{"id":5613,"date":"2017-10-01T11:38:31","date_gmt":"2017-10-01T15:38:31","guid":{"rendered":"http:\/\/www.theeldestgeek.com\/?p=5613"},"modified":"2019-05-25T11:55:07","modified_gmt":"2019-05-25T15:55:07","slug":"important-info-all-about-krack-new-wifi-vulnerability","status":"publish","type":"post","link":"https:\/\/www.theeldestgeek.com\/important-info-all-about-krack-new-wifi-vulnerability\/","title":{"rendered":"IMPORTANT INFO – All about KRACK – new wifi vulnerability!"},"content":{"rendered":"
\n
\n

ALL ABOUT KRACK NEW WIFI VULNERABILITY –
\n<\/strong><\/p>\n<\/div>\n

I’ve had a quite number of customers ask me about KRACK – the subject of quite a bit of recent news!<\/div>\n
<\/div>\n
Well – here is the scoop.<\/div>\n
<\/div>\n
KRACK – the name comes from Key Re-installation Attack. It exploits a weakness in the WPA protocol that protects Wifi traffic, which pretty much means everyone<\/div>\n
and I mean EVERYONE using Wifi is affected.<\/p>\n

For years we used WEP as the security protocol and more recently as weaknesses in that security method were discovered (you are able to discover the WEP key with any good laptop and a couple hours of computing) a new security method called WPA was implemented and at this point it has largely replaced WEP.<\/p>\n

But WPA has a flaw – there is a 4 step process in negotiating access to your secure network.\u00a0 This process is ‘robust’ and is designed to handle momentary losses of connection so that your computer can reattach easily to the network.<\/p><\/div>\n

The problem is that the process that makes it ‘robust’ has a serious flaw and when you tell the network you are ‘re-attaching’ after losing connection the WPA protocol allows itself to be played – and a process can ask it again and again to attach – and each time it asks it gets a bit more information until the attacking process is gven enough information to completely reconstruct the key – and gain FULL access to your ‘secure’ network.<\/p>\n

WOW – I say.\u00a0 THAT is a flaw!<\/p><\/div>\n

<\/div>\n
But – this ONLY affects computers (and phones, iphones, android phones) that use wireless to attach to your network.<\/div>\n
Effectively another person can connect to your network without your permission.\u00a0 And once they are attached they can operate their laptop in ‘promiscuous’ mode – meaning that the laptop can capture and record ALL packets of data sent or received by ANY computer on the network.<\/div>\n
Normally you ‘filter’ out any packet not directed at your own computer because you don’t care or don’t want to have to analyze the other traffic.
\nSo if you are reading emails – the attacker is effectively sitting over your shoulder.<\/p>\n

So – how bad a problem this?\u00a0 Its big.\u00a0 And bad.\u00a0 BUT ITS NOT THE END OF THE WORLD like some are saying (often with things to sell you).<\/p>\n

First – it ONLY affects wireless traffic.\u00a0 If you have a wired computer at home, your network traffic is not subject to inspection.
\nOnly things attached to your wireless router can have their network traffic inspected.<\/p><\/div>\n

Second – if you are connecting to your bank for example, those are always (or virtually always) connected via HTTPS (secure web) – and even if someone could look at thos packets as they went between you and the bank they would be gibberish.\u00a0 THAT kind of traffic is still secure and unaffected by KRACK!
\nHere, he is NOT sitting over your shoulder – and what you are sending and receiving is all highly encrypted and secure.\u00a0 Gaining access to secured encrypted traffic does not help the attacker at all!<\/div>\n
Third – and VERY important! The attacker has to be WITHIN RANGE OF YOUR WIFI!\u00a0 No one sitting in Russia can attach to your network.\u00a0 They would have to be inside your house (or very close by outside your house) to have a strong enough signal to attach.\u00a0 So unless someone is lurking in the bushes you have little to fear at your house.<\/div>\n
Normal wifi is only readable in your house.\u00a0 You can check how strong it is by going out to your driveway and see if you can still attach via your phone.
\nIf you cant do it, then no attacker could do it either!<\/div>\n
Checking your bushes would be a good idea.\u00a0 In any case IMHO.<\/p>\n

The MAIN cause for worry is when you are in public spaces like an airport.\u00a0 Then someone attaching … but wait … if the attacker is in a PUBLIC space they can attach to the network anyway!\u00a0 did YOU have to enter a password in an airport?<\/p><\/div>\n

In Public spaces you should make sure you use HTTPS websites for anything ‘sensitive’.\u00a0 And if you send an email containing passwords or credit card info in such a location you are open to loss of that information – having NOTHING to do with KRACK!<\/div>\n
<\/div>\n
So – all in all – its a problem.\u00a0 But really a pretty minor one IMHO.\u00a0 And its really a problem in your ROUTER that is generating the Wifi Hotspot.\u00a0 That device needs to have its WPA security updated to eliminate the flaw – and router vendors are I’m sure producing firmware updates as we speak.
\nYou can check with the manufacturer of your router as to when they will have a patch to handle the flaw.<\/p>\n

