bottleneck
Choose style:

Author Topic: KRACK Attack  (Read 6240 times)

0 Members and 1 Guest are viewing this topic.

Offline AlanLawton

  • Backer
  • *
  • Posts: 11
  • Thanks: 0
  • Registered : 02/08/2013
    YearsYearsYearsYearsYearsYearsYearsYearsYearsYearsYears
KRACK Attack
« on: October 16, 2017, 10:57:34 am »
Is the Almond+ affected by the KRACK Attack vulnerability that was released today, and if so, when can we expect an update to resolve the issues?

https://www.krackattacks.com/

Offline mastermike311

  • Newbie
  • Posts: 3
  • Thanks: 0
  • Registered : 20/05/2016
    YearsYearsYearsYearsYearsYearsYearsYears
Re: KRACK Attack
« Reply #1 on: October 16, 2017, 12:06:22 pm »
+1 on this. It seems like the Almond+ doesn't get support anymore, but this is such a serious issue. Really hope they put an update together soon. Here is some more info for those that are interested:
https://arstechnica.com/information-technology/2017/10/how-the-krack-attack-destroys-nearly-all-wi-fi-security/

Offline Ashok

  • Securifi Staff
  • *
  • Posts: 2770
  • Thanks: 3
  • Registered : 25/07/2014
    YearsYearsYearsYearsYearsYearsYearsYearsYearsYears
Re: KRACK Attack
« Reply #2 on: October 16, 2017, 01:11:07 pm »
@ AlanLawton,

After going through it completely found that, it is more of a client device (Laptop, Smartphones etc) update, which is required not Access point or Router. However, there are some small fixes, which has to be done on the Router side, information has been already forwarded to our Chipset vendor waiting for the update.

Offline tt4me

  • Backer
  • *
  • Posts: 140
  • Thanks: 1
  • Registered : 20/08/2014
    YearsYearsYearsYearsYearsYearsYearsYearsYearsYears
Re: KRACK Attack
« Reply #3 on: October 16, 2017, 01:24:08 pm »
Assuming that this update will come as quickly as "recent" A+ updates, I'm thinking this is the straw that will lead me to finally dumping this thing and moving on.

Offline AlanLawton

  • Backer
  • *
  • Posts: 11
  • Thanks: 0
  • Registered : 02/08/2013
    YearsYearsYearsYearsYearsYearsYearsYearsYearsYearsYears
Re: KRACK Attack
« Reply #4 on: October 16, 2017, 03:29:47 pm »
Does that mean we can expect an update to this in the near future?

Offline nsgnfcnt1

  • Backer
  • *
  • Posts: 14
  • Thanks: 0
  • Registered : 29/08/2014
    YearsYearsYearsYearsYearsYearsYearsYearsYearsYears
Re: KRACK Attack
« Reply #5 on: October 16, 2017, 11:27:18 pm »
@ AlanLawton,

After going through it completely found that, it is more of a client device (Laptop, Smartphones etc) update, which is required not Access point or Router. However, there are some small fixes, which has to be done on the Router side, information has been already forwarded to our Chipset vendor waiting for the update.

Ubiquiti released a firmware update in time for disclosure:
https://help.ubnt.com/hc/en-us/articles/115013737328-Ubiquiti-Devices-KRACK-Vulnerability

To say this isn't an AP problem is mighty disingenuous.   :(

Offline tt4me

  • Backer
  • *
  • Posts: 140
  • Thanks: 1
  • Registered : 20/08/2014
    YearsYearsYearsYearsYearsYearsYearsYearsYearsYears
Re: KRACK Attack
« Reply #6 on: October 17, 2017, 02:30:01 pm »
Ubiquiti released a firmware update in time for disclosure:
https://help.ubnt.com/hc/en-us/articles/115013737328-Ubiquiti-Devices-KRACK-Vulnerability

To say this isn't an AP problem is mighty disingenuous.   :(

Exactly!!

