Deal Addict
Mar 7, 2011
2653 posts
773 upvotes
Vancouver
Keep in mind two big caveats:
-The attacker must be local and proactive. Carrying out this attack requires having an active antenna in range of the targeted wireless network and requires broadcasting many packets and intercepting or delaying others. This is all doable, but does not easily scale.
-Important traffic should already be protected with HTTPS. As discussed above, there are already many potential attackers that WPA provides no security against. At worst, KRACK adds an additional one to the list, but with no more power than you ISP or any router on the Internet backbone already has (and those are much more scalable places to conduct surveillance or other mischief). We already have protocols to defend against these attackers, and thanks to the success of projects like EFF’s Encrypt The Web initiative more than half of all Internet traffic is already protected by HTTPS.
https://www.eff.org/deeplinks/2017/10/k ... -need-know

But hey, whoever wants to get rid of this tablet or any other similar devices for $10, feel free to PM me :)
Deal Addict
Sep 23, 2013
4185 posts
473 upvotes
NORTH YORK
charlesd79 wrote:
Oct 22nd, 2017 12:08 am
Yeah, I almost forgot one can ditch Wi-Fi completely and use it with a data plan.
A lot of pad iii owners got free tablet from Fido. If we use the SIM and got virus, I sue Rogers.
I was so dumb that I paid upfront as I hate contract ($15 a month for 3 Gb ). Now I kick myself
Daniel

Fido $15 3Gb plan
free TextmeUp SMS/MMS/incoming call
Deal Guru
Jan 7, 2002
10584 posts
3375 upvotes
Waterloo, ON
danieltoronto wrote:
Oct 22nd, 2017 7:39 am
A lot of pad iii owners got free tablet from Fido. If we use the SIM and got virus, I sue Rogers.
Good luck with that. Robbers/Fido aren't responsible for how your phone gets used, hacked, infected, etc.

And it makes zero difference if you got the phone for free or paid $240 for it.
veni, vidi, Visa
Deal Addict
Sep 23, 2013
4185 posts
473 upvotes
NORTH YORK
bylo wrote:
Oct 22nd, 2017 8:48 am
Good luck with that. Robbers/Fido aren't responsible for how your phone gets used, hacked, infected, etc.

And it makes zero difference if you got the phone for free or paid $240 for it.
I said if I got virus through the use of the tablet SIM and Rogers servers, I would be suing Rogers.
That is not the case of using public wifi
Daniel

Fido $15 3Gb plan
free TextmeUp SMS/MMS/incoming call
Deal Guru
Jan 7, 2002
10584 posts
3375 upvotes
Waterloo, ON
danieltoronto wrote:
Oct 22nd, 2017 8:54 am
I said if I got virus through the use of the tablet SIM and Rogers servers, I would be suing Rogers.
That's not what you actually said even though it may be what you actually meant.

In any case it doesn't matter. Millions of devices get infected every year as a result of traffic that passes on their ISPs' servers. If it was possible to prove these infections happen due to negligence on the part of those ISPs then there would be countless success lawsuits and class actions. But there aren't. That says a lot about the chances of success on this front.

BTW you seem to be talking about responsibility for propagating viruses. The KRACK exploit isn't so much about viruses as it is about bypassing WPA2 WiFi security and encryption.
veni, vidi, Visa

Top