UPDATED: KRACK Attack Threatens to Kill WPA2 Wi-Fi Security

Well, this could be problematic…

I heard about this early Monday 2017-10-16; and it got me a bit concerned. Six collegiate researchers revealed information on a WPA-2 Wi-Fi security, Key Reinstallation Attack (KRACK Attack). This reliable information will allow attackers to undermine Wi-Fi encryption on any wireless connection utilizing WPA2 Personal security. This will affect literally, any and every brand and type wireless router on the B2B and consumer markets today.

This latest exploit takes advantage of the four-way handshake needed to establish an encryption key between a router and a connecting device. When properly executed, this vulnerability allows attackers to compromise the third step. This can lead to the re-use of an encryption key; or in some cases in Android and Linux based devices, the establishment of a null key.

US-CERT, the division of the Department of Homeland Security responsible for computer safety has become aware of “several key management vulnerabilities” used in the attack. The agency has declared that the vulnerability includes lack of proper encryption, content hijacking, HTTP injection, and other problems. In the advisory issued on Monday, US-CERT says that “most or all correct implementations” of WPA-2 are affected by the vulnerability —meaning every consumer device, and most enterprise access points.

The researchers claim that the attack vector completely opens up an Android 6.0 and later device. Other operating systems, including iOS and macOS are less impacted, but “a large number of packets” can still be decrypted from all.

At present, there are no patches for consumer-grade devices, and only a few commercial manufacturers have issued updates. A large percentage of network equipment will likely not see updates —so a properly patched operating system will be essential for users.

The attack uses one or more of 10 different exploits. The details of the exploit were submitted for review on May 19, and a conference presentation will be delivered on Nov. 1.

Fixes can be made by vendors on either the client or router level, and only one of the pair needs to be patched for the vulnerability to be ineffective. A patched computer can connect to an un-patched router and not be vulnerable, and vice-versa. Updates to either will prevent an encryption key from being reused.

What to Do
If you feel you must do something to ward off the evil Wi-Fi spirits, you can consider doing the following:

• Most home-based, consumer networks likely won’t be affected. However, those “common area” networks in apartment buildings (you get access because you rent there) or hotels and other high settlement areas remain vulnerable to attack.

• If and when a patch to the vulnerability becomes available, install it immediately.

• Upgrade to the latest, released version of the OS you’re computing on; and keep your security patches current.

• Never, ever use public Wi-Fi or unsecured networks. In fact, avoid them like the plague.

• Don’t frequent any ecommerce sites or any sites that collect PII (personally identifying information – like Name, Address, Date of Birth or SSN), that do not make use of HTTPS.

• Consider configuring your Wi-Fi network(s) to NOT broadcast its SSID. It’s still possible to sniff a non-broadcasted network name out if you’re determined enough to do it; but not revealing your network name is easy and effective way of keeping it hidden.

• Change your default passwords. If your router or other network equipment, network attached storage devices, etc. are still using their default passwords after you set them up, you’re just begging for trouble. Changing these will make it harder for undesirables to get the goods

• Consider turning your wireless printer off when you’re not using it. That way, no one will be able to waste your paper or toner by printing 300 pages of junk…

• Enterprise WPA-2 doesn’t appear to be affected by the flaw. If your network gear supports it, consider shifting to the more secure protocol.

UPDATE:
I reviewed the Netgear Orbi Mesh Router earlier this year. I was fairly pleased with the device and the way it worked in my house. Most of the Wi-Fi issues I was experiencing were resolved after I purchased and installed this device in my house.

Unfortunately, Netgear has not released a firmware update for the Orbi Mesh Router to resolve the KRACK vulnerability in this device. According to a KB article, there are a couple issues that need to be remembered about this issue:

1. Your devices are only vulnerable if an attacker is in physical proximity to and within the wireless range of your network.
2. Routers and gateways are only affected when in bridge mode (which is not enabled by default and not used by most customers). A WPA-2 handshake is initiated by a router in bridge mode only when connecting or reconnecting to a router.
3. Extenders, Arlo cameras, and satellites are affected during a WPA-2 handshake that is initiated only when connecting or reconnecting to a router.
4. Mobile hotspots are only affected while using Wi-Fi data offloading, which is not enabled by default.

