MozillaZine

Don't look now, WPA2 has a gaping hole

Discuss various technical topics not related to Mozilla.
Omega X

User avatar
 
Posts: 7984
Joined: October 18th, 2007, 2:38 pm
Location: A Parallel Dimension...

Post Posted October 16th, 2017, 2:32 am

Latest: Firefox/57.0.4 *ESR/52.5.2 - Mobile/57.0.4 - Thunderbird/52.5.2 - SeaMonkey/2.49.1
Nightly: Nightly/59.0a1 - Mobile/59.0a1 - Daily/59.0a1 - SeaMonkey/2.55a1

Grumpus

User avatar
 
Posts: 11692
Joined: October 19th, 2007, 4:23 am
Location: ... Da' Swamp

Post Posted October 16th, 2017, 5:49 am

From the following article but still scary ". . . The only main limitation is that an attacker needs to be within range of a victim to exploit these weaknesses."
Krack Attack
I believe I've seen this in action with a couple of local IPs which show up on the traffic monitor at initiation of the wireless connection or it could be similar.
Instead of using the normal ips for connection an unknown IP triggers sending the connection to the administration page of the wireless provider.
At this point connections can't be made to the rest of the Internet (Google, anywhere) unless the password or some administrative action is performed. Do not perform any actions or key input.
If you watch your connections it may help when an unknown IP forces a sign-up page or admin page and the best way to beat it is break the connection totally and record the IP.
I found a range of about 20 IPs and since blocking them haven't seen the issue. This is not the same as a captive portal - go to access page kind of thing.
Additionally I found a drop in speed indication when examining the connection information. It may be as little as 10 MB per second but you will not have your normal speed indicated. This is not down load or upload speed but the modem/router speed which should be a constant.

Return to MozillaZine Tech


Who is online

Users browsing this forum: No registered users and 1 guest