WPA2 May have been cracked, release on the actual security flaw to be released soon. - Sensationalist Headlines

[URL="https://www.gizmodo.com.au/2017/10/wi-fis-most-popular-security-method-might-be-broken/"]https://www.gizmodo.com.au/2017/10/wi-fis-most-popular-security-method-might-be-broken/[/URL] [URL="https://www.theregister.co.uk/2017/10/16/wpa2_inscure_krackattack/"]https://www.theregister.co.uk/2017/10/16/wpa2_inscure_krackattack/[/URL] As far as I am aware in the days to come there will be a full explanation on how this was done and a more in-depth expiation of the flaw. Edit: [URL="https://www.krackattacks.com/"]https://www.krackattacks.com/[/URL] A link on how it was done with a demonstration, it seems it's a flaw in the 4-Way Handshake system. Patches/Fixs: [URL="https://community.ubnt.com/t5/UniFi-Updates-Blog/FIRMWARE-3-9-3-7537-for-UAP-USW-has-been-released/ba-p/2099365"]https://community.ubnt.com/t5/UniFi-Updates-Blog/FIRMWARE-3-9-3-7537-for-UAP-USW-has-been-released/ba-p/2099365[/URL] This is a patch for Uni-Fi systems.

This is huge if true, so many routers and devices have WPA2 as the only option. I don't even know if there's anything that's attempted to replace it.

I believe you would have to be on the same router or AP to do this, which means anywhere that has public free Wi-Fi is vulnerable.

Any private WiFi router is public too.

This is bad, real bad

what are the universal implications of this anyways having access to all wifi routers, that's pretty crazy having limitless access to all routers, you pretty much will never get caught doing bad shit

[QUOTE=J!NX;52784245]what are the universal implications of this anyways having access to all wifi routers, that's pretty crazy having limitless access to all routers, you pretty much will never get caught doing bad shit[/QUOTE] "The roof, the roof, the roof is on the fire"

[quote=Gizmodo]Part of the potential flaw in WPA could be that, the researchers have previously suggested in a 2016 paper, the random number generation used to create 'group keys' -- the pre-shared encryption key shared on [B]non-enterprise[/B] WPA/WPA2 wireless networks -- isn't random enough, and can be predicted.[/quote] Good thing my cell phone carrier's Wi-Fi hotspots have WPA2-EAP (enterprise WPA2), I use that shit a lot with my laptop when outside. The access point I use at home supports it too. [quote=Gizmodo]Most home and business wireless routers currently using WPA2 should be relatively easy to upgrade to address the potential security issue, [B]but the millions of Internet of Things wireless devices already in the world will be hardest hit -- devices that are un-upgradeable, but will still need to connect to insecure networks or using soon-to-be-deprecated methods.[/B] This could get messy.[/quote] IoT strikes again. [editline]16th October 2017[/editline] Oh fuck, looked into the issue further, apparently enterprise WPA2 is affected too. :worried: We will just have to hope this shit gets fixed, and fast.

As someone majoring in information assurance, this is amazing to me

[media]https://twitter.com/FioraAeterna/status/919789188416815109[/media] Oh boy, this is gonna be fun. I hope it can be patched, which doesn't help anybody but maybe some manufacturers are quick with it. I use custom firmware on mine, the maker is usually quick with security patches.

[QUOTE=AtomicSans;52784207]This is huge if true, so many routers and devices have WPA2 as the only option. I don't even know if there's anything that's attempted to replace it.[/QUOTE] We have no replacement

RIP wifi? Guess I'll have to go back to whitelisting mac addresses.

i'll give $10 to the first person to use this to crack into a government facility's wifi

On a scale of "It's a major security breach for a lot of major organisations and such but for me to be personally hit by it would require some hackerman to show up to my house and connect to my wifi" to "Russian script kiddies own all my nudes now", how bad is it?

Better buy me some WPA3 I guess.

[QUOTE=Riller;52784291]On a scale of "It's a major security breach for a lot of major organisations and such but for me to be personally hit by it would require some hackerman to show up to my house and connect to my wifi" to "Russian script kiddies own all my nudes now", how bad is it?[/QUOTE] I would probably say somewhere towards the first because human error/laziness/underpayment means you know there's gonna be some big important place that will get hacked via WPA2 because it's so prevalent, but on an average joe/jane level it's probably not too bad unless you live next to a script kiddie. You should probably stop using it anyway. [QUOTE=Kigen;52784314]A lot of these type of hyped up vulnerabilities tend to be very difficult to actually execute in the wild. So I'd rather see the details of the exploit itself before determining its actual impact.[/QUOTE] This is true too, most decent products will have some form of extra security, but at the same time the IoS (Internet of Shit) is a thing and I doubt those wifi enabled light bulbs will be very secure.

A lot of these type of hyped up vulnerabilities tend to be very difficult to actually execute in the wild. So I'd rather see the details of the exploit itself before determining its actual impact.

If you want to know how it's done [URL="http://papers.mathyvanhoef.com/ccs2017.pdf"]here you go.[/URL] Its pretty bad.