Based on this information, it’s very unlikely that anyone – regardless of the type of UNPROTECTED router they have – is EVER going to fall victim to this exploit, especially if you’re the average, everyday consumer. Those folks don’t have much to chase after; AND most importantly, they are unlikely to have any of their wireless networking equipment in bridge mode or to have hotspots using Wi-Fi data offloading.

While there are a number of Orbi users loudly demanding a firmware update, if and when an update IS made available, the Orbi system will download and install the update automatically.

Thankfully, I don’t have too much to worry about.

The other thing that users can do IF their router supports it is to switch from WPA2 Personal encryption to WPA2 Enterprise. Unfortunately for me, the Orbi does NOT currently support WPA2 Enterprise, so this isn’t an option for me. However, I’m not very upset or concerned about it at this time.

If you’re effected by this issue, I’d love to hear from you. Please meet me in the discussion area below and tell me what happened to you and if and how you resolved it on your end.

Related Posts:

Communications capabilities with Zello

Zello-Walkie-Talkie-IconGet push to talk styled communications capabilities with mobile device and PC users in this cool Windows app.

Communication is  the key to productivity. I’ve heard it said millions of times.  In many cases, instant communication can be a God-send.  This is the biggest reason why push-to-talk (PTT) is such a critical and effective communications tool; and the biggest reason why I like Zello. It’s a PTT app for your Windows PC.

Z-02Zello is a free push-to-talk application for smartphones and PCs. It’s lightweight, easy to use and extremely fast. It’s also free for personal use; and can be used on any combination of Android, Blackberry, iOS and PC’s.

One of the best things about Zello conversations is that they’re are almost as fast as face-to-face conversations.  They are also faster than online communications.  All you have to do is click to talk. There really isn’t any need for any kind of real configuration.

Zello supports channels where you can talk to up to 100 people from anywhere in the world at the same time.  You can record your conversations and re-play them whenever you want.

Zello is lightweight. The program uses very little system resources and memory.  Zello doesn’t require you to use a headset. You can use your phone’s speakerphone, a plugged in or built-in microphone or connected speakers, for example.  Zello works great over Wi-Fi and 3G.  It will also work over GPRS and EDGE, but its performance isn’t as robust at those slower speeds.

Related Posts:

Secure your home or businesses internet connection with Wifi Protector

Whilst a wireless connection is an easier and more convenient way to get on the internet, using one puts your personal information at risk of being seen by others.

Most security software just protects your device from viruses. The WiFi Protector protects your connection from hackers at all times. It uses 256 bit encryption technology, enough to protect you from identity theft and other internet crimes.

The software also hides your unique IP address, giving you anonymity and the freedom to surf the internet reassured of your privacy. With your IP address hidden you can access restricted websites censored to you in your area.

The main menu displays all the information you need to check your connection is protected. You can monitor what devices are connected to the same network as you, making sure only devices you trust are on the same WiFi connection as you. The software runs in the background of your computer, notifying you whenever a new device connects to your network.

Whilst wireless internet makes it easier for you to surf the web, it also makes it easier for hackers to access your personal information. It is vital to encrypt your information to keep it protected from others. The WiFi Protector is an easy way to protect your network at all times.

Download Wifi Protector

Related Posts:

I’m having a Bad Apple Day

You’d be surprised at how Apple’s integrated online services into its products…

I’m a T-Mobile USA customer living and working in Chicago, IL.  Earlier this week, Gigaom’s Kevin Fitchard reported on a seemingly nationwide, T-Mobile outage.  While no official statement has come out from the number four US-based carrier, both he and I seem to think that the brief service interruptions are due to the company’s network refarming and upgrades.  T-Mobile is in the process of moving its HSPA+ service from 1700mHz AWS to 1900mHz UMTS. Kevin put it very well, “…You can’t move that much hardware around without experiencing some problems…”

Kevin is right.

