• KRACK attack – bad, but the sky isn’t falling

    Posted on October 16, 2017 at 06:23 CDT by Comment in the Forums

    Overnight, interest in the so-called KRACK attack (“Key Reinstallation attack”) hit fever proportions. The details are now available.

    You can read the disclosure, by Mathy Vanhoef (from the Belgian university KU Leuven) on the newly minted krackattacks.com web site. The gist:

    We discovered serious weaknesses in WPA2, a protocol that secures all modern protected Wi-Fi networks. An attacker within range of a victim can exploit these weaknesses using key reinstallation attacks (KRACKs). Concretely, attackers can use this novel attack technique to read information that was previously assumed to be safely encrypted…

    The weaknesses are in the Wi-Fi standard itself, and not in individual products or implementations. Therefore, any correct implementation of WPA2 is likely affected.

    Kevin Beaumont has a tremendous analysis on the DoublePulsar site:

    So there’s a new Wi-Fi attack. In the media it is being presented as a flaw in WPA protocol which isn’t fixable. This isn’t true… The attack  realistically doesn’t work against Windows or iOS devices. The Group vuln is there, but it’s not near enough to actually do anything of interest.

    There is currently no publicly available code out there to attack this in the real world — you would need an incredibly high skill set and to be at the Wi-Fi base station to attack this.

    In short, it’s a real and severe flaw in the WPA2 algorithm that’s been artfully packaged and sold as a scary vulnerability. You’re going to read about it endlessly over the next few days. But it isn’t going to bite you any time soon.

    One of my favorite security guys, Rob Rosenberger had this curmudgeonly take:

    Dear Computer Users,

    Cybersecurity experts are booking themselves on talk shows to discuss #KRACK. Stand by; details to follow.

    Yep, the offal is about to hit the PR propeller.

    UPDATE: As I anticipated last night (see the next entry), Catalin Cimpanu at Bleepingcomputer has an excellent analysis.

    UPDATE: Lawrence Abrams at Bleepingcomputer has a list of all firmware and driver updates to handle KRACK. There’s also an enormous list of firms that haven’t yet responded.

    Windows Patches/Security
DON'T MISS OUT!
Subscribe to the Free Newsletter
We promise not to spam you. Unsubscribe at any time.
Invalid email address

View the Forum

  • Recent Replies
  • My Replies
  • My Active Topics
  • New Posts in the Last day
  • Private Messages
  • Knowledge Base
  • How to use the Forums
  • All Forums

    • Recent Topics

    My Profile

    April 2025
    S M T W T F S
     12345
    6789101112
    13141516171819
    20212223242526
    27282930  

    Remembering Woody

     

    Want to Advertise in the free newsletter? How about a gift subscription in honor of a birthday? Send an email to sb@askwoody.com to ask how.

    Mastodon profile for DefConPatch
    Mastodon profile for AskWoody

     

    Home About FAQ Posts & Privacy Forums My Account
    Register Free Newsletter Plus Membership Gift Certificates MS-DEFCON Alerts

    Copyright ©2004-2025 by AskWoody Tech LLC. All Rights Reserved.