11.1 only fixes Krack for iphone 7 & ipad pro and newer?

Discussion in 'iOS 11' started by liteshow, Oct 31, 2017.

  1. liteshow macrumors regular

    Sep 20, 2012
    Taken from https://support.apple.com/en-gb/HT208222


    Available for: iPhone 7 and later, and iPad Pro 9.7-inch (early 2016) and later

    Impact: An attacker in Wi-Fi range may force nonce reuse in WPA clients (Key Reinstallation Attacks - KRACK)

    Description: A logic issue existed in the handling of state transitions. This was addressed with improved state management.

    CVE-2017-13080: Mathy Vanhoef of the imec-DistriNet group at KU Leuven

    Does that mean older iphones and ipads do not get the patch?
  2. gforce216 macrumors 6502a

    Jun 17, 2009
    I noticed they mentioned only the Apple Watch Series 1 and Series 2 as well
  3. jaymc macrumors 6502


    Nov 10, 2012
    Port Orchard, WA
    It's regarding the security aspects only ... there is more to this update.
  4. liteshow thread starter macrumors regular

    Sep 20, 2012
    I was refering specifically to the wifi patch - hoping that it applied for all devices and not just newer one. I have a iphone 6s and ipad air 1. From the apple support page, this means that my older devices are still vulnerbable to the KNACK attack.

  5. anyjungleinguy macrumors 6502

    Mar 6, 2012
  6. Act3, Oct 31, 2017
    Last edited: Oct 31, 2017

    Act3 macrumors 68000

    Sep 26, 2014
    if it cant be patched, they should warn those buying 6s iPhones and mini 4 ipads
  7. nutmac macrumors 601

    Mar 30, 2004
    I just talked to Apple's Support. All they said is "please file a feedback on our website". I mean WTF? I have the previous generation 12.9" iPad Pro that isn't receiving the fix. I have to purchase entirely new model to receive a security fix or continuing using a vulnerable product and risk getting hacked?
  8. C DM macrumors Sandy Bridge

    Oct 17, 2011
    Something that was mentioned in another iOS 11.1 release thread:
  9. QCassidy352, Oct 31, 2017
    Last edited: Oct 31, 2017

    QCassidy352 macrumors G4


    Mar 20, 2003
    Bay Area
    Yeah, and iPhone SE.

    Hopefully this is the case. Otherwise it's quite inexplicable that they left not only recent products but currently shipping products unpatched.

    Some clarification from Apple would be much appreciated by this iPad Air 2 owner.
  10. apfelbaum macrumors member

    Aug 31, 2014
    This is bad, very bad and disappointing. And I don’t care about what just one person in a random Podcast says, if Apple releases a fix it means, there was vulnerability and it should be fixed on devices they are actually still selling like the 6s and SE as well.
  11. C DM macrumors Sandy Bridge

    Oct 17, 2011
    Well, who the person is and what they do can certainly make a difference.
  12. jon3543 macrumors 6502

    Sep 13, 2010
    I just wrote the following in this thread, but the bottom line is, Apple needs to make a definitive statement as to which devices may be vulnerable, and to what. I have an iPod Touch 5th gen, for example, and I remain afraid to enable Wi-Fi. At least my iPhone 7 is now patched, and I can turn off the VPN at home.

    Apple Releases iOS 11.1 With New Emoji, 3D Touch App Switcher, and More

    Yeah, thanks for posting this. In Section 3.2 of the Vanhoef/Piessens paper, they have a table for a variety of OSes, iOS represented by v. 10.3.1. That version is only susceptible to the Group Key attack, which per sections 4 and 6.1, allows an attacker to replay broadcast and multicast frames sent from AP to client, and that's all it can do.

    You could well be right that iPhone 7 is the first one susceptible to the more dangerous attacks that allow decryption and forging. Would love to get a statement from Apple to that effect.
  13. NoBoMac Moderator


    Staff Member

    Jul 1, 2014
    Re: only certain iOS devices being susceptible: I can believe it, and why there are no KRACK updates for some of the older devices. Case in point: Apple did roll a security update for El Capitan today for KRACK (support dropped for that one year ago), so, they have not abandoned all old platforms for this issue.
  14. QCassidy352 macrumors G4


    Mar 20, 2003
    Bay Area
    Well, they certainly are treating the macOS side differently from the iOS side; that much is clear. On macOS, they are not only patching all Macs, they are offering a fix for older versions of the OS (back two generations). On iOS, they're not only not going back to iOS 9 or 10 (which I wish they would), they are also not even patching older devices running iOS 11.

    The more I think and read about it, the more I am persuaded that it must have to do with the older devices not being vulnerable in the first place. I just can't fathom they'd patch it on some but not all devices running the current iOS.
  15. stbrown macrumors newbie

    Jul 17, 2010
    They made an update to the security page for iOS 11.1 adding the iPhone 8 and X and also stating older devices are not impacted
  16. C DM macrumors Sandy Bridge

    Oct 17, 2011
    Seems like they added another related but separate entry for something additional that was addressed related to KRACK for iPhone 8 and X line of phones, which doesn't impact older devices. The original KRACK entry is still there too without specifically calling out earlier devices.
  17. dj1891 macrumors 6502


    Feb 16, 2015
    Northern Ireland
    They also only fixed battery issues on the iPhone 7 and newer also.
  18. AsherN macrumors 6502

    May 11, 2016
    That made no sense. It implies that the WPA2 code is not part of the OS. So then, how can an OS update fix it on certain devices.

    Apple needs to clarify this.
  19. C DM macrumors Sandy Bridge

    Oct 17, 2011
    Well, there's likely more to it all, but doesn't seem like there's much information is out about that.

Share This Page

18 October 31, 2017