This morning I’m beside myself and I’ve got issues with my iPhone that can’t get resolved because I can’t get a 3G/4G signal through my T-Mobile Sonic 4G Mobile Hot Spot.  All I’ve got is EDGE (2G).

This is a problem for me, because I’m running iOS 6.0 Beta 2 on my iPhone 4S, and its misbehaving.  Specifically, regardless of whether or not you have songs stored on your iPhone, Music appears to want to play songs from iCloud.  Unfortunately, it seems to have issues playing any audio through iCloud.  Having a decent connection helps, but currently, in Beta 2, just because you’ve got a decent 3G/HSPA+/LTE signal, doesn’t mean the song will play.  It may… or it may not.  Currently, having the content on your iOS 6 powered iDevice just seems to confuse it.  It may not play the local content either.

I was able to determine that if you turn on Airplane mode (so all wireless radios  – Wi-Fi, Bluetooth, cellular – are turned off), local content can play without any issues…but who wants to go the whole time you’re listening to music with your cellular radio/phone turned off?

At times, I can coax the phone into playing content with the cell radio on by turning it on and off a few times and trying to play music. Today, that’s not working.  The recommended troubleshooting step to correct a misbehaving iDevice is to restore it from a backup and letting all of your content sync back over.

Did I mention that Apple requires an internet connection in order to make that happen..??  Yeah… iTunes requires an internet connection to repeatedly verify that the file you’re using to restore your iDevice with, is an actual, verifiable (literally…) Apple sanctioned and certified iDevice ROM. Verification of the image takes place EACH and EVERY time you restore your iDevice.

Which Cupertino-based Braniac thought THAT one up?

What happens when you don’t have internet access??  Well… THAT’S easy.  You don’t get to restore your iDevice, and it stays screwed up until you GET internet access.

That’s just awesome.

So without a reliable 3G/4G HSPA+ signal through my Sonic 4G Hotspot, I’m outta luck until I can get home LATE tonight. Unfortunately for me, I’ve got a lot of desk work today, and will be without my music unless and until I get a reliable cell/data service signal, which again… is just awesome.

However, I really think it’s amazing how tightly Apple has integrated its online services, specifically iCloud, into all of its products.  It’s also amazing how those products don’t function as designed when a critical piece of infrastructure malfunctions.

I’m kinda stuck until T-Mobile’s network and my 4G hotspot decide to behave, or I buckle and turn on Airplane mode and turn my iPhone into an iPod Touch.

I’m certain the programmatic issues will get resolved in future betas of iOS 6, but right now, it’s really stinking up the joint…

Related Posts:

Windows 8 still a bit glitchy

Microsoft released the Windows 8 Release Preview on, 31-May-12. I’ve pulled down the preview, with all of the Metro Apps and installed it…and then I promptly nuked my Asus Eee T101MT Touch netbook and restored Windows 7 to it.

Why?  Well, that’s pretty simple…

The OS couldn’t turn on the Wi-Fi Radio.

I have Comcast cable internet coming into the house providing me with a speedy 50Mbps down/20Mbps up pipe.  I’ve got 802.11g/n Wi-Fi in the house as well, and I know that when things are humming right and cooking with gas, I can push 22-25MB/s of data across my home network (That’s equivalent to 176-200Mpbs, kids…).  Oh yes… It’s a beautiful thing.

Soft32 will continue to provide in depth, thought provoking analysis on all major platform upgrades and advances, and the summer of 2012 looks to be a very active season.  There’s a lot happening in the desktop operating system world right now. So after downloading the 2.65GB ISO image of the 32bit version of Windows 8 Release Preview, with Apps last night, I set out to install the revised OS on my T101MT so that I could begin evaluating the delta (or change) between it and the Consumer Preview.

