WPA2 is no longer safe ? [issue is already fixed on all Mint versions]
Forum rules
Do not post support questions here. Before you post read the forum rules. Topics in this forum are automatically closed 30 days after creation.
Do not post support questions here. Before you post read the forum rules. Topics in this forum are automatically closed 30 days after creation.
WPA2 is no longer safe ? [issue is already fixed on all Mint versions]
Hello to everybody !
I have heard about a new attack called: Krack, on all the available wifi WPA2 connections
You can see everything here: https://www.krackattacks.com/
Now should they develop a new standard of connection ?
[Edit by admin]: this issue is already fixed on all Linux Mint Mint versions. Jump to this post for the details: viewtopic.php?f=58&t=255516&p=1377453#p1377453
I have heard about a new attack called: Krack, on all the available wifi WPA2 connections
You can see everything here: https://www.krackattacks.com/
Now should they develop a new standard of connection ?
[Edit by admin]: this issue is already fixed on all Linux Mint Mint versions. Jump to this post for the details: viewtopic.php?f=58&t=255516&p=1377453#p1377453
Last edited by LockBot on Wed Dec 07, 2022 4:01 am, edited 1 time in total.
Reason: Topic automatically closed 30 days after creation. New replies are no longer allowed.
Reason: Topic automatically closed 30 days after creation. New replies are no longer allowed.
Re: WPA2 is no longer safe ?
<moderator on>
Moved this thread from Linux Mint "Main Edition - Newbie Questions" to "Open Chat", because
+ the alledged WPA2 breach is not a Linux Mint problem only
+ but a problem affecting any operating system which uses wireless connections, e.g. Linux, MacOS, Windows, Andoid, IOS
+ there is no better sub-forum to discuss the topic
</moderator off>
Moved this thread from Linux Mint "Main Edition - Newbie Questions" to "Open Chat", because
+ the alledged WPA2 breach is not a Linux Mint problem only
+ but a problem affecting any operating system which uses wireless connections, e.g. Linux, MacOS, Windows, Andoid, IOS
+ there is no better sub-forum to discuss the topic
</moderator off>
The people of Alderaan have been bravely fighting back the clone warriors sent out by the unscrupulous Sith Lord Palpatine for 750 days now.
Lifeline
Re: WPA2 is no longer safe ?
Another reason to use a VPN, especially when using a hot spot.
Re: WPA2 is no longer safe ?
Not necessarily/immediately. From the description:Fabio7891 wrote:Now should they develop a new standard of connection ?
This would be saying that software-fixes are possible in the sense of not allowing key re-installation. Certainly wrt. the specific mentioned Android/Linux extra vulnerability, by not allowing an all-zero key; this latter part will no doubt be the first fix/mitigation we see; completely disallowing reinstallation might be a higher impact issue.When the victim reinstalls the key, associated parameters such as the incremental transmit packet number (i.e. nonce) and receive packet number (i.e. replay counter) are reset to their initial value. Essentially, to guarantee security, a key should only be installed and used once. Unfortunately, we found this is not guaranteed by the WPA2 protocol. By manipulating cryptographic handshakes, we can abuse this weakness in practice.
But this is certainly a serious issue. Thanks for pointing it out.
-
- Level 3
- Posts: 128
- Joined: Fri Oct 14, 2016 2:22 pm
Re: WPA2 is no longer safe ?
Is Mint patched for this?
Re: WPA2 is no longer safe ?
Here's another article (from FORBES):
The researchers, who said the attack was particularly severe for Android and Linux users, showed how devastating an attack could be in the demonstration video
Read Entire Article
The researchers, who said the attack was particularly severe for Android and Linux users, showed how devastating an attack could be in the demonstration video
Read Entire Article
“I think that this situation absolutely requires a really futile and stupid gesture be done on somebody's part"
"We're just the guys to do it”
Animal House
"We're just the guys to do it”
Animal House
Re: WPA2 is no longer safe ?
