Google Patches KRACK Vulnerability in Android



Last month I wrote about how researchers broke wifi's most popular encryption leaving millions of devices prone to KRACK attack. KRACK is a serious flaw as it affects WPA2 protocol.


But I have a good news today . Tech Giant Google has published this month's Android security bulletin, and the company provided a fix for the KRACK vulnerability that came to light last month.

The Android Security Bulletin for November 2017 is split as three separate packages — 2017-11-01, 2017-11-05, and 2017-11-06. The KRACK fixes are included in the latter — 2017-11-06.

If your phone receives the update and the security patch level is 2017-11-06, the KRACK fixes are also included.

It is to note that Microsoft, which silently deployed KRACK fixes to Windows users without telling anyone, a month before the vulnerability became public.Apple released KRACK patches at the end of October, as part of iOS 11.1 & macOS High Sierra 10.13.1.

Google is infact the last major vendor to release the fix for KRACK Vulnerability. 

Details About The Attack


The bug, known as "KRACK" for Key Reinstallation Attack, exposes a fundamental flaw in WPA2, a common protocol used in securing most modern wireless networks. Mathy Vanhoef, a computer security academic, who found the flaw, said the weakness lies in the protocol's four-way handshake, which securely allows new devices with a pre-shared password to join the network.

That weakness can, at its worst, allow an attacker to decrypt network traffic from a WPA2-enabled device, hijack connections, and inject content into the traffic stream.

In other words: hackers can eavesdrop on your network traffic.

Researcher breaks Wi-Fi's Most Popular Encryption



Its 2017 and i'm sure most of you use wifi to connect internet. Specially if you are from India then i'm sure you use Jio hotspot to all your devices to connect to internet . Well if you are among those then i have a bad news for you. WPA2 ( Wi-Fi Protected Access  II ) is the security protocol we use to secure our internet connections. But recently a researcher Mathy Vanhoef of imec-DistriNet, KU Leuven found a flaw by which he was able to break this security protocol.

What is the risk ?


You might be asking well thats great that he have found the flaw but how will it affect me ? Well imagine this. You are connect in your home wifi network and chatting with your best friend and your neighbor ( a hacker guy ) looking at conversation. Or may be you are creating an account in your favorite shopping site and your neighbor ( a hacker guy ) see your login credentials. Scary right ?

Details About the attack


The bug, known as "KRACK" for Key Reinstallation Attack, exposes a fundamental flaw in WPA2, a common protocol used in securing most modern wireless networks. Mathy Vanhoef, a computer security academic, who found the flaw, said the weakness lies in the protocol's four-way handshake, which securely allows new devices with a pre-shared password to join the network.

That weakness can, at its worst, allow an attacker to decrypt network traffic from a WPA2-enabled device, hijack connections, and inject content into the traffic stream.

In other words: hackers can eavesdrop on your network traffic.

The bug represents a complete breakdown of the WPA2 protocol, for both personal and enterprise devices -- putting every supported device at risk.

Several researchers, including Vanhoef, have demonstrated valid attacks against the protocol. By far the most notable was in 2011 when a security researcher showed that an attacker could recover the code used in Wi-Fi Protected Setup, a feature that let users authenticate with a one-push button on the router, which could be easily cracked.

The details about the attack can be found in this website : https://www.krackattacks.com/

FAQ ( Taken from Krackattacks  )


Do we now need WPA3?

No, luckily implementations can be patched in a backwards-compatible manner. This means a patched client can still communicate with an unpatched access point, and vice versa. In other words, a patched client or access points sends exactly the same handshake messages as before, and at exactly the same moments in time. However, the security updates will assure a key is only installed once, preventing our attacks. So again, update all your devices once security updates are available.

Should I change my Wi-Fi password?

Changing the password of your Wi-Fi network does not prevent (or mitigate) the attack. So you do not have to update the password of your Wi-Fi network. Instead, you should make sure all your devices are updated, and you should also update the firmware of your router. After updating your router, you can optionally change the Wi-Fi password as an extra precaution.

I'm using WPA2 with only AES. That's also vulnerable?

Yes, that network configuration is also vulnerable. The attack works against both WPA1 and WPA2, against personal and enterprise networks, and against any cipher suite being used (WPA-TKIP, AES-CCMP, and GCMP). So everyone should update their devices to prevent the attack!

Is my device vulnerable?

Probably. Any device that uses Wi-Fi is likely vulnerable. Contact your vendor for more information.

What if there are no security updates for my router?

Our main attack is against the 4-way handshake, and does not exploit access points, but instead targets clients. So it might be that your router does not require security updates. We strongly advise you to contact your vendor for more details. In general though, you can try to mitigate attacks against routers and access points by disabling client functionality (which is for example used in repeater modes) and disabling 802.11r (fast roaming). For ordinary home users, your priority should be updating clients such as laptops and smartphones.


Anonymously Access Wi-Fi from 2.5 Miles Away Using This Device




Well it is impossible to keep the identity anonymous in today's era under the strict governmental surveillance because once the IP address is found the user's privacy is over and the identity is disclosed so Tor and VPNs are the devices of previous era wherein virtual reality remained intact.
However, a Security Researcher Benjamin Caudill has devised a method to retain the privacy and it enables the consumers to connect with public Wi-Fi network about 2.5 Miles away. Most importantly, the user is ensured of privacy and anonymity via the low ranged and unidentifiable frequency signals. Due to the increasing internet traffic the real identity of the user will not be disclosed easily by this new technique and the spies along with some other government agencies will not be able to grab the IP address. This new technique is found useful to the whistle blowers, journalists, dissidents and criminals.

MAKING OF PROXYHAM

Proxyham is composed of a WiFi-enabled Raspberry Pi computer and three antennas setup. One of the antennas connects to a source public Wi-Fi network while the other two transmit the Wi-Fi signal at a frequency of 900 MHz.

Therefore, this appliance works very effectively with a radio connection of 900 Megahertz. It is capable of  connecting distanced Wi-Fi, at a range of 1 to 2.5 Miles. Though several interference factors are considered.

In case some spying agents manage to track the target's internet connection they will only be able to disclose the IP address of ProxyHam box which would be transmitting some low-level radio signal thousands of feet away at different direction.

Caudill disclosed that he along with some of his colleagues are working over a Motherboard with an additional feature of self-destructing the ProxyHam.

Future models of Proxyham would be smaller enough to fit it into some book thus, making it easier to hide. If thrown into some library, Proxyham would be very difficult and time-taken to be identified.

Caudill will launch this anonymity protector ProxyHam box in the Def Con hacker conference which will be held in Las Vegas, the next month wherein he plans to release some  hardware specs, source code and even the blueprint of this device thus, making it easier for others to develop their own.

The estimated cost of this anonymity protector and distanced Wi-Fi hacker is $200 which is expected to drop to $150.

About Author



 
Gaurav Pundir - CEO at Myinformativesite, Crazy Man for Graphic designing and web development. He always says 'I AM THE MAN WHO ARE NOT GOING TO BE HIRE BY SOMEONE, BUT I AM THE PERSON WHO IS GOING TO HIRE SOMEONE' . 
      Follow : | | Facebook