Date: Tue, 17 Oct 2017 12:17:55 +0200 From: "WhiteWinterWolf (Simon)" <freebsd.lists@whitewinterwolf.com> To: Karl Denninger <karl@denninger.net>, freebsd-security@freebsd.org Subject: Re: WPA2 bugz - One Man's Quick & Dirty Response Message-ID: <fc962c5e-3242-bf43-40be-297e41636cd0@whitewinterwolf.com> In-Reply-To: <fb8d2dcb-2748-18fa-a25d-d52f4ea4c378@denninger.net> References: <27180.1508206466@segfault.tristatelogic.com> <fb8d2dcb-2748-18fa-a25d-d52f4ea4c378@denninger.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi Karl, Le 17/10/2017 à 04:24, Karl Denninger a écrit : > Please understand that if you can get an AP to hand you a zero'd key > (with an intentionally "weak" client) THEN THAT PERSON JUST BECAME > ABLE TO ATTACH TO YOUR NETWORK AS AN AUTHORIZED USER. As per my understanding, this attack only allows to join the network in the case of Wireless Gigabit GCMP (WiGig) which is currently uncommon. Common implementations such as WPA2 CCMP and legacy WPA TKIP only allow the attacker to intercept and manipulate transmitted data. No way has been found yet for the attacker to forge handshake messages, join a network or otherwise determine network's password. Moreover, traffic interception either requires the traffic to be in clear form or communication security to be poorly implemented. I personally hope this will again raise the interest toward a fully encrypted Internet and clear communication becoming the exception instead of the norm. Clear-text transmission of user's data is a plague which should be removed. > Incidentally, has anyone yet figured out if this vector works on a > network configured for machine certificates instead of a PSK? I'm not > certain from what I've looked at yet, and that is bothering me a LOT > for what should be obvious reasons. Yes, as the author states in the attacks details[1] this attack also affect enterprise WiFi networks, and both client and server must be patched for the fix to work so any unpatched device (BYOD...) will remain a vulnerable point in the corporate infrastructure. [1]: https://www.krackattacks.com/#details -- WhiteWinterWolf https://www.whitewinterwolf.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?fc962c5e-3242-bf43-40be-297e41636cd0>