It looks like you're using an Ad Blocker.
Please white-list or disable AboveTopSecret.com in your ad-blocking tool.
Thank you.
Some features of ATS will be disabled while you continue to use an ad-blocker.
WPA2 protocol used by vast majority of wifi connections has been broken by Belgian researchers
page: 1share:
The security protocol used to protect the vast majority of wifi connections has been broken, potentially exposing wireless internet traffic to malicious eavesdroppers and attacks, according to the researcher who discovered the weakness.
Mathy Vanhoef, a security expert at Belgian university KU Leuven, discovered the weakness in the wireless security protocol WPA2, and published details of the flaw on Monday morning.
“Attackers can use this novel attack technique to read information that was previously assumed to be safely encrypted,” Vanhoef’s report said. “This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos and so on.
www.theguardian.com...
Boom... Nearly ever WIFI Network around the world uses WPA2 because it was so secure.
Now the cats out of the bag...
Vanhoef emphasised that “the attack works against all modern protected wifi networks.
Going to be a interesting few days at the office me thinks!
Few specifics for those interested:
www.krackattacks.com...
edit on 16/10/17 by Agit8dChop because: (no reason given)
a reply to: Agit8dChop
Disable your WIFI. It is the only secure option atm.
Here is the complete explanation as of the author (very technical) : PDF
Disable your WIFI. It is the only secure option atm.
Here is the complete explanation as of the author (very technical) : PDF
The cycle will continue, new security measures and new ways to beat them etc.
edit on
-180002017-10-16T08:43:46-05:000000004631201746102017Mon, 16 Oct 2017 08:43:46 -0500 by Zcustosmorum because: (no reason given)
the first teaser about this finding was published on twitter end of August. 50 days to develop a patch to fix this, would that be sufficient?
Dang!
I just posted a question about this seconds ago!
You guys/gals are FAST!!!
The agency I work for accesses the financial information of over 30 million people and we just installed a WiFi system in our main office...and it’s open to the public!
There’s going to be some red faces in IT today!
I just posted a question about this seconds ago!
You guys/gals are FAST!!!
The agency I work for accesses the financial information of over 30 million people and we just installed a WiFi system in our main office...and it’s open to the public!
There’s going to be some red faces in IT today!
a reply to: Agit8dChop
So if I have used online banking, and either my network of the banking system's network used WPA2, my information has been potentially compromised? Yippee!! Technology, supposed to make our lives more convenient... however it continues to prove to be a pain in the ass.
So if I have used online banking, and either my network of the banking system's network used WPA2, my information has been potentially compromised? Yippee!! Technology, supposed to make our lives more convenient... however it continues to prove to be a pain in the ass.
This was the dumbest video I have ever watched.
This has nothing to do with compromising WPA2. This is a security flaw in the actual device itself, not WP2 protocols.
I am honestly in disbelief that this was published as something ground breaking. We were spoofing networks as kids and I am 31 now. There is nothing in this video or the pdf that is of either interest or new information.
This has nothing to do with compromising WPA2. This is a security flaw in the actual device itself, not WP2 protocols.
I am honestly in disbelief that this was published as something ground breaking. We were spoofing networks as kids and I am 31 now. There is nothing in this video or the pdf that is of either interest or new information.
the actual paper can be assessed here
and more info here: www.krackattacks.com...
and more info here: www.krackattacks.com...
edit on 16-10-2017 by whismermill because: (no reason given)
a reply to: SR1TX
The weaknesses are in the Wi-Fi standard itself, and not in individual products or implementations.
The following CVE will be detailing this :
CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13084, CVE-2017-13086, CVE-2017-13087, and CVE-2017-13088.
As of now, they are only reserved.
CERT/CC Reports WPA2 Vulnerabilities
The weaknesses are in the Wi-Fi standard itself, and not in individual products or implementations.
The following CVE will be detailing this :
CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13084, CVE-2017-13086, CVE-2017-13087, and CVE-2017-13088.
As of now, they are only reserved.
CERT/CC Reports WPA2 Vulnerabilities
CERT Coordination Center (CERT/CC) has released information on Wi-Fi Protected Access II (WPA2) protocol vulnerabilities. Exploitation of these vulnerabilities could allow an attacker to take control of an affected system.
The vulnerabilities are in the WPA2 protocol, not within individual WPA2 implementations, which means that all WPA2 wireless networking may be affected. Mitigations include installing updates to affected products and hosts as they become available. US-CERT encourages users and administrators to review CERT/CC's VU #228519.
edit on 16-10-2017 by theultimatebelgianjoke because: Added text
Just a question...
