Stories
Slash Boxes
Comments

SoylentNews is people

posted by Fnord666 on Friday February 28 2020, @04:48AM   Printer-friendly
from the "encrypted" dept.

https://arstechnica.com/information-technology/2020/02/flaw-in-billions-of-wi-fi-devices-left-communications-open-to-eavesdroppng/

Billions of devices—many of them already patched—are affected by a Wi-Fi vulnerability that allows nearby attackers to decrypt sensitive data sent over the air, researchers said on Wednesday at the RSA security conference.

[...]Eset researchers wrote in a research paper published on Wednesday. "The attack surface is greatly increased, since an adversary can decrypt data that was transmitted by a vulnerable access point to a specific client (which may or may not be vulnerable itself)."

[...]Kr00k exploits a weakness that occurs when wireless devices disassociate from a wireless access point. If either the end-user device or the access point is vulnerable, it will put any unsent data frames into a transmit buffer and then send them over the air. Rather than encrypt this data with the session key negotiated earlier and used during the normal connection, vulnerable devices use a key consisting of all zeros, a move that makes decryption trivial.

[...]Eset researchers determined that a variety of devices are vulnerable, including:

  • Amazon Echo 2nd gen
  • Amazon Kindle 8th gen
  • Apple iPad mini 2
  • Apple iPhone 6, 6S, 8, XR
  • Apple MacBook Air Retina 13-inch 2018
  • Google Nexus 5
  • Google Nexus 6
  • Google Nexus 6S
  • Raspberry Pi 3
  • Samsung Galaxy S4 GT-I9505
  • Samsung Galaxy S8
  • Xiaomi Redmi 3S

The researchers also found that the following wireless routers are vulnerable:

  • Asus RT-N12
  • Huawei B612S-25d
  • Huawei EchoLife HG8245H
  • Huawei E5577Cs-321

An Apple spokesman said the vulnerabilities were patched last October with details for macOS here and for iOS and iPadOS here.

[...]While the vulnerability is interesting and users should make sure their devices are patched quickly—if they aren't already—there are a few things that minimize the real-world threat posed.

[...]Despite the limited threat posed, readers should ensure their devices have received updates issued by the manufacturers. This advice is most important for users of vulnerable Wi-Fi routers, since routers are often hard to patch and because vulnerable routers leave communications open to interception even when client devices are unaffected or are already patched.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: -1, Troll) by Anonymous Coward on Friday February 28 2020, @08:09AM (5 children)

    by Anonymous Coward on Friday February 28 2020, @08:09AM (#964024)

    Really? ... I wonder what,... exactly. I like my gear, but even I owned easy to. . . The question is whether the manufacturer bothers to issue . . .

    Stick to telling us about your truck or motorbike, Runaway. Obvious you know nothing about networking, and even less about network security. Comcast subscriber, eh?

    Starting Score:    0  points
    Moderation   -1  
       Troll=1, Total=1
    Extra 'Troll' Modifier   0  

    Total Score:   -1  
  • (Score: 2) by Runaway1956 on Friday February 28 2020, @10:12AM (4 children)

    by Runaway1956 (2926) Subscriber Badge on Friday February 28 2020, @10:12AM (#964056) Journal

    So - you've never flashed a router, or installed Tomato on it, and you have no idea what I'm talking about here. Got it.

    • (Score: 2) by NotSanguine on Friday February 28 2020, @11:28AM (3 children)

      by NotSanguine (285) <NotSanguineNO@SPAMSoylentNews.Org> on Friday February 28 2020, @11:28AM (#964065) Homepage Journal

      So - you've never flashed a router, or installed Tomato on it, and you have no idea what I'm talking about here. Got it.

      Why buy consumer crap that's obsolete almost before you buy it? Why not buy something like this [amazon.com] instead, which is more configurable, has numerous software choices (as a router, a firewall, VPN gateway, NAS server, and/or some combination -- which is a poor idea, but you get my point, etc., etc., etc.) and will be continuously updated as long as whichever OS (xBSD, Linux) you choose to install is supported?

      I know that tomato is pretty cool and, for what it is, runs well. But its functionality is limited, and the hardware on which it runs is generally garbage. Just sayin'.

      --
      No, no, you're not thinking; you're just being logical. --Niels Bohr
      • (Score: 2) by Runaway1956 on Friday February 28 2020, @02:57PM (2 children)

        by Runaway1956 (2926) Subscriber Badge on Friday February 28 2020, @02:57PM (#964125) Journal

        I would have to look at it, to understand it's capabilities. But, is it really a lot more configurable than a Netgear box with Advanced Tomato installed? Granted, my box is mid- to middle-high consumer grade, but Tomato!! And, I already know that it won't increase the bandwidth available to me - I'm stuck at 2 meg, no matter how much bandwidth I might try to hook up to it. Mehhhh - the networking I already have far outpaces the available bandwidth going out of the house, by about three orders of magnitude.

        • (Score: 4, Interesting) by NotSanguine on Friday February 28 2020, @04:12PM (1 child)

          by NotSanguine (285) <NotSanguineNO@SPAMSoylentNews.Org> on Friday February 28 2020, @04:12PM (#964150) Homepage Journal

          I would have to look at it, to understand it's capabilities.

          The link was just to a fanless PC with 4Gb ports.

          There are numerous options for router/firewall. Pretty much anything you can do with Linux/BSD.

          I was going to post a few links here, but the options are far too numerous (searches for 'linux router', 'linux firewall', 'BSD router', 'BSD firewall' will give you many choices).

          What's more, you can use (locked down, presumably) whatever distro you're currently using, or go with BSD if you like. Or use one of the many, many open source router/firewall distros/packages.

          The point is that features and functionality are almost limitless. And if you decide you want a different piece of hardware for your router/firewall, you can still use something like I linked for other purposes, rather than having a Netgear brick.

          Besides, Tomato uses the standard linux tools (iproute2/IPTables) anyway, but has limited hardware (ARM/MIPS and Broadcom) support.

          --
          No, no, you're not thinking; you're just being logical. --Niels Bohr