Menu
Reply
  • 16
  • 1
  • 2
tbanks2753
On our wavelength
1,109 Views
Message 81 of 96
Flag for a moderator

Re: KRACK - new firmware?

the thing is, once the detail of this vulnerability is in the public domain, someone will use it. Right now the odds are small that you will get hacked, but give it time. This is why WEP isn't (shouldn't) be used these days, because people knew how to hack it.

It is a question of doing the right thing, not playing the odds - IMHO

0 Kudos
Reply
  • 70
  • 2
  • 13
spikey673
Dialled in
1,082 Views
Message 82 of 96
Flag for a moderator

Re: KRACK patch for VM BB hubs?

Sky are always releasing firmware updates to the Sky Q hub...not so with virgin.

regular updates are a good thing, both for security, features, bugs. But I think virgin are missing that piece of common sense ( almost like they can’t be bothered )

IF i have helped you, please give me kudos / mark me as helpful, thanks
  • 3
  • 0
  • 1
Red997
Tuning in
1,825 Views
Message 83 of 96
Flag for a moderator

Re: KRACK patch for VM BB hubs?

maybe the VM hub doesn't need patching...

I dont know, as I've not looked at it.

most of the vulnerabilities  come from the devices that talk to the router.

 

0 Kudos
Reply
Highlighted
  • 382
  • 0
  • 743
Sofa Bear
Sofa Bear
2,794 Views
Message 84 of 96
Flag for a moderator

Re: KRACK - new firmware?

In common with other ISPs we’re working closely with the manufacturers of our wireless devices to ensure customer equipment is updated to address this vulnerability as soon as possible.

  • 70
  • 2
  • 13
spikey673
Dialled in
1,767 Views
Message 85 of 96
Flag for a moderator

Re: KRACK - new firmware?

Give that person a beer for stepping up and addressing the issue, for me at least this puts my mind at rest that an update will happen.

IF i have helped you, please give me kudos / mark me as helpful, thanks
0 Kudos
Reply
  • 61
  • 0
  • 3
cappilio
On our wavelength
1,503 Views
Message 86 of 96
Flag for a moderator

Re: KRACK - new firmware?

it's good to know, i know there is a limited attack surface since we need to be in physical range, but the exploit is known now, it wont be long before any tom,dick or harry can download a dumb proof gui based tool, 

My meraki AP, was updated 2 days ago, think we need it sooner rather than later.

0 Kudos
Reply
  • 89
  • 2
  • 15
WildWayz
Up to speed
1,485 Views
Message 87 of 96
Flag for a moderator

Re: KRACK - new firmware?

How about all your devices ? They all updated too? Updating the router won't fix it entirely. Main problem is clients...
  • 156
  • 3
  • 40
edent
Superfast
1,120 Views
Message 88 of 96
Flag for a moderator

Re: KRACK - new firmware?

In common with other ISPs we’re working closely with the manufacturers of our wireless devices to ensure customer equipment is updated to address this vulnerability as soon as possible.

 

With respect, my original post showed that VM have repeatedly promised firmware updates for bugs before and nothing has come of it.

0 Kudos
Reply
  • 181
  • 5
  • 15
StormW4tch3r
Up to speed
978 Views
Message 89 of 96
Flag for a moderator

Re: KRACK - new firmware?

I would take the 'firmware update' with a pinch of salt. they been saying about an update for ages and a year on we are still waiting for one for HUB3.

0 Kudos
Reply
  • 2
  • 0
  • 0
Ever_Hopeful
Joining in
717 Views
Message 90 of 96
Flag for a moderator

Re: KRACK - new firmware?

One fix for this problem might be to switch off your SuperHubs wifi (via it's config page - http://192.168.0.1/ ) and connect a 3rd party KRACK patched wireless router to your superhub via an ethernet cable. You'll need to configure the additional router and set your KRACK patched wifi devices to use it's WiFi. You may also need to configure port forwarding or switch the superhub into modem mode to allow remote connections to certain devices (e.g. NAS, some consoles etc).  Given that there's no indication of a patch date coming out of Virgin, Netgear or Arris re SuperHub 2 and 3 this maybe the only viable solution for those desperate to have secure WiFi access point  ASAP (that is, short of switching internet service providers).

However, it's probably worth mentioning that the vast majority of hardware manufacturers have seemingly been caught on the hop (despite being notified 2 months ago!). What's more, it's not just WiFi access points that need patching. It's the devices that connect to them too.  Many are still working on patching the suite of KRACK vulnerabilities. The media has latched onto CVE-2017-13082, but there are several directly related vulnerabilities that need patching too:-

  • CVE-2017-13077: Reinstallation of the pairwise encryption key (PTK-TK) in the 4-way handshake.
  • CVE-2017-13078: Reinstallation of the group key (GTK) in the 4-way handshake.
  • CVE-2017-13079: Reinstallation of the integrity group key (IGTK) in the 4-way handshake.
  • CVE-2017-13080: Reinstallation of the group key (GTK) in the group key handshake.
  • CVE-2017-13081: Reinstallation of the integrity group key (IGTK) in the group key handshake.
  • CVE-2017-13082: Accepting a retransmitted Fast BSS Transition (FT) Reassociation Request and reinstalling the pairwise encryption key (PTK-TK) while processing it.
  • CVE-2017-13084: Reinstallation of the STK key in the PeerKey handshake.
  • CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake.
  • CVE-2017-13087: reinstallation of the group key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame.
  • CVE-2017-13088: reinstallation of the integrity group key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame.

(source: https://www.krackattacks.com/ )

Also, I don't wish to be alarmist, but the notion that the KRACK vulnerabilities are proof of concept gets weaker by the day. The exploits are pretty well documented, so if there weren't people seeking to exploiting them before, you can pretty much guarantee that there are now. And while it's true that the most likely targets for this exploit are businesses, can anyone really be sure that script kiddies won't simply be looking to exploit this vulnerability in target rich, densely packed, urban environments? Never mind war-driving, can you trust everyone that lives and/or walks within your network's wifi radius?

 

I genuinely hope Virgin, Netgear and Arris patch these exploits ASAP. Disabling Fast Roaming and Meshing as a short term fix would be a really good start. 

For a brief overview of how KRACK attacks work and what you can do to minimise risk of data theft:-
https://nakedsecurity.sophos.com/2017/10/16/wi-fi-at-risk-from-krack-attacks-heres-what-to-do/

Official site re KRACK vulnerability:
https://www.krackattacks.com/

0 Kudos
Reply