Stories
Slash Boxes
Comments

SoylentNews is people

posted by Fnord666 on Friday February 28 2020, @04:48AM   Printer-friendly
from the "encrypted" dept.

https://arstechnica.com/information-technology/2020/02/flaw-in-billions-of-wi-fi-devices-left-communications-open-to-eavesdroppng/

Billions of devices—many of them already patched—are affected by a Wi-Fi vulnerability that allows nearby attackers to decrypt sensitive data sent over the air, researchers said on Wednesday at the RSA security conference.

[...]Eset researchers wrote in a research paper published on Wednesday. "The attack surface is greatly increased, since an adversary can decrypt data that was transmitted by a vulnerable access point to a specific client (which may or may not be vulnerable itself)."

[...]Kr00k exploits a weakness that occurs when wireless devices disassociate from a wireless access point. If either the end-user device or the access point is vulnerable, it will put any unsent data frames into a transmit buffer and then send them over the air. Rather than encrypt this data with the session key negotiated earlier and used during the normal connection, vulnerable devices use a key consisting of all zeros, a move that makes decryption trivial.

[...]Eset researchers determined that a variety of devices are vulnerable, including:

  • Amazon Echo 2nd gen
  • Amazon Kindle 8th gen
  • Apple iPad mini 2
  • Apple iPhone 6, 6S, 8, XR
  • Apple MacBook Air Retina 13-inch 2018
  • Google Nexus 5
  • Google Nexus 6
  • Google Nexus 6S
  • Raspberry Pi 3
  • Samsung Galaxy S4 GT-I9505
  • Samsung Galaxy S8
  • Xiaomi Redmi 3S

The researchers also found that the following wireless routers are vulnerable:

  • Asus RT-N12
  • Huawei B612S-25d
  • Huawei EchoLife HG8245H
  • Huawei E5577Cs-321

An Apple spokesman said the vulnerabilities were patched last October with details for macOS here and for iOS and iPadOS here.

[...]While the vulnerability is interesting and users should make sure their devices are patched quickly—if they aren't already—there are a few things that minimize the real-world threat posed.

[...]Despite the limited threat posed, readers should ensure their devices have received updates issued by the manufacturers. This advice is most important for users of vulnerable Wi-Fi routers, since routers are often hard to patch and because vulnerable routers leave communications open to interception even when client devices are unaffected or are already patched.


Original Submission

This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
(1)
  • (Score: 2, Touché) by aristarchus on Friday February 28 2020, @05:18AM (2 children)

    by aristarchus (2645) on Friday February 28 2020, @05:18AM (#963970) Journal

    A flaw in Billions of devices is not a flaw, it is a feature. I mean this quite literally. The only question is, who is it a feature for? Not the consumer, obviously.

    • (Score: -1, Flamebait) by Ethanol-fueled on Friday February 28 2020, @05:37AM (1 child)

      by Ethanol-fueled (2792) on Friday February 28 2020, @05:37AM (#963978) Homepage

      Bring it on, Jewish niggers .

      • (Score: 0) by Anonymous Coward on Friday February 28 2020, @05:58AM

        by Anonymous Coward on Friday February 28 2020, @05:58AM (#963987)

        Here is Ethanol_funded, bringing it, upon hisself? Oh, dude! Just admit it! It is obvious to all and sundry that you are a Black Mexican Jew. So much projection.

  • (Score: 5, Informative) by NotSanguine on Friday February 28 2020, @05:35AM

    by NotSanguine (285) <NotSanguineNO@SPAMSoylentNews.Org> on Friday February 28 2020, @05:35AM (#963976) Homepage Journal

    The subhead on TFA reads:

    Cypress and Broadcom chip bug bit iPhones, Macs, Android devices, Echoes, and more.

    Hmmm...Let's see if the rest of TFA can narrow things down a bit:

    the flaw primarily affects Cyperess’ and Broadcom’s FullMAC WLAN chips

    Relevantly:

    Eset has named the vulnerability Kr00k, and it is tracked as CVE-2019-15126.

    A check of the above mentioned CVE [nist.gov] details affected firmware/software configurations and is rated a low (3.1) severity vulnerability.

