Severe WiFi security flaw puts millions of devices at risk

Discussion in 'Headline News' started by jigwashere, Oct 16, 2017.

  1. Dngrsone

    Dngrsone One Serious Wiku

    Messages:
    1,170
    Likes Received:
    344
    Trophy Points:
    258
    Heh, I was guessing that would be Microsoft's answer.

    Sent from my SM-G935V using Tapatalk
     
    lelisa13p and scjjtt like this.
  2. Mi An

    Mi An Nexus Refugee

    Messages:
    5,241
    Likes Received:
    4,073
    Trophy Points:
    288
    FWIW, no link, but I'm getting the impression that in addition to client-side OS updates, the problem won't be completely sorted without router updates as well.

    While waiting for more clarity on updates and how effective they are, I highly recommend using more carrier data on handhelds and ethernet on PCs as much as possible, especially for any financial related stuff.

    Powerline adapters can make deploying ethernet cables a little less painful. They're pretty cheap these days.
     
  3. Dngrsone

    Dngrsone One Serious Wiku

    Messages:
    1,170
    Likes Received:
    344
    Trophy Points:
    258
    Looks like Linux Mint already has a fix out for their end.

    But yeah, the point of my saying wait for WPA 3 is that almost no consumer-grade Wi-Fi router is going to get patched, and we all know how well the process for phones works (ie not very well at all).

    Sent from my SM-G935V using Tapatalk
     
    z22 2006 User and scjjtt like this.
  4. RickAgresta

    RickAgresta Peanut, leader of the Peanutty Forces

    Messages:
    19,370
    Likes Received:
    11,275
    Trophy Points:
    288
    scjjtt, lelisa13p and jigwashere like this.
  5. Hook

    Hook Phone Killer ;-) Arrrrr...f

    Messages:
    18,805
    Likes Received:
    7,330
    Trophy Points:
    288
    If Google issues a fix, Dirty Unicorns will probably have it in 48 hours. They have been amazing about issuing the monthly security updates for Nougat while they are working on Oreo. Otherwise, not too worried. I assume Ubuntu will have the fix soon if they don't already (will check updates tonight), but my Linux laptop is on a wire. I'm pretty sure my Netgear Router is too old to count on them patching it, so a new router is probably in my future.
     
  6. jigwashere

    jigwashere Life is a circus!

    Messages:
    16,332
    Likes Received:
    8,550
    Trophy Points:
    288
    I'm not at all worried about KRACK attacks at home given the patches already available and the fact that someone would need to be w/in WiFi range. I'll take reasonable protections, but I'm doing that already (i.e., updating all devices when updates are available; using antimalware and antivirus software; avoiding questionable websites; etc.). KRACK barely registers as a significant security issue at home.

    The bigger issue with KRACK is in commercial settings where my data might be transferred via WiFi. And I'm not talking about things like using my smartphone at a coffee shop. Point of sale devices, business workstations, and other devices that handle my personal information put me at risk. Think Experian. Our private, sensitive information is in the hands of government entities, financial and insurance institutions, medical offices, schools and other businesses, and we have to trust that they are doing what's necessary to protect us. It's pretty worrying and discouraging.
     
    headcronie, scjjtt, lelisa13p and 3 others like this.
  7. Hook

    Hook Phone Killer ;-) Arrrrr...f

    Messages:
    18,805
    Likes Received:
    7,330
    Trophy Points:
    288
    Spot on, Jig!
     
  8. headcronie

    headcronie Greyscale. Nuff Said. Super Moderator

    Messages:
    13,517
    Likes Received:
    1,965
    Trophy Points:
    113
    All these wifi and bluethooth vulnerabilities have been driving me crazy lately. We just threw out 180 iPads due to the fact they've been abandoned with no security updates, and are vulnerable to a previous wifi and bluetooth exploit. "But they still work!" as exclaimed by the administration. Over $60k in junk. That's big for us, but pennies in contrast to other enterprises.

    Krack has some nasty implications for us at work. It's becoming quite apparent which devices get business class support, and which devices are simply crap consumer junk. I've relentlessly said we need to stop the inflow of consumer crap into our day to day technology regimen at work. They're seeing the truth of that now. Unfortunately, far too late, and with no budget to do a thing about it.

    At least I am covered. I documented my concerns. Their lack of action on it and the repercussions it brings, is now squarely in their court.
     
    scjjtt, RickAgresta, Dngrsone and 2 others like this.
  9. jigwashere

    jigwashere Life is a circus!

    Messages:
    16,332
    Likes Received:
    8,550
    Trophy Points:
    288
    I fear this the issue with many business that use, share and store data that puts us at risk. Thanks for fighting the good fight, hc! Good luck. :newpalm:
     
Loading...

Share This Page