I live out in the country and have a router and a repeater set up to cover all the buildings on my property.
I leave the WiFi open because my kids and grandkids, as many as there are, someone is always bringing a new device or gaming system.
I figure that since I am fairly isolated I would be able to see anyone coming towards the house to get into range of my wifi.
Am I wrong in thinking this way?
I live out in the country and have a router and a repeater set up to cover all the buildings on my property.
I leave the WiFi open because my kids and grandkids, as many as there are, someone is always bringing a new device or gaming system.
I figure that since I am fairly isolated I would be able to see anyone coming towards the house to get into range of my wifi.
Am I wrong in thinking this way?
a reply to: Agit8dChop
Awesome, it's been a few years at this point since I've been able to crack most wifi networks.
Awesome, it's been a few years at this point since I've been able to crack most wifi networks.
That´s why i hate everything wireless.
The good thing is, because i hate it, WLan is never enabled, so i don´t have to be afraid.
Once again i am going right with handling the web as it is, the most insecure place on earth, where security is harder to find than co2 in space.
Once again my "tinfoil hat" wasn´t wrong!
The good thing is, because i hate it, WLan is never enabled, so i don´t have to be afraid.
Once again i am going right with handling the web as it is, the most insecure place on earth, where security is harder to find than co2 in space.
Once again my "tinfoil hat" wasn´t wrong!
so.......
How many years has the NSA had this hack?
Probably many years.
How many years has the NSA had this hack?
Probably many years.
It's why our company laptops could only route (default route) through an IPSEC vpn tunnel. All of the traffic was encrypted back to the main office
and then it went through Websense and an IDS/IPS before it ever went to the Internet. This introduced some additional latency for non office traffic
but better safe than sorry. It means I did not have to worry about anything in between.
For the home user they have private VPN services if you want to pony up. Although you can get it free if you look around a small bit.
For the home user they have private VPN services if you want to pony up. Although you can get it free if you look around a small bit.
The ground breaking part is now everybody and their brother is going to be taking a shot at you.
But speaking of getting around SSL. Why doesn't ATS have SSL enabled? That is what I truly want to know. I mean, it's a business right. Cheap SSL keys can be purchased also.
I often wonder if ATS was approached by da gubbermint for rights to their SSL private key and monitoring them and this was their out "We won't encrypt if that means you keep your software off our servers". Dunno, but why is there no SSL on ATS???
But speaking of getting around SSL. Why doesn't ATS have SSL enabled? That is what I truly want to know. I mean, it's a business right. Cheap SSL keys can be purchased also.
I often wonder if ATS was approached by da gubbermint for rights to their SSL private key and monitoring them and this was their out "We won't encrypt if that means you keep your software off our servers". Dunno, but why is there no SSL on ATS???
originally posted by: SR1TX
This was the dumbest video I have ever watched.
This has nothing to do with compromising WPA2. This is a security flaw in the actual device itself, not WP2 protocols.
I am honestly in disbelief that this was published as something ground breaking. We were spoofing networks as kids and I am 31 now. There is nothing in this video or the pdf that is of either interest or new information.
originally posted by: Bhadhidar
Dang!
I just posted a question about this seconds ago!
You guys/gals are FAST!!!
The agency I work for accesses the financial information of over 30 million people and we just installed a WiFi system in our main office...and it’s open to the public!
There’s going to be some red faces in IT today!
Usually they keep the wi-fi network on separate private network from the corporate network.
a reply to: FamCore
There is no such thing as secure WiFi connections! All full of holes like a swiss cheese. If you have a neighbour that have resentment against you and is technically competent, it is possible to record automatically everything transiting on your WiFi for years using a high gain antenna... Hard disks are so massive now. And eventually crack your key(s) and go back in everything you done. Say thanks to NSA for all the "good" exploit everywhere.
Even wired network are not secure as they leak by EMI the transmitted content nearby, but the technical level required is normally out of reach of ordinary peoples.
So if I have used online banking, and either my network of the banking system's network used WPA2, my information has been potentially compromised? Yippee!! Technology, supposed to make our lives more convenient... however it continues to prove to be a pain in the ass.
There is no such thing as secure WiFi connections! All full of holes like a swiss cheese. If you have a neighbour that have resentment against you and is technically competent, it is possible to record automatically everything transiting on your WiFi for years using a high gain antenna... Hard disks are so massive now. And eventually crack your key(s) and go back in everything you done. Say thanks to NSA for all the "good" exploit everywhere.