Has to be fixed on one side or the other. Doesn't need to be on both sides, but clearly on the router/AP side is the best case scenario and the proper resolution.

Offline Ashok

  • Securifi Staff
  • *
  • Posts: 2770
  • Thanks: 3
  • Registered : 25/07/2014
    YearsYearsYearsYearsYearsYearsYearsYearsYearsYears
Re: KRACK Attack
« Reply #7 on: October 17, 2017, 03:14:14 pm »
@ All,

We are trying our best to get the fix from our Chipset vendor. However, please do ensure that all your client devices (Laptop, Smartphones etc..,) are updated or else, it may not help the situation.

Offline cthree87

  • Newbie
  • **
  • Posts: 10
  • Thanks: 0
  • Registered : 12/09/2016
    YearsYearsYearsYearsYearsYearsYearsYears
Re: KRACK Attack
« Reply #8 on: October 18, 2017, 05:21:56 pm »
They get their WIFI software stack from the vendor of the chip they use for WIFI (Broadcom??). They need someone else to fix and release updated software development libraries so that securifi can compile and build a new firmware with it. No fix from the vendor, no fix from securifi. They aren't in control of it but I sure hope they choose a good vendor who they are pressuring hard to release a fix. Right?

Offline SR

  • Newbie
  • Posts: 2
  • Thanks: 0
  • Registered : 19/10/2017
    YearsYearsYearsYearsYearsYearsYears
Re: KRACK Attack
« Reply #9 on: October 19, 2017, 12:58:17 pm »
When Almond router is actin as a client in Renge Extender mode it is affected by KRACK vulnerability.
So the fix is defiantly required.

Almost all big brands released the fix at the time the attack was publicly announced:
https://www.kb.cert.org/vuls/byvendor?searchview&Query=FIELD+Reference=228519&SearchOrder=4
Chip vendors including Broadcom and Atheros Communications, Inc. are on the list as well and they have released the fix.

And the fix itself does not require kernel modifications or new drivers. Only patched version of wpa_supplicant is required. So help from chip vendor is really not required for this.

This attitude just shows that Securifi does not monitor current vulnerabilities and does not care about security.

Offline nsgnfcnt1

  • Backer
  • *
  • Posts: 14
  • Thanks: 0
  • Registered : 29/08/2014
    YearsYearsYearsYearsYearsYearsYearsYearsYearsYears
Re: KRACK Attack
« Reply #10 on: November 03, 2017, 01:12:16 pm »
Any news, @Ashok?

Offline APop

  • Newbie
  • Posts: 1
  • Thanks: 0
  • Registered : 07/03/2015
    YearsYearsYearsYearsYearsYearsYearsYearsYears
Re: KRACK Attack
« Reply #11 on: November 04, 2017, 11:25:10 pm »
Bump

Offline joltdude

  • Backer
  • *
  • Posts: 321
  • Thanks: 2
  • Registered : 02/08/2013
    YearsYearsYearsYearsYearsYearsYearsYearsYearsYearsYears
Re: KRACK Attack
« Reply #12 on: November 30, 2017, 08:16:38 am »
Its primarily an AP or IoT device problem.. To KRACK someone the device needs to be a Station......  That said.. there are fixes on both sides of the equation...but the main one is on the clients, not hosts (i.e  .. devices not the router/firewall)  Everyone hemming and hawing.. Securifi has had issues with their chipset vendor in the Almond+ .. Vendor wants to basically wipe their hands clean of the previous product which they bought out from another company... and replace it with their own... Just like Qualcomm is doing to a bunch of IoT vendors... who use their streaming radio chipset... BTW its Realtek not Broadcomm whose the chipset vendor for this device... The chipset in it is technically NOT a Realtek chip.. but a chipset bought out by Realtek who was their competitor...

 

Page created in 0.073 seconds with 20 queries.

bottleneck