SoylentNews is people
SoylentNews
from the encrypted-for-some-values-of-encryption dept.
Billions of devices—many of them already patched—are affected by a Wi-Fi vulnerability that allows nearby attackers to decrypt sensitive data sent over the air, researchers said on Wednesday at the RSA security conference.
[...]Eset researchers wrote in a research paper published on Wednesday. "The attack surface is greatly increased, since an adversary can decrypt data that was transmitted by a vulnerable access point to a specific client (which may or may not be vulnerable itself)."
[...]Kr00k exploits a weakness that occurs when wireless devices disassociate from a wireless access point. If either the end-user device or the access point is vulnerable, it will put any unsent data frames into a transmit buffer and then send them over the air. Rather than encrypt this data with the session key negotiated earlier and used during the normal connection, vulnerable devices use a key consisting of all zeros, a move that makes decryption trivial.
[...]Eset researchers determined that a variety of devices are vulnerable, including:
- Amazon Echo 2nd gen
- Amazon Kindle 8th gen
- Apple iPad mini 2
- Apple iPhone 6, 6S, 8, XR
- Apple MacBook Air Retina 13-inch 2018
- Google Nexus 5
- Google Nexus 6
- Google Nexus 6S
- Raspberry Pi 3
- Samsung Galaxy S4 GT-I9505
- Samsung Galaxy S8
- Xiaomi Redmi 3S
The researchers also found that the following wireless routers are vulnerable:
- Asus RT-N12
- Huawei B612S-25d
- Huawei EchoLife HG8245H
- Huawei E5577Cs-321
An Apple spokesman said the vulnerabilities were patched last October with details for macOS here and for iOS and iPadOS here.
[...]While the vulnerability is interesting and users should make sure their devices are patched quickly—if they aren't already—there are a few things that minimize the real-world threat posed.
[...]Despite the limited threat posed, readers should ensure their devices have received updates issued by the manufacturers. This advice is most important for users of vulnerable Wi-Fi routers, since routers are often hard to patch and because vulnerable routers leave communications open to interception even when client devices are unaffected or are already patched.
(Score: 2) by barbara hudson on Friday February 28 2020, @05:51PM (6 children)
So what if someone else can get a few data packets from the devices that are spying on your all the time. Instead of 200 (advertisers, government agencies, etc) it's now 201.
SoylentNews is social media. Says so right in the slogan. Soylentnews is people, not tech.
(Score: 0) by Anonymous Coward on Friday February 28 2020, @08:06PM (5 children)
Sniffing enough wifi packets that you could get the login credentials. I thought this was well known over 10 years ago.
(Score: 2) by NickM on Friday February 28 2020, @09:33PM (4 children)
I a master of typographic, grammatical and miscellaneous errors !
(Score: 2) by NickM on Friday February 28 2020, @09:39PM (2 children)
I a master of typographic, grammatical and miscellaneous errors !
(Score: 2) by barbara hudson on Saturday February 29 2020, @03:47AM (1 child)
SoylentNews is social media. Says so right in the slogan. Soylentnews is people, not tech.
(Score: 3, Insightful) by NickM on Sunday March 01 2020, @04:17PM
At home, I concede that this is not that scary but in a corporate settings this technique gives an attacker the potential to harvest a lots of juicy credentials since almost the all the suits use laptops, they are assuredly wirelessly connected when they are in a meeting room and since they are suits they are almost always in a meeting of some sorts.
News like this, makes me glad that I don't work in the IT security administrative unit .
I a master of typographic, grammatical and miscellaneous errors !
(Score: 3, Informative) by TheGratefulNet on Friday February 28 2020, @11:37PM
pwnagotchi
google it.
"It is now safe to switch off your computer."
(Score: 1, Informative) by Anonymous Coward on Friday February 28 2020, @05:59PM (2 children)
The same day, by the same author:
https://soylentnews.org/article.pl?sid=20/02/28/0327222 [soylentnews.org]
(Score: 2) by janrinok on Saturday February 29 2020, @10:16AM (1 child)
Not sure how that can have happened - once an editor processes the story then it is removed from all other queues. My only guess is that Freeman submitted the same story twice - why? I have no idea.
It might surprise you but when we are busy editing stories for the front page we do not get much time to read the stories that other editors are working on. I often edit during the day but I don't get time to read the full front page until that evening or the following day.
(Score: 2) by Freeman on Monday March 02 2020, @05:36PM
I'm sorry, if I did. Been sick, so crazy things could have happened.
Joshua 1:9 "Be strong and of a good courage; be not afraid, neither be thou dismayed: for the Lord thy God is with thee"
(Score: 0) by Anonymous Coward on Friday February 28 2020, @06:20PM (5 children)
Wow. I only have one of the devices on that list. I would have expected it to be higher. I guess deciding to skip the Pi3 and wait for to upgrade to a Pi4 was the right decision.
(Score: 4, Insightful) by takyon on Friday February 28 2020, @06:22PM (2 children)
Is that list exhaustive or just a list of the devices the researchers had on hand?
[SIG] 10/28/2017: Soylent Upgrade v14 [soylentnews.org]
(Score: 3, Informative) by NotSanguine on Friday February 28 2020, @06:44PM
Check the comment [soylentnews.org] I posted in the last iteration of this story. There's a link to the CVE with more details about affected software/firmware versions and configs.
HTHAL.
No, no, you're not thinking; you're just being logical. --Niels Bohr
(Score: 2) by janrinok on Saturday February 29 2020, @10:18AM
Definitely not exhaustive.
(Score: 2) by hendrikboom on Sunday March 01 2020, @08:19PM (1 child)
I dumped my Nexus 5 recently -- apparently just in time. I have been unable to upgrade it for years, and every day it reports on a failed upgrade attempt.
My new phone is also a bit old, but at least it doesn't complain about repeated failed upgrades. I hope it *is* doing security upgrades.
-- hendrik
(Score: 2) by Freeman on Monday March 02 2020, @05:46PM
Yeah, if you're hoping it is, and it's more than 2 years old. You're likely not getting those.
https://www.wired.com/story/android-phones-hide-missed-security-updates-from-you/ [wired.com]
You're not even very likely to be getting any anyway. Unless, you have a phone that is part of Android One. There's some enterprise recommendation thing as well, and those phones are likely to be updated more consistently. Unless I was reading old info and the Android One thing replaced it.
Joshua 1:9 "Be strong and of a good courage; be not afraid, neither be thou dismayed: for the Lord thy God is with thee"
(Score: 2) by corey on Friday February 28 2020, @09:23PM
So l33t.
Takes me back to 2000.