• Last Updated:
  • Nov 11th, 2017 8:05 pm
Tags:
None
Deal Fanatic
User avatar
Jan 27, 2004
8289 posts
763 upvotes
is there any article or does anyone know how to use the KRACK to check wanna test
2007 - Ipod Video (TD), Ipod Shuffle (GM)
2006 - Ipod Nano (TD)
2005 - Ipod Shuffle (TD)
Deal Guru
User avatar
Mar 25, 2003
11094 posts
1420 upvotes
Markham
I guess people with older Routers won't get a fix for this either
80TB Mediasonic H82-SU3S2 / 60TB Raid 50 on Mediasonic H8R2-SU3S2
40TB Node 304 / i5-3570 / Server 2016 Essentials
11TB HP Mediasmart EX 495 (E8400, 3.0GHZ, 4GB Mushkin), with Server 2012 Essentials
16TB Qnap TS-459 Pro / 6TB HP Mediasmart EX 485
Deal Fanatic
User avatar
Oct 25, 2003
9019 posts
195 upvotes
Dave98 wrote:
Oct 17th, 2017 10:03 am
Don't assume only patching your access point or router will protect you. Patching APs is for fixing client modes. This is a client side attack. Each vulnerable device needs to be patched.
So do we also assume Windows patch isn't enough and should install the Intel drivers too?

https://security-center.intel.com/advis ... geid=en-fr
it's me ramin.
Deal Addict
User avatar
Mar 31, 2017
1446 posts
432 upvotes
Keigotw wrote:
Oct 17th, 2017 11:17 am
I guess people with older Routers won't get a fix for this either
WPS wasn't a mandatory fix for older routers even though it was severe.
Deal Addict
User avatar
Oct 9, 2010
1655 posts
327 upvotes
Windsor
PuddinTame wrote:
Oct 16th, 2017 2:45 pm
Does the windows patch even matter? The impression I get is that this is mostly a router issue.
The problem is probably a combination of both sides dealing with something in an insecure way. If you patch the OS, it will then be ready to communicate securely with a patched AP. I expect anything connecting that isn't patched will create the issue, which sucks for public-ish APs if true; I can never secure my corp. wifi unless I can somehow deny access to unsecured clients.
One who is offended by truth, has no place among those who seek wisdom.
Deal Addict
Feb 29, 2012
2662 posts
1389 upvotes
Richmond
And overlooked amid the fuss over the KRAKEN WPA2 vulnerability, another security screwup: https://www.theregister.co.uk/2017/10/1 ... eon_chips/

Infineon TPMs (Trusted Platform Modules), used to generate secure hardware encryption keys for things like portable disk drives, smartcards, PCs and Chromebooks etc., turn out to have a flaw that makes them generate weak crackable keys. The vulnerable TPM chips make up about 1/3 of all the TPMs used worldwide. It still costs enough computing time to crack a weak key that it would be impractical to launch a broad-scale attack, but very feasible to crack an individual encrypted device.
Member
Apr 12, 2008
475 posts
10 upvotes
orbitdesign wrote:
Oct 17th, 2017 9:02 am
Has/will Fido push out an update for this? I'm hoping so but I couldn't find any info on their website.
Same boat for me. Will Fido guide to us to patch the firmware, or is the onus on us to download and install it ourselves?
Sr. Member
Aug 29, 2007
621 posts
158 upvotes
fancypantsfloyd wrote:
Oct 18th, 2017 7:44 am
Same boat for me. Will Fido guide to us to patch the firmware, or is the onus on us to download and install it ourselves?
I'd assume they'd post about it on their support website, but I don't really see them pushing a firmware out... Not sure where to get one, otherwise.
Deal Addict
Feb 29, 2012
2662 posts
1389 upvotes
Richmond
Netgear posted the following page announcing which of their products need a patch: https://kb.netgear.com/000049498/Securi ... -2017-2837

Only a few of those products have been patched so far. Unfortunately they fail to list many other recent products, leaving it vague as to whether those products don't need patching (unlikely), or Netgear is abandoning security for those products (likely).

They are taking the same line that many router manufacturers have taken, that this is primarily a client-side problem. Unfortunately that ignores that fact that the vast majority of clients running Android and embedded Linux cannot be patched on the client side.
Newbie
Jul 16, 2008
88 posts
5 upvotes
ON
Anyone hear anything about Asus router? I have the AC-68u. Checked their latest firmware is dated a few months back.

Will Merlin going to release patch sooner than Asus?
Deal Fanatic
User avatar
Nov 21, 2002
7033 posts
943 upvotes
Winnipeg
what about the bud redlight!!! uh oh
Deal Fanatic
Mar 6, 2005
5321 posts
574 upvotes
Dave98 wrote:
Oct 17th, 2017 7:17 pm
I would think the Windows update would be enough but I guess updating the driver shouldn't hurt.
Yes, it's just if you don't have windows updated then the driver will help. Both would be good measure but as long as one of them is patched you should be ok.
ChubChub wrote:
Oct 17th, 2017 8:37 pm
The problem is probably a combination of both sides dealing with something in an insecure way. If you patch the OS, it will then be ready to communicate securely with a patched AP. I expect anything connecting that isn't patched will create the issue, which sucks for public-ish APs if true; I can never secure my corp. wifi unless I can somehow deny access to unsecured clients.
As long as one side is patched you should be ok, it's a fault in the WiFi protocol. As long as one side is patched it will no longer allow that command/bypass to happen since there won't be a handshake on both ends. Client patch is important because you can't reliably assume all APs will be patched.

Top