WPA2 is no longer safe ? [issue is already fixed on all Mint versions]

Chat about just about anything else
User avatar
Fabio7891
Level 1
Level 1
Posts: 44
Joined: Wed Jan 04, 2017 2:29 pm

WPA2 is no longer safe ? [issue is already fixed on all Mint versions]

Postby Fabio7891 » Mon Oct 16, 2017 7:24 am

Hello to everybody !

I have heard about a new attack called: Krack, on all the available wifi WPA2 connections

You can see everything here: https://www.krackattacks.com/

Now should they develop a new standard of connection ?

[Edit by admin]: this issue is already fixed on all Linux Mint Mint versions. Jump to this post for the details: viewtopic.php?f=58&t=255516&p=1377453#p1377453
I use Linux Mint 18.3 Cinnamon Sylvia - 64 bit

User avatar
karlchen
Level 18
Level 18
Posts: 8016
Joined: Sat Dec 31, 2011 7:21 am
Location: Germany

Re: WPA2 is no longer safe ?

Postby karlchen » Mon Oct 16, 2017 7:31 am

<moderator on>
Moved this thread from Linux Mint "Main Edition - Newbie Questions" to "Open Chat", because
+ the alledged WPA2 breach is not a Linux Mint problem only
+ but a problem affecting any operating system which uses wireless connections, e.g. Linux, MacOS, Windows, Andoid, IOS
+ there is no better sub-forum to discuss the topic
</moderator off>
Image
Old bugs good, new bugs bad! Updates are evil: might fix old bugs and introduce no new ones.

greerd
Level 5
Level 5
Posts: 732
Joined: Sat Jul 31, 2010 10:58 am
Location: Nova Scotia, Canada

Re: WPA2 is no longer safe ?

Postby greerd » Mon Oct 16, 2017 7:41 am

Another reason to use a VPN, especially when using a hot spot.
Image

rene
Level 6
Level 6
Posts: 1357
Joined: Sun Mar 27, 2016 6:58 pm

Re: WPA2 is no longer safe ?

Postby rene » Mon Oct 16, 2017 8:15 am

Fabio7891 wrote:Now should they develop a new standard of connection ?

Not necessarily/immediately. From the description:

When the victim reinstalls the key, associated parameters such as the incremental transmit packet number (i.e. nonce) and receive packet number (i.e. replay counter) are reset to their initial value. Essentially, to guarantee security, a key should only be installed and used once. Unfortunately, we found this is not guaranteed by the WPA2 protocol. By manipulating cryptographic handshakes, we can abuse this weakness in practice.


This would be saying that software-fixes are possible in the sense of not allowing key re-installation. Certainly wrt. the specific mentioned Android/Linux extra vulnerability, by not allowing an all-zero key; this latter part will no doubt be the first fix/mitigation we see; completely disallowing reinstallation might be a higher impact issue.

But this is certainly a serious issue. Thanks for pointing it out.

earthlingkc
Level 2
Level 2
Posts: 90
Joined: Fri Oct 14, 2016 2:22 pm

Re: WPA2 is no longer safe ?

Postby earthlingkc » Mon Oct 16, 2017 9:02 am

Is Mint patched for this?

User avatar
tovian
Level 4
Level 4
Posts: 273
Joined: Sun Nov 22, 2015 1:17 pm
Location: Heart of Dixie

Re: WPA2 is no longer safe ?

Postby tovian » Mon Oct 16, 2017 9:06 am

Here's another article (from FORBES):

The researchers, who said the attack was particularly severe for Android and Linux users, showed how devastating an attack could be in the demonstration video

Read Entire Article
"Mankind has a perfect record in aviation - we have never left one up there!”

rene
Level 6
Level 6
Posts: 1357
Joined: Sun Mar 27, 2016 6:58 pm

Re: WPA2 is no longer safe ?

Postby rene » Mon Oct 16, 2017 9:31 am

earthlingkc wrote:Is Mint patched for this?

As far as I can see, not yet. The debian security advisory, http://seclists.org/bugtraq/2017/Oct/25, has a date of today (16-10-2017) and will given the amount of press this thing is generating very likely make it down to Ubuntu and then Mint within the day. But for now I believe you're vulnerable.

merl1
Level 1
Level 1
Posts: 1
Joined: Mon Oct 16, 2017 9:28 am

Re: WPA2 is no longer safe ?

