Major Wi-Fi Vulnerabilities Uncovered Put Millions of Devices at Risk, Including Macs and iPhones

Discussion in 'MacRumors.com News Discussion' started by MacRumors, Oct 16, 2017.

  1. MacRumors macrumors bot

    MacRumors

    Joined:
    Apr 12, 2001
    #1
    [​IMG]


    Mathy Vanhoef, a postdoctoral researcher at Belgian university KU Leuven, has discovered and disclosed major vulnerabilities in the WPA2 protocol that secures all modern protected Wi-Fi networks.

    [​IMG]

    Vanhoef said an attacker within range of a victim can exploit these weaknesses using so-called KRACKs, or key reinstallation attacks, which can result in any data or information that the victim transmits being decrypted. Attackers can eavesdrop on network traffic on both private and public networks.

    As explained by Ars Technica, the primary attack exploits a four-way handshake that is used to establish a key for encrypting traffic. During the third step, the key can be resent multiple times. When it's resent in certain ways, a cryptographic nonce can be reused in a way that completely undermines the encryption.

    As a result, attackers can potentially intercept sensitive information, such as credit card numbers, passwords, emails, and photos. Depending on the network configuration, it is also possible to inject and manipulate data. For example, an attacker might be able to inject ransomware or other malware into websites.

    Note that the attacks do not recover the password of any Wi-Fi network, according to Vanhoef. They also do not recover any parts of the fresh encryption key that is negotiated during the four-way handshake.

    Websites properly configured with HTTPS have an additional layer of protection, but an improperly configured site can be exploited to drop this encryption, so Vanhoef warned that it is not reliable protection.

    Since the vulnerabilities exist in the Wi-Fi standard itself, nearly any router and device that supports Wi-Fi is likely affected, including Macs and iOS devices. Android and Linux devices are particularly vulnerable since they can be tricked into installing an all-zero encryption key instead of reinstalling the real key.
    As a proof-of-concept, Vanhoef executed a key reinstallation attack against an Android smartphone. In the video demonstration below, the attacker is able to decrypt all data that the victim transmits.


    iOS devices are vulnerable to attacks against the group key handshake, but they are not vulnerable to the key reinstallation attack.

    Fortunately, the vulnerabilities can be patched, and in a backwards-compatible manner. In other words, a patched client like a smartphone can still communicate with an un-patched access point like a router.

    Vanhoef said he began disclosing the vulnerabilities to vendors in July. US-CERT, short for the United States Computer Emergency Readiness Team, sent out a broad notification to vendors in late August. It is now up to device and router manufacturers to release any necessary security or firmware updates.

    Despite the vulnerabilities, Vanhoef says the public should still use WPA2 while waiting for patches. In the meantime, steps users can take to mitigate their threat level in the meantime include using a VPN, using a wired Ethernet connection where possible, and avoiding public Wi-Fi networks.

    Vanhoef is presenting his research behind the attack at both the Black Hat Europe and Computer and Communications Security conferences in early November. His detailed research paper (PDF) is available today.

    Article Link: Major Wi-Fi Vulnerabilities Uncovered Put Millions of Devices at Risk, Including Macs and iPhones
     
  2. Quu macrumors 68030

    Quu

    Joined:
    Apr 2, 2007
    #2
    Some providers have already released router side patches to fix this (Mikrotek's RouterOS for example). I'm hopeful most good providers (Asus, Unifi etc) will have patches out within the next two weeks.
     
  3. flyingspur macrumors regular

    flyingspur

    Joined:
    Aug 5, 2013
    Location:
    Dallas TX
    #3
    Not surprised! Get your cables on! Use HTTPS! No Banking on WiFi!
     
  4. MacLawyer macrumors demi-god

    MacLawyer

    Joined:
    Aug 1, 2009
    Location:
    U.S.A.
    #4
    So.....that's nice.

    Wonder if simply enabling VPN such as Cloak on your home network would do the trick.
     
  5. elmancho macrumors 6502

    elmancho

    Joined:
    Nov 5, 2008
    Location:
    Paris, France
  6. Futurix macrumors 6502

    Futurix

    Joined:
    Nov 22, 2011
    Location:
    London
  7. realeric macrumors 65816

    realeric

    Joined:
    Jun 19, 2009
    Location:
    United States
    #7
    Oh. It’s really a bad news. Most wifi routers in public place are not updated well.
     
  8. centauratlas macrumors 65816

    centauratlas

    Joined:
    Jan 29, 2003
    Location:
    Florida
    #8
    I hope they update all their AirPorts and Time Capsules, but I am not hopeful. In this case, I hope I am wrong.
     