[QUOTE=KillerLUA;52784326]If you want to know how it's done [URL="http://papers.mathyvanhoef.com/ccs2017.pdf"]here you go.[/URL] Its pretty bad.[/QUOTE] Seems it does have counter-measures that are seemingly simple to implement. The biggest issue is vendors willing / able to push updates.

[QUOTE=KillerLUA;52784326]If you want to know how it's done [URL="http://papers.mathyvanhoef.com/ccs2017.pdf"]here you go.[/URL] Its pretty bad.[/QUOTE] Seems like there are quite a few limitations to this attack. I guess the standard has the vulnerability but some clients didn't implement the vulnerable parts of the standard. [quote]In practice, some complications arise when executing the attack. First, not all Wi-Fi clients properly implement the state machine. [b]In particular, Windows and iOS do not accept retransmissions of message 3[/b] (see Table 1 column 2). This violates the 802.11 standard. [b]As a result, these implementations are not vulnerable to our key reinstallation attack against the 4-way handshake.[/b] Unfortunately, from a defenders perspective, both iOS and Windows are still vulnerable to our attack against the group key handshake (see Section 4). Additionally, because both OSes support 802.11r, it is still possible to indirectly attack them by performing a key reinstallation attack against the AP during an FT handshake (see Section 5).[/quote] Group key handshake limitations. [quote]When the AP immediately installs the group key, our key reinstallation attack is straightforward. However, if the AP installs the group key in a delayed fashion, our attack becomes more intricate. ... Again, Broadcom routers do not verify the authenticity of this message, meaning an attacker can forge it to trigger a group key update. All combined, we can assume most networks will eventually execute a group key update, which we can subsequently attack.[/quote] So there are quite a few limitations to this attack. Mainly depending on how clients and the AP implemented the standard. The vulnerability should be fixed. And appears relatively easy to fix (don't accept reinstallation of the key). The media just loves to play this up as though Wi-Fi is doomed. Example from "The Register". [quote="The Register"][b]WPA2 security in trouble as KRACK Belgian boffins tease key reinstallation bug[/b] Strap yourselves in readers, Wi-Fi may be cooked[/quote] I've come to really dislike the media.

[QUOTE=Kigen;52784411]I've come to really dislike the media.[/QUOTE] That's part what the register do lmao, they're an IT news site. They basically call everyone who does smart shit Boffins. [Editline]a[/editline] In case this post is unclear: the register is proberbly the best source of IT and security news

[QUOTE=meharryp;52784440]That's part what the register do lmao, they're an IT news site. They basically call everyone who does smart shit Boffins. [Editline]a[/editline] In case this post is unclear: the register is proberbly the best source of IT and security news[/QUOTE] I just bolded that part to differentiate it from the text under it. Since it was just keeping their formatting. My point was actually that "Wi-Fi may be cooked" bit they had the the sub-header.

[QUOTE=Teddybeer;52784442]:hypeisreal: :hypeisnotreal: Probably the best two emoticons.[/QUOTE] In second place we also have [quote]Q: Does this mean WPA2 is broken now?[/quote] :mystery: [quote]A: No.[/quote] :mysterysolved:

[QUOTE=Bradyns;52784275]RIP wifi? Guess I'll have to go back to whitelisting mac addresses.[/QUOTE] Won't work [quote]No. You can't even use MAC white-listing to prevent unauthorized devices from connecting to your access point.[/quote] [quote]Not really. As far as I can tell, the attack basically requires spoofed MACs anyway because the keys are derived in part from the MACs, so whitelisting won't get you much benefit if any at all.[/quote]

[QUOTE=Kiwi;52784262]Not a whole lot of companies like to update their old devices. Most people are running old devices supplied by their ISP. Basically at the mercy. You made a good choice those running routers that are either updated regularly or are running custom firmware like DD-WRT and Tomato. So this is really bad and you pray this get's patched out.[/QUOTE] My ISP is still giving modems with wps vulnerability without any firmware patch. Well, its time to MAC block everything.

MAC addresses are easily spoofed. You should not rely on a MAC addr filter for anything security related

if your wifi has sensitive information available to anyone using it you kinda have a security hole anyway. annoying that private wifi is no longer private, but unless I'm mistaken it shouldn't expose sensitive data to attackers if your overall setup is managed ok

Now, some WiFis can connect to other WiFis. Does this mean you could crack WPA2 from another router? Can this mean you could spread malware from router to router? :magic101:

WPA2 was already weak security. That's why you have VPNs, network security policies, etc. Nobody depends on WPA2 to keep them safe. It's easy to catch the wifi password and get in. Just force someone to resync and record their handshake and crack their wifi password. But if you have policies and VPNs then connecting to the wifi won't do you much good still. "Cracking" WPA2 just means it'll take less time to get in, but there's still all the modern hurdles of actually getting any access that a hacker would have to get through to connect. This is all from an enterprise standpoint though.

Ubiquiti just released a patch just this morning fixing this. [url]https://community.ubnt.com/t5/UniFi-Updates-Blog/FIRMWARE-3-9-3-7537-for-UAP-USW-has-been-released/ba-p/2099365[/url] Worth noting if you have Unifi devices.