Any further questions – fire away.\u00a0 I’ll be happy to help!<\/p><\/div>\n

<\/div>\n

Halt and Catch Fire\u00a0 – Series Finale.\u00a0 Really!
\n<\/strong><\/div>\n

<\/div>\n
Saw the series finale (2 hours) and it was good.\u00a0 But it was also odd.\u00a0 Joe would NOT have gone into teaching. if Bill Gates had ‘failed’ would he have become a teacher?
\nI dont think so….<\/p>\n
<\/div>\n
ADOPTION CORNER – all with a 6 month warranty<\/strong>
\n
\nJust in – a nice 2015 13n Retina, 2017 Mac Air, Super Nice 2017 Dell i7 5480, other nice Latitude Dells in the 5000 series also some nice cameras!
\n<\/strong><\/p>\n

SUPER nice Dell a 5480 model which is only a couple of months old – 16gb 256gb SSD, i7 cpu and a Nvidia 930MX Graphics processor that is SERIOULY kick-butt!
\nVERY VERY nice unit!<\/p>\n

also up for adoption a nice 2015 Mac Air, A Retina 13 2013-2014 Macbook pro, A 2010 27in Imac, and various others!
\nAnd I even have a 2011 (and a 2010 one as well) 17in Macbook pro – IMHO the best Macbook apple ever build (on which this is being written!)
\nA nice HP 13in X360 convertible!<\/p>\n

A SUPER cute Lenovo Yoga Pro.\u00a0 This is a 10in android tablet – that has a built in DLP Projector – and can project the desktop onto any surface \ud83d\ude42<\/p>\n

Can’t for the life of me think of a use for it myself – but Its SUPER cute!
\nAnd many more!<\/p>\n

Cameras in the adoption corner!
\nI have 2 Canon 7D cameras – their semi-professional models.\u00a0 And a Nikon D5200 (also semi professional)
\nJust got in a Sony A6300 mirrorless camera<\/strong> – and we have various others like Canon T2i, T3i, T4i and Nikon ones as well.
\nWe also have some older film cameras for the vintage buff –<\/p>\n

and a VERY NICE Museum piece – a Kodak 2-D<\/strong> from about 1909 in GREAT Condition complete with its original black box and the black cape you throw over your head to take the shot!\u00a0 (The bellows have been replaced but other than that its all original) SUPER NICE shape according to a customer who is in the large format photography group<\/p>\n

Enjoy folks hope you all enjoy my musings!\u00a0 Any and all comments are very welcome!<\/p>\n

<\/div>\n
<\/div>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"

ALL ABOUT KRACK NEW WIFI VULNERABILITY – I’ve had a quite number of customers ask me about KRACK – the subject of quite a bit of recent news! Well – here is the scoop. KRACK – the name comes from Key Re-installation Attack. It exploits a weakness in the WPA protocol that protects Wifi traffic, … Read more<\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_bbp_topic_count":0,"_bbp_reply_count":0,"_bbp_total_topic_count":0,"_bbp_total_reply_count":0,"_bbp_voice_count":0,"_bbp_anonymous_reply_count":0,"_bbp_topic_count_hidden":0,"_bbp_reply_count_hidden":0,"_bbp_forum_subforum_count":0,"_exactmetrics_skip_tracking":false,"_exactmetrics_sitenote_active":false,"_exactmetrics_sitenote_note":"","_exactmetrics_sitenote_category":0,"footnotes":""},"categories":[1],"tags":[],"class_list":["post-5613","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/www.theeldestgeek.com\/wp-json\/wp\/v2\/posts\/5613"}],"collection":[{"href":"https:\/\/www.theeldestgeek.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.theeldestgeek.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.theeldestgeek.com\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.theeldestgeek.com\/wp-json\/wp\/v2\/comments?post=5613"}],"version-history":[{"count":1,"href":"https:\/\/www.theeldestgeek.com\/wp-json\/wp\/v2\/posts\/5613\/revisions"}],"predecessor-version":[{"id":5614,"href":"https:\/\/www.theeldestgeek.com\/wp-json\/wp\/v2\/posts\/5613\/revisions\/5614"}],"wp:attachment":[{"href":"https:\/\/www.theeldestgeek.com\/wp-json\/wp\/v2\/media?parent=5613"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.theeldestgeek.com\/wp-json\/wp\/v2\/categories?post=5613"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.theeldestgeek.com\/wp-json\/wp\/v2\/tags?post=5613"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}