Even wired network are not secure as they leak by EMI the transmitted content nearby, but the technical level required is normally out of reach of ordinary peoples.
edit on 16-10-2017 by Cofactor because: (no reason given)
a reply to: Terminal1
Wrong assumption! Since you are fairly well isolated, reception of your signal is not degraded by hundreds of nearby WiFi masking your transmission. With a very high gain antenna and line of sight, even of scatter signal from top of electric pole, it is possible to connect at you from kilometers aways! I would bet that you installed your antennas with high elevation above ground and with high power to cover your domain, extremely usefull for long range interception.
I figure that since I am fairly isolated I would be able to see anyone coming towards the house to get into range of my wifi.
Wrong assumption! Since you are fairly well isolated, reception of your signal is not degraded by hundreds of nearby WiFi masking your transmission. With a very high gain antenna and line of sight, even of scatter signal from top of electric pole, it is possible to connect at you from kilometers aways! I would bet that you installed your antennas with high elevation above ground and with high power to cover your domain, extremely usefull for long range interception.
edit on 16-10-2017 by Cofactor because: (no reason given)
originally posted by: Agit8dChop
The security protocol used to protect the vast majority of wifi connections has been broken, potentially exposing wireless internet traffic to malicious eavesdroppers and attacks, according to the researcher who discovered the weakness.
Mathy Vanhoef, a security expert at Belgian university KU Leuven, discovered the weakness in the wireless security protocol WPA2, and published details of the flaw on Monday morning.
“Attackers can use this novel attack technique to read information that was previously assumed to be safely encrypted,” Vanhoef’s report said. “This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos and so on.
www.theguardian.com...
Boom... Nearly ever WIFI Network around the world uses WPA2 because it was so secure.
Now the cats out of the bag...
Vanhoef emphasised that “the attack works against all modern protected wifi networks.
Going to be a interesting few days at the office me thinks!
Few specifics for those interested:
www.krackattacks.com...
I guess at some point, just NOT trying to hack something will become vogue, right?
I mean it is ridiculous that it seems to be the goal of every single stinky pepperhat to just bust up the security of absolutely anything at all.
WHY???
Why does everything need to be broken? Why can't people who work out how to break things also work out how to fix them?
DAMN!!!
new topics
-
Mysterious Spiral 'UFO' Sightings Reported Across US, Europe
Aliens and UFOs: 1 hours ago -
The Dark Pyramid of Alaska and the Why Files take on the subject
Whistle Blowers and Leaked Documents: 4 hours ago -
Israeli strikes on southern Gaza city of Rafah kill 22, mostly children, as US advances aid package
Middle East Issues: 11 hours ago
top topics
-
The Dark Pyramid of Alaska and the Why Files take on the subject
Whistle Blowers and Leaked Documents: 4 hours ago, 9 flags -
Really Unexplained
Paranormal Studies: 16 hours ago, 5 flags -
Israeli strikes on southern Gaza city of Rafah kill 22, mostly children, as US advances aid package
Middle East Issues: 11 hours ago, 5 flags -
The Vaccine Injured
Medical Issues & Conspiracies: 16 hours ago, 4 flags -
Mysterious Spiral 'UFO' Sightings Reported Across US, Europe
Aliens and UFOs: 1 hours ago, 0 flags
active topics
-
Farmers jailed without due process
General Conspiracies • 18 • : yuppa -
UN Estimates Rebuilding Gaza Will Cost Up To 40 Billion Dollars
Middle East Issues • 104 • : jofafot -
Zionists of ATS assemble
Political Issues • 155 • : Daughter2v2 -
Really Unexplained
Paranormal Studies • 31 • : visitedbythem -
SEC shuts down Trump Media auditor, BF Borgers, over fraud
Mainstream News • 53 • : yuppa -
Prophets versus priests; - Getting God's help
Religion, Faith, And Theology • 10 • : Beesnestbomber -
Candidate TRUMP Now Has Crazy Judge JUAN MERCHAN After Him - The Stormy Daniels Hush-Money Case.
Political Conspiracies • 1191 • : WeMustCare -
New Bombshell Evidence Strongly Suggests Trump was Set Up in Classified Docs Saga
US Political Madness • 70 • : Vermilion -
Mysterious Spiral 'UFO' Sightings Reported Across US, Europe
Aliens and UFOs • 7 • : SteamyAmerican -
Freaky one eye website regards emerging global talent
General Conspiracies • 63 • : DronesandUFOs