Critical WiFi Vulnerability Found - KRACK

Yeah sorry I said Wireless while I was meaning Wi-Fi, my bad :confused:

Not quite, you need to patch your wireless access points as well as the clients.

How about IoT devices. My home projects make use of the ESP8266 (family) WiFi-SoC. Software running on them use an API to the hardware; not even sure if they can be patched. User software reflash definitely not a problem.

Other hardware, like my washing machine has wifi (happend to have it), for sure not easy to update from the user side.

Only updating Lede will not help, correct? So I need to hope that a strong AES-CCMP password is enough for my neighbor not to attempt to hack/spoof my network.

You need to patch your "AP" if it is acting as a client, like a Wi-Fi repeater or a Wi-Fi router configured in bridge mode, that's why I said multiple times "client", otherwise you're good on that side.
There's a second flaw on the Fast BSS Transmission implementation but that's a "niche" feature and I'm not even sure that a single LEDE compatible router supports it.

you could still install vpn server on your washing machine and wash your laundry securely from within your couch :smiley:

1 Like

Anyone interested in how the attack works or which devices are affected and how should probably have a look at this page previously linked to by @ambientsummer:
https://www.krackattacks.com/#faq

Espressif has released fixed to the ESP8266 family. But the manufacturer must create the fix, and you have to hope they decide to do it (or that it is even possible...)

About your washing machine, a strong password won't help. Your best option is not to use the WiFi capabilities until (or if) the manufacturer decides to push an update.

OR, you can leave it exposed. It's up to you, really. It's very likely none of your neighbors are technologically capable of exploiting KRACK, but also, even if they could, they are probably not interested in messing up a Washing Machine.

1 Like

the writeups I've read indicate that the vulnerability exists in both
directions, so it's not enough to just patch the clients, you also need to patch
the AP side or transmissions from it can be vulnerable.

Once again, im glad using open source distro on nearly all my devices. I have only to "worry" about 2 Fritzbox, wich only one is using wifi. For Android: check LineageOS if your device is supported there. If not, take a custom rom from XDA based on latest lineageos or aosp.

1 Like

From the Q&A on the original website "Our main attack is against the 4-way handshake, and does not exploit access points, but instead targets clients. [...] For ordinary home users, your priority should be updating clients such as laptops and smartphones."
Like I said, the second vulnerability affects Fast Roaming which is generally not a feature present in home routers.

1 Like

Fritzbox not affected acc. AVM
https://avm.de/aktuelles/kurz-notiert/2017/wpa2-luecke-fritzbox-am-breitbandanschluss-ist-sicher/

Will one unpatched device compromise the entire network? Say I patch all of my own devices, but I let my friend connect his old, unpatched android phone to my wifi network. Will that mean that an attacker will be able to sniff all my network traffic, or will the attacker only be able to sniff traffic from the unpatched android phone?
The first scenario would mean, that this exploit is practically unpatchable and we would need to move to wpa3 or something similar to be safe from it.

The arduino ESP8266 lib contains the fix if you upgrade to 2.4.0-rc2 :
https://github.com/esp8266/Arduino/issues/3725

1 Like

If your router doesn't acts like a client (bridge or repeater) then the only possible affected device is your friend unpatched phone.

Thanks for clearing that up, I think I get it now. I unfortunately own a couple of wifi repeaters that are useless then, because I doubt the manufacturers will release firmware updates for them, and they are not able to run LEDE :slight_smile:

As I said, dumb Windows user. Please elaborate on how someone would breach my home network. Is he just sitting in front of my house (starbucks) and waiting for me to connect my phone to my WLAN and then inserts his WLAN between my client and WLAN?

Unfortunately ya buried me in geek speak. So the exposure for the light bulb is someone turning it on and off at will?
For the washing machine, its running a cycle with no clothes in the tub (which I can probably fix by leaving the door open - a good idea to prevent mold anyhow).
The door lock may be more of an issue if they can open it.
But again, not clear they gain device control as much as can monitor the traffic it produces?

It appears that all the release versions of 17.01.x (0-3) have been updated (based on a 10/17 date and, at least for the mipsel_24kc, to a version of "-6")
https://downloads.lede-project.org/releases/17.01.0/packages/mipsel_24kc/base/
https://downloads.lede-project.org/releases/17.01.1/packages/mipsel_24kc/base/
https://downloads.lede-project.org/releases/17.01.2/packages/mipsel_24kc/base/
https://downloads.lede-project.org/releases/17.01.3/packages/mipsel_24kc/base/

So for the dumb Windows user, can I just download and OPKG Install the packages currently installed for my version and be done with KRACK on LEDE?

About an hour ago I upgraded to -5, now there is a -6. Whats the difference?

root@WRT3200ACM:~# opkg list-upgradable
wpad-mini - 2016-12-19-ad02e79d-5 - 2016-12-19-ad02e79d-6
hostapd-common - 2016-12-19-ad02e79d-5 - 2016-12-19-ad02e79d-6

Those contain additional patches which are not strictly required to fix the bug itself, but harden that area of code and help mitigating the impact - upgrading is a good idea (and they will be part of 17.01.4).

1 Like

Thanks.

Are there more updates still forthcoming for the kernel mac80211 code? Or is that a different vulnerability?