Postby merl1 » Mon Oct 16, 2017 9:34 am

Here is a url explaining the patch that will be provided.
https://w1.fi/security/2017-1/wpa-packe ... ssages.txt

earthlingkc
Level 2
Level 2
Posts: 90
Joined: Fri Oct 14, 2016 2:22 pm

Re: WPA2 is no longer safe ?

Postby earthlingkc » Mon Oct 16, 2017 9:39 am

Please post to this thread when confirmed that Mint is patched for this.

User avatar
NChewie
Level 4
Level 4
Posts: 204
Joined: Wed Oct 15, 2014 8:46 am
Location: Ireland

Re: WPA2 is no longer safe ?

Postby NChewie » Mon Oct 16, 2017 9:41 am

very likely make it down to Ubuntu and then Mint within the day


Good.

I am willing to bet that there are few drive-by wifi hackers abroad in Ireland today :D

http://www.windy.com/?53.347,-6.244,5
Toshiba Satellite Pro C650-191 LM17.3 Cinnamon

earthlingkc
Level 2
Level 2
Posts: 90
Joined: Fri Oct 14, 2016 2:22 pm

Re: WPA2 is no longer safe ?

Postby earthlingkc » Mon Oct 16, 2017 10:44 am

Some questions..

If the home router is patched are all unpatched WiFi devices connecting to it via WPA2 not vulnerable to this?
If say a WiFi printer isn't patched long term but the router is, can the printer data or connect password be monitored?

rene
Level 6
Level 6
Posts: 1357
Joined: Sun Mar 27, 2016 6:58 pm

Re: WPA2 is no longer safe ?

Postby rene » Mon Oct 16, 2017 1:24 pm

earthlingkc wrote:If the home router is patched are all unpatched WiFi devices connecting to it via WPA2 not vulnerable to this?

They would still be vulnerable; this is a client-side issue; a (legitimate) router isn't in fact involved -- which is a blessing, since certainly many older and cheaper routers would not be getting updates.

It is explained at https://www.krackattacks.com/. The issue requires an untrustworthy Wi-Fi network (which may as in the supplied video be a cloned copy of a trustworthy one; i.e., not something you'd necessarily immediately notice) to replay a step of the WPA2 protocol handshake to the victim-client, causing it to re-install the encryption key for the connection. This is an important security issue on any platform but not yet (all of) the problem in itself; for details, read the bit directly under the "Practical impact" header. On Android and Linux the issue is however made worse by the possibility to trick clients to make that re-installed encryption key be an all-zero key; to effectively disable WPA2 encryption. To, hence, cause the connection to be easily monitored.

So, router no. A printer is a client and it's indeed conceivable someone could trick it onto an untrustworthy/cloned Wi-Fi network and monitor or forge its communication.

User avatar
xenopeek
Level 24
Level 24
Posts: 21458
Joined: Wed Jul 06, 2011 3:58 am
Location: The Netherlands

Re: WPA2 is no longer safe ?

Postby xenopeek » Mon Oct 16, 2017 1:56 pm

>> This issue is already fixed for all Linux Mint versions. <<

If you haven't yet applied all available security upgrades in Update Manager, do so now.

The affected packages are hostapd and wpasupplicant. Both come from the upstream package wpa so Update Manager conveniently shows you these as one upgrade under the name "wpa". But if you want to check your installed package versions, you need those first two package names. Mind that hostapd isn't installed by default so it may not be present on your system.

For Linux Mint 18.x you need version 2.4-0ubuntu6.2 or newer.
For Linux Mint 17.x you need version 2.1-0ubuntu1.5 or newer.
For LMDE 2 you need version 2.3-1+deb8u5 or newer.

Ubuntu security notice for the WPA2 issue is found here: https://usn.ubuntu.com/usn/usn-3455-1/ (Linux Mint 18.x are based on Ubuntu 16.04 LTS and Linux Mint 17.x are based on Ubuntu 14.04 LTS). Debian security announcement for the WPA2 issue is found here: https://lists.debian.org/debian-securit ... 00261.html (LMDE 2 is based on Debian Jessie aka oldstable).