I plugged the Eee PC into one of the five wired Ethernet ports of the network switch I have in my home office and turned off the Wi-Fi radio. Over the years, I’ve learned that having more than one active network adapter running at the same time on a single PC (like having the Wi-Fi radio on and connected to your wireless router or access point while having a network cable plugged into your wired Ethernet port) can cause network performance issues on Windows PC’s.  After many conversations with Microsoft technicians and technical beta team leads, I’ve learned that a Windows PC can become confused when trying to determine which network adapter to send and receive IP traffic through if more than one networking adapter is active in the same PC at once.  So, I turned the Wi-Fi radio in the Eee PC off after plugging in the Ethernet cable. It seemed reasonable, logical, and it’s what my experience has taught me to do over the years.

Yeah…someone please remind me not to do that again…Big mistake.

After Windows 8 Release Preview installed and I unplugged the Ethernet cable from the netbooks LAN port, I couldn’t get the wireless radio to turn on to save my life.  I fiddled with every setting and registry nugget I could find. I pulled the driver out, deleted the files and let the PC find everything again to no avail.

After a couple hours, I threw in the towel and activated the recovery partition on the netbook. I blew the entire contents of the PC and will start over from scratch this weekend…this time, leaving the wireless network adapter on after plugging in the Ethernet cable.

Come back next time, and I’ll give you the run down on what actually happened, why it happened and what this means to the Windows computing public in general.

Related Posts:

Read and backup data from scratched CD/DVD/Blu-ray discs with AnyReader

Anyone with children has this problem – you’ve got CD/DVD’s running around the house without the protection of their jewel cases, and they’re scratched beyond belief. Disc Doctors and other physical repair tools are great for optical discs, but not for other faulty media like floppies, hard drives and flash drives.  This is the reason why I like AnyReader. It’s a must have data utility for Windows.

AnyReader copies files from scratched CD/DVD/Blu-ray or defective floppy or hard disks. When your computer is unable to copy files from a damaged disk it aborts and deletes the part of the file it has copied. AnyReader will continue copying the file right to the end. Any data that hasn’t been recovered after several retries is replaced with blanks. This will allow you to effectively read every byte of information that can be read at all for the media in question so that it can be copied to the destination of choice.

AnyReader effectively copies corrupt data from erroneous network and/or internet connections if standard copying methods fail. It supports resumed downloads from the remote server if the connection was broken during the copy process.  This is especially useful for unreliable or spotty Wi-Fi networks.

AnyReader is an awesome tool. If you’re trying to pull data off corrupt or damaged discs or media and nothing else you do seems to work, AnyReader is the type of application that can save your bacon. Its affordable and reasonably priced and is a welcomed edition to my stable of utilities.  The only real downside to the app is that it won’t work with Macs or Mac discs. This would be a stone-cold ringer if it was a multi-platform utility.

download AnyReader

Related Posts:

XBOX 720 Rumors

The Xbox 720 is the industry nickname for Microsoft’s next big addition to the console gaming and multimedia entertainment market. Given the popularity of the Xbox 360, it was inevitable that Microsoft would want to build on that success with a new and superior product and the company confirms that it began considering the next generation almost as soon as the current Xbox began to ship.

Rivals Sony have let slip that their own PlayStation 4 will also be shipping sometime in the next couple of years, estimating that it will hit the stores not much later than the Xbox 720 (codenamed “Durango”). Sony have a longer and more impressive track record as a purveyor of addictive games console technology than Microsoft and there’s considerable loyalty among PS gaming fans. Future purchasers will be looking both at the new consoles’ speed and graphical excellence from a gameplay perspective; but the winner in battle of the consoles will also need to compete on multimedia capabilities.

