Announcement

Collapse
No announcement yet.

Announcement

Collapse
No announcement yet.

'Krack' Wi-Fi Breach

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
    #1

    'Krack' Wi-Fi Breach

    Any news...
    On how to patch your Android devices against the " Krack Wifi vulnerability" ?
    Seeing that most of my devices are rooted...men should able to fix this?? (I hope )

    I noticed.. News reporting 41% of all Android devices being vulnerable..
    A serious vulnerability impacts a Billion devices!!

    explain found in tp-link forum
    The Krack Attack method is not really a hardware / software issue completely. The hardware / software will be patched to fix the real issue. WPA / WPA2 encryption uses a key for the devices to communicate anytime and sometimes randomly, when the devices communicate there is what is called a "handshake" between the devices. 4 messages are sent between the devices. At some point in these messages (usually the 3rd message) the devices "agree" on a key that allows them to know they are talking to each other to "secure" the connection the key travels with each transmission between the devices. Currently the key is not randomized enough or regularly enough to prevent the hacker from determining your key. Once they have the key they can tell the devices to not change the key, then do what they want with the info they can see, and even "insert" their own info into your devices (on both the access point i.e. wifi router, and client i.e. smartphone, computer,...etc). Both the access point and the client will need a patch. If the access point only was fixed the hacker can still use access the client. That is why both need the fix. Additionally, Android / Linux devices are susceptible to a "All zero's key hack" where the hacker can change the encryption key to all 0's and not have to use the software to figure out the key each time. That is why just fixing the access point will not completely protect you.

    You can watch this if I did not make it clear enough:     https://youtu.be/VI89hpI5pos
    cheers
    Last edited by mitchell4you; 20 October 2017, 22:59.
    Tags: krack, patch, vulnerabilty, wifi breach, wpa2
    #2
    Realistically I think that the chance of the Chinese vendors patching all of their models is about the same as you have of winning the lottery.

    Luckily, it requires somebody to be in range of your WiFi to execute and anybody wanting to do so is more likely to target those that they can make big bucks from, like business's.

    R-TV BOX S10, Beebox N3150, Chuwi Hibox, Nvidia Shield, A95X Max

    Comment

      #3
      I agree...
      I would never imagine any Chinese tvbox maker to patch it
      *Nor.. Minix or rikomagic ( i hope to be proven wrong offcourse )

      **update: xiaomi has released there first phone patches..
      สล็อตเว็บตรง PG SLOT เว็บสล็อต แตกหนัก ไม่ผ่านเอเย่นต์ APIเล่นตรงของแท้
      http://rootmygalaxy.net/download-miui-9-global-beta-rom-7-10-19-for-all-xiaomi-devices/
      โอกาสเข้าเล่นกับ สล็อตเว็บตรง PG SLOTเว็บสล็อต แตกหนัก ไม่ผ่านเอเย่นต์ ไม่มีขั้นต่ำ สล็อต แตกหนัก ค่ายใหญ่ APIแท้ เล่นตรงกับ สล็อตเว็บตรง พร้อมกันได้แล้ววันนี้

      ​​​​​
      But my hopes are that someone at freaktab or XDA does have the knowledge
      like
      On XDA forum... There is talk about using "magisk" to patch the vulnerability
      Last edited by mitchell4you; 24 October 2017, 20:14.

      Comment

        #4
        Hmm.. Something wierd had happened... AVM ( fritzbox)
        first stated.. there units are un-effected.. Due to not supporting 802.11r (17okt)
        but today...the released updates.. for repeaters and powerline-adapters (20okt)

        So, powerline adaptors with wifi are effected too...

        The Wi-Fi Alliance has made a fix to the Wi-Fi Standards and is available for vendors but not directly for end users.

        https://www.wi-fi.org/news-events/ne...ecurity-update

        The Wi-Fi Alliance has also made a vulnerability detection tool available to members.

        Security Update October 2017 | Wi-Fi Alliance
        https://www.wi-fi.org/security-update-october-2017
        List of known android devices effected
        krackinfo/ANDROID.md at master · kristate/krackinfo
        https://github.com/kristate/krackinfo/blob/master/ANDROID.md
        Vendor Response Matrix for KRACK WPA2 (Key Reinstallation Attack) - kristate/krackinfo


        nice big list with big names..and sites, where to find patches
        GitHub - kristate/krackinfo: Vendor Response Matrix for KRACK WPA2 (Key Reinstallation Attack)
        https://github.com/kristate/krackinfo
        Vendor Response Matrix for KRACK WPA2 (Key Reinstallation Attack) - kristate/krackinfo


        Last edited by mitchell4you; 21 October 2017, 00:16.

        Comment

        Previous template Next

        What's Going On

        Collapse

        There are currently 3062 users online. 0 members and 3062 guests.

        Most users ever online was 63,956 at 18:56 on 20 March 2025.

        Working...
        X

        We process personal data about users of our site, through the use of cookies and other technologies, to deliver our services, personalize advertising, and to analyze site activity. We may share certain information about our users with our advertising and analytics partners. For additional details, refer to our Privacy Policy.

        By clicking "I AGREE" below, you agree to our Privacy Policy and our personal data processing and cookie practices as described therein. You also acknowledge that this forum may be hosted outside your country and you consent to the collection, storage, and processing of your data in the country where this forum is hosted.

        I Agree