Most if not all major GNU/Linux distros have already fixed the WPA2 issue today. The real issue is with phones and tablets.
Image

User avatar
MintBean
Level 9
Level 9
Posts: 2543
Joined: Fri Aug 07, 2015 6:54 am
Location: Blighty

Re: WPA2 is no longer safe ? [issue is already fixed on all Mint versions]

Postby MintBean » Mon Oct 16, 2017 2:05 pm

Many thanks xenopeek for the timely heads-up. 8)

rene
Level 6
Level 6
Posts: 1357
Joined: Sun Mar 27, 2016 6:58 pm

Re: WPA2 is no longer safe ? [issue is already fixed on all Mint versions]

Postby rene » Mon Oct 16, 2017 2:16 pm

Yep. Just now came in for me through the update manager on Mint 17.3.

User avatar
mike acker
Level 6
Level 6
Posts: 1288
Joined: Wed Jul 31, 2013 6:29 pm
Location: Kalamazoo, MI

Re: WPA2 is no longer safe ? [issue is already fixed on all Mint versions]

Postby mike acker » Tue Oct 17, 2017 5:55 pm

since i put the update on my LMDE/2 system disconnects from the router every once in a while.

this is the original LMDE/2 Dist. only; the later re-issue of the .iso doesn't seem to be affected
My Computer: IBM 360/50 c. 1975
¡Viva la Resistencia!

User avatar
Tomgin5
Level 5
Level 5
Posts: 684
Joined: Sat Mar 19, 2016 2:37 pm
Location: Beaverton, Oregon USA

Re: WPA2 is no longer safe ? [issue is already fixed on all Mint versions]

Postby Tomgin5 » Tue Oct 17, 2017 9:25 pm

Xenopeek I saw the "WPA" installed yesterday morning on my 18.2 an hour or so after I heard about the bug on the news (TV). :D

User avatar
BigEasy
Level 5
Level 5
Posts: 994
Joined: Mon Nov 24, 2014 9:17 am
Location: Chrząszczyżewoszyce, powiat Łękołody

Re: WPA2 is no longer safe ? [issue is already fixed on all Mint versions]

Postby BigEasy » Wed Oct 18, 2017 5:06 am

It is good that issue already fixed on Mint. But it is far from the end of story - who and when will fix our WIFI routers?
Windows assumes I'm stupid but Linux demands proof of it

User avatar
xenopeek
Level 24
Level 24
Posts: 21458
Joined: Wed Jul 06, 2011 3:58 am
Location: The Netherlands

Re: WPA2 is no longer safe ? [issue is already fixed on all Mint versions]

Postby xenopeek » Wed Oct 18, 2017 7:32 am

Ideally, yes home routers are also patched, but the krackattacks folks had this to say about it:
What if there are no security updates for my router?

Our main attack is against the 4-way handshake, and does not exploit access points, but instead targets clients. So it might be that your router does not require security updates. We strongly advise you to contact your vendor for more details. In general though, you can try to mitigate attacks against routers and access points by disabling client functionality (which is for example used in repeater modes) and disabling 802.11r (fast roaming). For ordinary home users, your priority should be updating clients such as laptops and smartphones.
Image

User avatar
BG405
Level 5
Level 5
Posts: 852
Joined: Fri Mar 11, 2016 3:09 pm
Location: England

Re: WPA2 is no longer safe ? [issue is already fixed on all Mint versions]

Postby BG405 » Wed Oct 18, 2017 2:42 pm

rene wrote:A printer is a client and it's indeed conceivable someone could trick it onto an untrustworthy/cloned Wi-Fi network and monitor or forge its communication.

This would surely cause the printer to disappear from the genuine network? It would at least, hopefully, be spotted by the users on that network. Hopefully, even if this results in login credentials being obtained from the printer, using MAC address filtering should be enough to prevent the average miscreant from accessing your home network.

A mate of mine recently had a printout which definitely didn't come from any of his (or my) devices .. photo of some lady he didn't recognize. I was there when it happened. One reason my printer is on ethernet but it IS accessible via the router using WiFi.
Dell Inspiron 1525 - LM17.3 CE 64-------------------Acer D255E 2GB - LM17.3 KDE 32
Toshiba NB305 - LM17.3 Xfce 32--------------------K7S5A Athlon 1.2GHz - LM17.3 Xfce 32 & WinXP-Pro
Acer Aspire E11 ES1-111M - LM18.2 KDE 64 -----Dell PII 350 64MB - Puppy 4.3 & Win98-SE


Return to “Open chat”