One hot rumour is that the new Xbox will incorporate a Blu-Ray drive. When the Xbox 360 first shipped, the format wars were still ongoing and Microsoft was a stanch member of Team HD DVD. Now that Blu-Ray has soundly trounced its rivals to become the reigning multimedia format, it seems an absolute certainty that both consoles will include Blu-Ray.

Another solid bet is that the new Xbox will have HDMI and Wi-Fi as standard. The Xbox 360 Elite offers HDMI; as of 2012, Wi-Fi also comes as standard. More to the point, the The PS3 already comes with Wi-Fi Ethernet and Bluetooth so we can reasonably assume that the PS4 will, too. To remain competitive, the Xbox 720 needs to match these capabilities.

The Xbox 720’s processor is another major focus for speculation. Rumours that the PS4 would be sticking with the PS3’s Cell processor have been quashed and industry insiders now believe it will employ an AMD x64 CPU. The Xbox 720 will need to compete with that to attract serious gaming enthusiasts. It’s probable that Microsoft will turn to its partner IBM for the latest in processor technology. IBM’s Power6 chip, a dual core 4.7GHz server CPU, would give the Xbox a serious edge over its rival. Rumour has it that the Xbox 720 will contain two GPUs for faster graphics.

Fans who have amassed a large collection of games and a virtual trophy cabinet of achievements needn’t fret. The Xbox 720 will almost certainly be backwards compatible, allowing you to play all your existing games, and achievements you’ve unlocked on the Xbox 360 will probably be carried over too. The Xbox 360 still has a lot to give and Microsoft will certainly continue supporting it after the Xbox 720’s release.

The new console could theoretically stand the gaming industry on its head, capitalising on the ground that Microsoft has already gained in the gaming and entertainment market. A firm launch date has yet to be announced but 2014 seems a likely estimate.

Related Posts:

What’s hot in the second edition of the iPad 2

The new iPad 2 has arrived and “redefines the category Apple created less than two years ago, delivering the most amazing experience people have ever had with technology,” said Philip Schiller, Apple’s senior vice president of Worldwide Marketing. Let’s take a look at the most important improvements.

First of all, there is a gorgeous high-resolution (2048 x 1536) Retina Display which  makes web pages, text, images and video look incredibly sharp and realistic and with 44 percent increased saturation, the colors are unbelievably richer, deeper and more vivid.

Second, the new iPad has a new A5 chip (A5x) with quad-core graphics which makes the iPad faster and more responsive to enjoy the benefits of the stunning new full 1080p HD-resolution.

The camera has been also improved (5MP) and it can now record full HD video and take better picture in low-light conditions. There is also a new video image stabilization feature which  removes the bumps and shakes typically seen when filming with a hand-held device.

iPad Wi-Fi + 4G has built-in next generation 4G LTE  for fast networks worldwide including HSPA+ and DC-HSDPA, and now both CDMA and GSM iPad users have the ability to easily roam internationally.

About battery life,  Apple announced that the new iPad will have 10 hours of battery life, same for the iPad2, and 9 hours when being used on AT&T’s or Verizon’s 4G LTE networks.

Pricing

The new iPad Wi-Fi models will be available in black or white on Friday, March 16 for a suggested retail price of $499 (US) for the 16 GB model, $599 (US) for the 32 GB model and $699 (US) for the 64 GB model.

iPad Wi-Fi + 4G for either AT&T or Verizon will be available for a suggested retail price of $629 (US) for the 16 GB model, $729 (US) for the 32 GB model and $829 (US) for the 64 GB model.

One more thing, the first edition iPad 2 is now offered at a more affordable price of $399 (US) for the 16 GB Wi-Fi model and just $529 (US) for the 16 GB Wi-Fi + 3G model.

Related Posts:

Stay in touch with Soft32

Soft32.com is a software free download website that provides:

121.218 programs and games that were downloaded 237.780.356 times by 402.775 members in our Soft32.com Community!

Get the latest software updates directly to your inbox

Find us on Facebook