11.1 only fixes Krack for iphone 7 & ipad pro and newer?

Discussion in 'iOS 11' started by liteshow, Oct 31, 2017.

  1. liteshow macrumors regular

    Joined:
    Sep 20, 2012
    #1
    Taken from https://support.apple.com/en-gb/HT208222

    Wi-Fi

    Available for: iPhone 7 and later, and iPad Pro 9.7-inch (early 2016) and later

    Impact: An attacker in Wi-Fi range may force nonce reuse in WPA clients (Key Reinstallation Attacks - KRACK)

    Description: A logic issue existed in the handling of state transitions. This was addressed with improved state management.

    CVE-2017-13080: Mathy Vanhoef of the imec-DistriNet group at KU Leuven


    Does that mean older iphones and ipads do not get the patch?
     
  2. gforce216 macrumors 6502a

    Joined:
    Jun 17, 2009
    #2
    I noticed they mentioned only the Apple Watch Series 1 and Series 2 as well
     
  3. jaymc macrumors 6502

    jaymc

    Joined:
    Nov 10, 2012
    Location:
    Port Orchard, WA
    #3
    It's regarding the security aspects only ... there is more to this update.
     
  4. liteshow thread starter macrumors regular

    Joined:
    Sep 20, 2012
    #4
    I was refering specifically to the wifi patch - hoping that it applied for all devices and not just newer one. I have a iphone 6s and ipad air 1. From the apple support page, this means that my older devices are still vulnerbable to the KNACK attack.

     
  5. anyjungleinguy macrumors 6502

    Joined:
    Mar 6, 2012
  6. Act3, Oct 31, 2017
    Last edited: Oct 31, 2017

    Act3 macrumors 68000

    Joined:
    Sep 26, 2014
    Location:
    USA
    #6
    if it cant be patched, they should warn those buying 6s iPhones and mini 4 ipads
     
  7. nutmac macrumors 601

    Joined:
    Mar 30, 2004
    #7
    I just talked to Apple's Support. All they said is "please file a feedback on our website". I mean WTF? I have the previous generation 12.9" iPad Pro that isn't receiving the fix. I have to purchase entirely new model to receive a security fix or continuing using a vulnerable product and risk getting hacked?
     
  8. C DM macrumors Sandy Bridge

    Joined:
    Oct 17, 2011
    #8
    Something that was mentioned in another iOS 11.1 release thread:
     
  9. QCassidy352, Oct 31, 2017
    Last edited: Oct 31, 2017

    QCassidy352 macrumors G4

    QCassidy352

    Joined:
    Mar 20, 2003
    Location:
    Bay Area
    #9
    Yeah, and iPhone SE.

    Hopefully this is the case. Otherwise it's quite inexplicable that they left not only recent products but currently shipping products unpatched.

    Some clarification from Apple would be much appreciated by this iPad Air 2 owner.
     
  10. apfelbaum macrumors member

    Joined:
    Aug 31, 2014
    Location:
    Germany
    #10
    This is bad, very bad and disappointing. And I don’t care about what just one person in a random Podcast says, if Apple releases a fix it means, there was vulnerability and it should be fixed on devices they are actually still selling like the 6s and SE as well.
     
  11. C DM macrumors Sandy Bridge

    Joined:
    Oct 17, 2011
    #11
    Well, who the person is and what they do can certainly make a difference.
     
  12. jon3543 macrumors 6502

    Joined:
    Sep 13, 2010
    #12
    I just wrote the following in this thread, but the bottom line is, Apple needs to make a definitive statement as to which devices may be vulnerable, and to what. I have an iPod Touch 5th gen, for example, and I remain afraid to enable Wi-Fi. At least my iPhone 7 is now patched, and I can turn off the VPN at home.

    Apple Releases iOS 11.1 With New Emoji, 3D Touch App Switcher, and More

    Yeah, thanks for posting this. In Section 3.2 of the Vanhoef/Piessens paper, they have a table for a variety of OSes, iOS represented by v. 10.3.1. That version is only susceptible to the Group Key attack, which per sections 4 and 6.1, allows an attacker to replay broadcast and multicast frames sent from AP to client, and that's all it can do.

    You could well be right that iPhone 7 is the first one susceptible to the more dangerous attacks that allow decryption and forging. Would love to get a statement from Apple to that effect.
     
  13. NoBoMac Moderator

    NoBoMac

    Staff Member

    Joined:
    Jul 1, 2014
    #13
    Re: only certain iOS devices being susceptible: I can believe it, and why there are no KRACK updates for some of the older devices. Case in point: Apple did roll a security update for El Capitan today for KRACK (support dropped for that one year ago), so, they have not abandoned all old platforms for this issue.
     
  14. QCassidy352 macrumors G4

    QCassidy352

    Joined:
    Mar 20, 2003
    Location:
    Bay Area
    #14
    Well, they certainly are treating the macOS side differently from the iOS side; that much is clear. On macOS, they are not only patching all Macs, they are offering a fix for older versions of the OS (back two generations). On iOS, they're not only not going back to iOS 9 or 10 (which I wish they would), they are also not even patching older devices running iOS 11.

    The more I think and read about it, the more I am persuaded that it must have to do with the older devices not being vulnerable in the first place. I just can't fathom they'd patch it on some but not all devices running the current iOS.
     
  15. stbrown macrumors newbie

    Joined:
    Jul 17, 2010
    #15
    They made an update to the security page for iOS 11.1 adding the iPhone 8 and X and also stating older devices are not impacted
     
  16. C DM macrumors Sandy Bridge

    Joined:
    Oct 17, 2011
    #16
    Seems like they added another related but separate entry for something additional that was addressed related to KRACK for iPhone 8 and X line of phones, which doesn't impact older devices. The original KRACK entry is still there too without specifically calling out earlier devices.
     
  17. dj1891 macrumors 6502

    dj1891

    Joined:
    Feb 16, 2015
    Location:
    Northern Ireland
    #17
    They also only fixed battery issues on the iPhone 7 and newer also.
     
  18. AsherN macrumors 6502

    Joined:
    May 11, 2016
    Location:
    Canada
    #18
    That made no sense. It implies that the WPA2 code is not part of the OS. So then, how can an OS update fix it on certain devices.

    Apple needs to clarify this.
     
  19. C DM macrumors Sandy Bridge

    Joined:
    Oct 17, 2011
    #19
    Well, there's likely more to it all, but doesn't seem like there's much information is out about that.
     

Share This Page

18 October 31, 2017