As far as I can see, not yet. The debian security advisory, http://seclists.org/bugtraq/2017/Oct/25, has a date of today (16-10-2017) and will given the amount of press this thing is generating very likely make it down to Ubuntu and then Mint within the day. But for now I believe you're vulnerable.earthlingkc wrote:Is Mint patched for this?
Re: WPA2 is no longer safe ?
Here is a url explaining the patch that will be provided.
https://w1.fi/security/2017-1/wpa-packe ... ssages.txt
https://w1.fi/security/2017-1/wpa-packe ... ssages.txt
-
- Level 3
- Posts: 128
- Joined: Fri Oct 14, 2016 2:22 pm
Re: WPA2 is no longer safe ?
Please post to this thread when confirmed that Mint is patched for this.
Re: WPA2 is no longer safe ?
Good.very likely make it down to Ubuntu and then Mint within the day
I am willing to bet that there are few drive-by wifi hackers abroad in Ireland today
http://www.windy.com/?53.347,-6.244,5
-
- Level 3
- Posts: 128
- Joined: Fri Oct 14, 2016 2:22 pm
Re: WPA2 is no longer safe ?
Some questions..
If the home router is patched are all unpatched WiFi devices connecting to it via WPA2 not vulnerable to this?
If say a WiFi printer isn't patched long term but the router is, can the printer data or connect password be monitored?
If the home router is patched are all unpatched WiFi devices connecting to it via WPA2 not vulnerable to this?
If say a WiFi printer isn't patched long term but the router is, can the printer data or connect password be monitored?
Re: WPA2 is no longer safe ?
They would still be vulnerable; this is a client-side issue; a (legitimate) router isn't in fact involved -- which is a blessing, since certainly many older and cheaper routers would not be getting updates.earthlingkc wrote:If the home router is patched are all unpatched WiFi devices connecting to it via WPA2 not vulnerable to this?
It is explained at https://www.krackattacks.com/. The issue requires an untrustworthy Wi-Fi network (which may as in the supplied video be a cloned copy of a trustworthy one; i.e., not something you'd necessarily immediately notice) to replay a step of the WPA2 protocol handshake to the victim-client, causing it to re-install the encryption key for the connection. This is an important security issue on any platform but not yet (all of) the problem in itself; for details, read the bit directly under the "Practical impact" header. On Android and Linux the issue is however made worse by the possibility to trick clients to make that re-installed encryption key be an all-zero key; to effectively disable WPA2 encryption. To, hence, cause the connection to be easily monitored.
So, router no. A printer is a client and it's indeed conceivable someone could trick it onto an untrustworthy/cloned Wi-Fi network and monitor or forge its communication.
Re: WPA2 is no longer safe ?
>> This issue is already fixed for all Linux Mint versions. <<
If you haven't yet applied all available security upgrades in Update Manager, do so now.
The affected packages are hostapd and wpasupplicant. Both come from the upstream package wpa so Update Manager conveniently shows you these as one upgrade under the name "wpa". But if you want to check your installed package versions, you need those first two package names. Mind that hostapd isn't installed by default so it may not be present on your system.
For Linux Mint 18.x you need version 2.4-0ubuntu6.2 or newer.
For Linux Mint 17.x you need version 2.1-0ubuntu1.5 or newer.
For LMDE 2 you need version 2.3-1+deb8u5 or newer.
Ubuntu security notice for the WPA2 issue is found here: https://usn.ubuntu.com/usn/usn-3455-1/ (Linux Mint 18.x are based on Ubuntu 16.04 LTS and Linux Mint 17.x are based on Ubuntu 14.04 LTS). Debian security announcement for the WPA2 issue is found here: https://lists.debian.org/debian-securit ... 00261.html (LMDE 2 is based on Debian Jessie aka oldstable).
Most if not all major GNU/Linux distros have already fixed the WPA2 issue today. The real issue is with phones and tablets.
If you haven't yet applied all available security upgrades in Update Manager, do so now.
The affected packages are hostapd and wpasupplicant. Both come from the upstream package wpa so Update Manager conveniently shows you these as one upgrade under the name "wpa". But if you want to check your installed package versions, you need those first two package names. Mind that hostapd isn't installed by default so it may not be present on your system.
