Difference between revisions of "KRACK Vulnerability"
Jump to navigation
Jump to search
Line 17: | Line 17: | ||
* '''NCF modems with standard configuration are NOT VULNERABLE to KRACK.''' Nevertheless, NCF will continue the practice of making firmware updates available as they become available from our modem providers. | * '''NCF modems with standard configuration are NOT VULNERABLE to KRACK.''' Nevertheless, NCF will continue the practice of making firmware updates available as they become available from our modem providers. | ||
** Modems or routers connected to each other in a wireless chain (using WDS) are potential at risk unless a patch is applied. | ** Modems or routers connected to each other in a wireless chain (using WDS) are potential at risk unless a patch is applied. | ||
** Also, other networking devices like Wi-Fi repeaters and extenders which are not connected to your modem by ethernet may be vulnerable | ** Also, other networking devices like Wi-Fi repeaters and extenders which are not connected to your modem by ethernet may be vulnerable. | ||
* And, although your modem/router may not be vulnerable, your client devices may be. | * And, although your modem/router may not be vulnerable, your client devices may be. | ||
* Vulnerability vs Infection: Be vigilant but do not be anxious. A security vulnerability on a device does not mean that device is already infected or has a high likelihood of being infected. Follow the recommendations in the | * Vulnerability vs Infection: Be vigilant but do not be anxious. A security vulnerability on a device does not mean that device is already infected or has a high likelihood of being infected. Follow the recommendations in the following sections to guard against this vulnerability and keep informed. | ||
* Proximity: An attacker needs to be within wireless range of your network (close enough to connect to your WiFi). | * Proximity: An attacker needs to be within wireless range of your network (close enough to connect to your WiFi). | ||
* Time: This attack works only during periods of connection and re-connection of your client device to a WiFi network. As such, an attacker has a very limited time window in which to attempt this attack (usually a few seconds). | * Time: This attack works only during periods of connection and re-connection of your client device to a WiFi network. As such, an attacker has a very limited time window in which to attempt this attack (usually a few seconds). | ||
Line 41: | Line 41: | ||
*[https://www.ncf.ca/ncf/dg/dgView.jsp?thread=19659 NCF Discussion Group on KRACK] | *[https://www.ncf.ca/ncf/dg/dgView.jsp?thread=19659 NCF Discussion Group on KRACK] | ||
*[http://www.tp-link.com/en/faq-1970.html TP-Link KRACKs Vulnerability Statement] | *[http://www.tp-link.com/en/faq-1970.html TP-Link KRACKs Vulnerability Statement] | ||
* Good online references for understanding some of the terms used in this article are [https://www.webopedia.com Webopedia] and [https://en.wikipedia.org Wikipedia] |
Revision as of 19:02, 5 November 2017
Disclaimer: This page is specifically written to help members with limited technical knowledge or experience to understand the most relevant aspects of this topic for them. We include some helpful links below for further study.
What is KRACK?
- KRACKs stands for Key Re-installation Attacks and refers to attacks on WiFi networks using weaknesses in the WPA2 protocol which secures most modern protected WiFi networks.
- KRACKs allow attackers to read and access information on WiFi networks that were considered secured.
- WiFi networks use a password through WPA2 for two general purposes:
- Controlling who can connect to the network; and
- Encrypt (or conceal) the data shared over the network between the access point (Modem or Router) and clients (computers, phones, tablets, etc). Encryption is done by using the WiFi password to generate an even stronger key that is used to scramble the data between the access point and client.
Why should I care?
- WPA2 is widely used and is presently the strongest form of WiFi security available to the average person including modems configured by NCF.
- Almost every client device is vulnerable to KRACK whether on WiFi at home or elsewhere.
- Variations of KRACK can be used against clients of various kinds including devices running Android, Apple OSes, Windows and Linux.
Should I be worried?
NO why?
- NCF modems with standard configuration are NOT VULNERABLE to KRACK. Nevertheless, NCF will continue the practice of making firmware updates available as they become available from our modem providers.
- Modems or routers connected to each other in a wireless chain (using WDS) are potential at risk unless a patch is applied.
- Also, other networking devices like Wi-Fi repeaters and extenders which are not connected to your modem by ethernet may be vulnerable.
- And, although your modem/router may not be vulnerable, your client devices may be.
- Vulnerability vs Infection: Be vigilant but do not be anxious. A security vulnerability on a device does not mean that device is already infected or has a high likelihood of being infected. Follow the recommendations in the following sections to guard against this vulnerability and keep informed.
- Proximity: An attacker needs to be within wireless range of your network (close enough to connect to your WiFi).
- Time: This attack works only during periods of connection and re-connection of your client device to a WiFi network. As such, an attacker has a very limited time window in which to attempt this attack (usually a few seconds).
What should I do?
- Update the operating system on your phone, computer and other client devices when they receive security updates. Each device you update becomes protected against the KRACK vulnerability.
- You can check if your client devices have received updates at the following link
- NCF recommends that you do not use public WiFi. KRACK is just one of many known security risks associated with using public WiFi. Using a trusted VPN service is one way of keeping your data encrypted on public WiFi.
- Connect your devices where possible to the modem by ethernet cables, especially if there is not a security update available for them yet.
- Use HTTPS to connect to secured services and websites. This means information transmitted to such web pages will have end-to-end encryption. Web pages that use HTTPS or another secure connection will include HTTPS in the URL.
- Consider using a VPN service. You can learn more about VPN services here
How can I learn more?
- Krack Attacks Website by Mathy Vanhoef of imec-DistriNet
- Krack Attacks FAQ
- Microsoft Security TechCenter KRACK Update
- Ars Technica Reports on KRACK
- NCF Discussion Group on KRACK
- TP-Link KRACKs Vulnerability Statement
- Good online references for understanding some of the terms used in this article are Webopedia and Wikipedia