THE FULL EXTENT of the KRACK WiFi exploit which makes the standard WPA2 encryption on most WiFi networks hackable has been released.
We already knew that almost every WiFi network in the world was vulnerable. We now know how much and why. Obviously, it's a bit of a head-f*ck so we've had the nervous breakdown so you don't have to.
First the ‘why'. Here's the explanation from the researchers.
"In a key reinstallation attack, the adversary tricks a victim into reinstalling an already-in-use key. This is achieved by manipulating and replaying cryptographic handshake messages. When the victim reinstalls the key, associated parameters such as the incremental transmit packet number (i.e. nonce) and receive packet number (i.e. replay counter) are reset to their initial value. Essentially, to guarantee security, a key should only be installed and used once. Unfortunately, we found this is not guaranteed by the WPA2 protocol. By manipulating cryptographic handshakes, we can abuse this weakness in practice."
Short answer. It tricks the client into accepting that an old or in-use password is a new password.
Wow, we wrapped that up quick.
Basically, it comes down to something we already knew - there is no such this as random. And in the case of WPA2, that randomisation was done in a 'non-optimal' way, something that has been known for several years but never exploited.
The good news is that your home is probably safe. An attacker has to be in range of you for a start, and then be bothered enough to do the attack. Then he has to have enough "CPU hours" (that is to say, enough computer power to exploit the vulnerability in a reasonable time).
So the real fear is public and enterprise WiFi, though relatively little of that would be worth the effort. Even somewhere like an airport, the public WiFi would be separated from the airport systems.
And there's more good news. Patches can be developed on the software side. Here's some of the bigger names and how they're progressing with fixing things:
Amazon: Currently reviewing
DD-WRT: (the most popular alternative firmware for Routers): Patch designed, so far not downloadable
Google: Affects only Android 6.0 and above. Patch should be ready by 6 November.
Intel: Updated drivers available
Lineage OS: Patched already
Microsoft: Was fixed before going public on Patch Tuesday (10/10)
Netgear: Advisory issued. New firmware rolling out.
Qualcomm: Patches ready, awaiting customer assurance process
TP-Link: TP-Link has been working to solve this problem and will continue to post software updates at: www.tp-link.com/support.html. Products with TP-Link Cloud enabled will receive update notifications in the web management interface, Tether App or Deco App automatically.
Ubuntu: wpa-supplicant and hostapd can be updated
WiFi Alliance: See this post
Obviously, this is far from exhaustive. We've no word from the likes of Asus, IBM and HPE. Lenovo and VMware say they're not affected.
This list is correct as of 1100 BST on 17/10/2017. Some of this info first appeared courtesy of the good people at Bleeping Computer. µ
Promises that it wasn't used without permission
Data-sniffing malware could snaffle up one password to rule them all
If you can't beat em, sync em
Fixing the old, creating the new