For Linux Mint 18.x you need version 2.4-0ubuntu6.2 or newer.
For Linux Mint 17.x you need version 2.1-0ubuntu1.5 or newer.
For LMDE 2 you need version 2.3-1+deb8u5 or newer.
Ubuntu security notice for the WPA2 issue is found here: https://usn.ubuntu.com/usn/usn-3455-1/ (Linux Mint 18.x are based on Ubuntu 16.04 LTS and Linux Mint 17.x are based on Ubuntu 14.04 LTS). Debian security announcement for the WPA2 issue is found here: https://lists.debian.org/debian-securit ... 00261.html (LMDE 2 is based on Debian Jessie aka oldstable).
Most if not all major GNU/Linux distros have already fixed the WPA2 issue today. The real issue is with phones and tablets.
Re: WPA2 is no longer safe ? [issue is already fixed on all Mint versions]
Many thanks xenopeek for the timely heads-up.
Re: WPA2 is no longer safe ? [issue is already fixed on all Mint versions]
Yep. Just now came in for me through the update manager on Mint 17.3.
-
- Level 7
- Posts: 1517
- Joined: Wed Jul 31, 2013 6:29 pm
- Location: Kalamazoo, MI
Re: WPA2 is no longer safe ? [issue is already fixed on all Mint versions]
since i put the update on my LMDE/2 system disconnects from the router every once in a while.
this is the original LMDE/2 Dist. only; the later re-issue of the .iso doesn't seem to be affected
this is the original LMDE/2 Dist. only; the later re-issue of the .iso doesn't seem to be affected
¡Viva la Resistencia!
Re: WPA2 is no longer safe ? [issue is already fixed on all Mint versions]
Xenopeek I saw the "WPA" installed yesterday morning on my 18.2 an hour or so after I heard about the bug on the news (TV).
-
- Level 6
- Posts: 1282
- Joined: Mon Nov 24, 2014 9:17 am
- Location: Chrząszczyżewoszyce, powiat Łękołody
Re: WPA2 is no longer safe ? [issue is already fixed on all Mint versions]
It is good that issue already fixed on Mint. But it is far from the end of story - who and when will fix our WIFI routers?
Windows assumes I'm stupid but Linux demands proof of it
Re: WPA2 is no longer safe ? [issue is already fixed on all Mint versions]
Ideally, yes home routers are also patched, but the krackattacks folks had this to say about it:
What if there are no security updates for my router?
Our main attack is against the 4-way handshake, and does not exploit access points, but instead targets clients. So it might be that your router does not require security updates. We strongly advise you to contact your vendor for more details. In general though, you can try to mitigate attacks against routers and access points by disabling client functionality (which is for example used in repeater modes) and disabling 802.11r (fast roaming). For ordinary home users, your priority should be updating clients such as laptops and smartphones.
Re: WPA2 is no longer safe ? [issue is already fixed on all Mint versions]
This would surely cause the printer to disappear from the genuine network? It would at least, hopefully, be spotted by the users on that network. Hopefully, even if this results in login credentials being obtained from the printer, using MAC address filtering should be enough to prevent the average miscreant from accessing your home network.rene wrote:A printer is a client and it's indeed conceivable someone could trick it onto an untrustworthy/cloned Wi-Fi network and monitor or forge its communication.
A mate of mine recently had a printout which definitely didn't come from any of his (or my) devices .. photo of some lady he didn't recognize. I was there when it happened. One reason my printer is on ethernet but it IS accessible via the router using WiFi.
Dell Inspiron 1525 - LM17.3 CE 64-------------------Lenovo T440 - Manjaro KDE with Mint VMs
Toshiba NB250 - Manjaro KDE------------------------Acer Aspire One D255E - LM21.3 Xfce
Acer Aspire E11 ES1-111M - LM18.2 KDE 64 ----… Two ROMS don't make a WRITE …
Toshiba NB250 - Manjaro KDE------------------------Acer Aspire One D255E - LM21.3 Xfce
Acer Aspire E11 ES1-111M - LM18.2 KDE 64 ----… Two ROMS don't make a WRITE …