    When posting articles on vulnerabilities, it's probably a good idea to put the CVE ID in TFS.

    --
    No, no, you're not thinking; you're just being logical. --Niels Bohr
  • (Score: 2) by Runaway1956 on Friday February 28 2020, @06:37AM (6 children)

    by Runaway1956 (2926) Subscriber Badge on Friday February 28 2020, @06:37AM (#963999) Journal

    Really? Routers are often hard to patch? I wonder what routers they are referring to, exactly. I like my Netgear gear, but even the cheapest routers I've owned were pretty easy to update. The question is whether the manufacturer bothers to issue patches, updates, and upgrades.

    • (Score: -1, Troll) by Anonymous Coward on Friday February 28 2020, @08:09AM (5 children)

      by Anonymous Coward on Friday February 28 2020, @08:09AM (#964024)

      Really? ... I wonder what,... exactly. I like my gear, but even I owned easy to. . . The question is whether the manufacturer bothers to issue . . .

      Stick to telling us about your truck or motorbike, Runaway. Obvious you know nothing about networking, and even less about network security. Comcast subscriber, eh?

      • (Score: 2) by Runaway1956 on Friday February 28 2020, @10:12AM (4 children)

        by Runaway1956 (2926) Subscriber Badge on Friday February 28 2020, @10:12AM (#964056) Journal

        So - you've never flashed a router, or installed Tomato on it, and you have no idea what I'm talking about here. Got it.

        • (Score: 2) by NotSanguine on Friday February 28 2020, @11:28AM (3 children)

          by NotSanguine (285) <NotSanguineNO@SPAMSoylentNews.Org> on Friday February 28 2020, @11:28AM (#964065) Homepage Journal

          So - you've never flashed a router, or installed Tomato on it, and you have no idea what I'm talking about here. Got it.

          Why buy consumer crap that's obsolete almost before you buy it? Why not buy something like this [amazon.com] instead, which is more configurable, has numerous software choices (as a router, a firewall, VPN gateway, NAS server, and/or some combination -- which is a poor idea, but you get my point, etc., etc., etc.) and will be continuously updated as long as whichever OS (xBSD, Linux) you choose to install is supported?

          I know that tomato is pretty cool and, for what it is, runs well. But its functionality is limited, and the hardware on which it runs is generally garbage. Just sayin'.

          --
          No, no, you're not thinking; you're just being logical. --Niels Bohr
          • (Score: 2) by Runaway1956 on Friday February 28 2020, @02:57PM (2 children)

            by Runaway1956 (2926) Subscriber Badge on Friday February 28 2020, @02:57PM (#964125) Journal

            I would have to look at it, to understand it's capabilities. But, is it really a lot more configurable than a Netgear box with Advanced Tomato installed? Granted, my box is mid- to middle-high consumer grade, but Tomato!! And, I already know that it won't increase the bandwidth available to me - I'm stuck at 2 meg, no matter how much bandwidth I might try to hook up to it. Mehhhh - the networking I already have far outpaces the available bandwidth going out of the house, by about three orders of magnitude.

            • (Score: 4, Interesting) by NotSanguine on Friday February 28 2020, @04:12PM (1 child)

              by NotSanguine (285) <NotSanguineNO@SPAMSoylentNews.Org> on Friday February 28 2020, @04:12PM (#964150) Homepage Journal

              I would have to look at it, to understand it's capabilities.

              The link was just to a fanless PC with 4Gb ports.

              There are numerous options for router/firewall. Pretty much anything you can do with Linux/BSD.

              I was going to post a few links here, but the options are far too numerous (searches for 'linux router', 'linux firewall', 'BSD router', 'BSD firewall' will give you many choices).

              What's more, you can use (locked down, presumably) whatever distro you're currently using, or go with BSD if you like. Or use one of the many, many open source router/firewall distros/packages.

              The point is that features and functionality are almost limitless. And if you decide you want a different piece of hardware for your router/firewall, you can still use something like I linked for other purposes, rather than having a Netgear brick.

              Besides, Tomato uses the standard linux tools (iproute2/IPTables) anyway, but has limited hardware (ARM/MIPS and Broadcom) support.

              --
              No, no, you're not thinking; you're just being logical. --Niels Bohr
(1)