Wifi: WPA2 cracked


Supreme [H]ardness
May 20, 2011
Apparently WPA2 is no longer secure. So sayeth the Guardian here, citing this site.

The vulnerabilities were discovered by a researcher from Belgian university KU Leuven, Mathy Vanhoef. He has given the weakness the codename Krack, short for Key Reinstallation AttaCK.

Of course, there can be further layers of security, like https and VPN.

From Vanhoef's website:

We discovered serious weaknesses in WPA2, a protocol that secures all modern protected Wi-Fi networks. An attacker within range of a victim can exploit these weaknesses using key reinstallation attacks (KRACKs). Concretely, attackers can use this novel attack technique to read information that was previously assumed to be safely encrypted. This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on. The attack works against all modern protected Wi-Fi networks. Depending on the network configuration, it is also possible to inject and manipulate data. For example, an attacker might be able to inject ransomware or other malware into websites.

The weaknesses are in the Wi-Fi standard itself, and not in individual products or implementations. Therefore, any correct implementation of WPA2 is likely affected. To prevent the attack, users must update affected products as soon as security updates become available. Note that if your device supports Wi-Fi, it is most likely affected. During our initial research, we discovered ourselves that Android, Linux, Apple, Windows, OpenBSD, MediaTek, Linksys, and others, are all affected by some variant of the attacks.
As mentioned in the Genmay thread, this will require patching of both client and infrastructure.

In my case, UBNT 3.9.3 patches my APs and all my wifi is segregated on a marginally trusted vlan. Phones will be a PITA, though, especially with device makers lax support schedules, so may set up a femtocell and turn off all device wifi.