Tweet
Guys/Gals, better update your WiFi-using systems and AP's ASAP.
-
-
Seems like client updates will fix it: https://www.reddit.com/r/linux/comme...vulnerability/ -
Afaik, to be fully protected, both client and AP need to be patched.Comment
-
OS patches are going out now. Hardware fixes via driver/firmware updates will take at least a few weeks and probably won't be available until the end of the year, at the earliest. It really only affects things like public WiFi hotspots and expanded home and business networks using bridges, so most home users should be fine.Last edited by TheLexMachine; 17 October 2017, 10:13 PM.Comment
-
I am frankly curious how did you reach the latter conclusion. Everyone owning a WiFi network are affected. KRACK is a combination of ten different CVE's.Originally posted by TheLexMachine View Post
Considering the fact there are huge amount of both, routers and Android phones/tablets never getting an update, it remains problem for years to come.
Should I change my Wi-Fi password?
Changing the password of your Wi-Fi network does not prevent (or mitigate) the attack. So you do not have to update the password of your Wi-Fi network. Instead, you should make sure all your devices are updated, and you should also update the firmware of your router. Nevertheless, after updating both your client devices and your router, it's never a bad idea to change the Wi-Fi password.
I'm using WPA2 with only AES. That's also vulnerable?
Yes, that network configuration is also vulnerable. The attack works against both WPA1 and WPA2, against personal and enterprise networks, and against any cipher suite being used (WPA-TKIP, AES-CCMP, and GCMP). So everyone should update their devices to prevent the attack!
EDIT: FreeBSD's wpa_supplicant seems to be safe now. Patches fixed it on the same day it blew public. Recent pfSense snapshots should already be patched.
https://github.com/freebsd/freebsd-p...446ba58bbbba86Last edited by aht0; 18 October 2017, 12:56 PM.Comment
Comment