  9. Glideslope macrumors 603

    Glideslope

    Joined:
    Dec 7, 2007
    Location:
    A quiet place in NY.
    #9
    Will Apple patch an a/c Airport Extreme? Or is it time to purchase a new router? Suggestions for seamless Mac use? :apple:
     
  10. brianvictor7 macrumors 65816

    brianvictor7

    Joined:
    Oct 24, 2013
    Location:
    United States
    #10
    Can you imagine the reaction if this news had been released on Friday the Thirteenth?

    Whoboy.
     
  11. Chupa Chupa macrumors G5

    Chupa Chupa

    Joined:
    Jul 16, 2002
    #11
    Question I have is will Apple since they have abandoned Airport development. If so how far down the model line will they patch. I have the last APE but also some last gen APX I use as satellites. So I'm hoping Apple patches for all models with WPA2 capability. This will be a test to see how much it really cares about user security with it's response time and comprehensiveness since the patch isn't that difficult from what I've read.
     
  12. morcutt11 macrumors 6502

    morcutt11

    Joined:
    Jun 26, 2015
    Location:
    USA
    #12
    This can't be overstated. How many hotels, Starbucks, etc. even know what "firmware" is or how to access their WiFi settings? And just think of all the cheap Chinese routers out there that will never see updates from the manufacturer.
     
  13. OneBagTravel macrumors 6502

    OneBagTravel

    Joined:
    Oct 18, 2013
    Location:
    USA
    #13
    Never trust public Wifi. Here's hoping for an airport extreme update.
     
  14. al256 macrumors 6502a

    al256

    Joined:
    Jun 7, 2001
    #14
    Apple needs to either drop their Airport and Time Capsule products or publicly affirm their commitment to bringing out new products which resolve this vulnerability. I'm not sure how long this will take to develop and release but don't leave us waiting a product which they have no intention of releasing.
     
  15. benthewraith macrumors 68040

    benthewraith

    Joined:
    May 27, 2006
    Location:
    Miami, FL
    #15
    It's something that can be patched with firmware, not hardware replacement.
     
  16. noxex macrumors newbie

    Joined:
    Oct 16, 2017
    #16
    I've been seeing a lot of misinformation about this. This vulnerability only affects CLIENTS. So unless your AP is bridging to another AP, updating the AP will do no good. The clients themselves must be updated.
     
  17. StevieD100 macrumors 6502a

    StevieD100

    Joined:
    Jan 18, 2014
    Location:
    Living Dangerously in Retirement
    #17
    That's why I always use a VPN from a device that I want to use in places like Starbucks. Also gets around stupid restrictions on what I can view in foreign parts.
     
  18. RecentlyConverted macrumors 6502a

    Joined:
    Oct 21, 2015
    #18
    I hope so recently bought two TCs. They are still for sale and not officially discontinued.
     
  19. Kaibelf macrumors 68020

    Kaibelf

    Joined:
    Apr 29, 2009
    Location:
    Silicon Valley, CA
    #19
    Too early to tell yet, but I suspect Apple will do a patch as this one seems to fall into that category where they tend to be rather responsive.
     
  20. GadgetBen macrumors 6502a

    GadgetBen

    Joined:
    Jul 8, 2015
    Location:
    London
    #20
    I’ll be fine then. I live in the Countryside. If anyone comes within range the dogs will get them.
     
  21. Chupa Chupa macrumors G5

    Chupa Chupa

    Joined:
    Jul 16, 2002
    #21
    Why is the response from manufacturers so slow on something this important?
     
  22. Porco macrumors 68030

    Porco

    Joined:
    Mar 28, 2005
    #22
    Well this is bad. :eek:

    I hope Apple (well, and ... everyone!) patches this on as many of its devices as possible, as soon as possible.
     
  23. mabaker macrumors 65816

    mabaker

    Joined:
    Jan 19, 2008
    #23
    Steve would have NEVER allowed this! SMH Tim is running Apple into ground. #bringbackPPC
     
  24. Chupa Chupa macrumors G5

    Chupa Chupa

    Joined:
    Jul 16, 2002
    #24
    This is only tangentially related to Apple because they made and still sell routers so why bring that troll line up even in sarcasm? The flaw is in the Wi-Fi standard itself.
     
  25. DNichter macrumors G3

    DNichter

    Joined:
    Apr 27, 2015
    Location:
    Philadelphia, PA
    #25
    I am assuming this would affect ALL devices connected to any router using this protocol, correct?
     

Share This Page