Results 1 to 10 of 11
-
October 17th, 2017 03:51 AM #1
Here’s what you can do to protect yourself from the KRACK WiFi vulnerability | TechCrunch
TL,DR version: be extra extra careful with wifi!! Avoid it for now if you can!
Non-techie version:
- Turn off wifi on your phone when outside your house (especially if you use Android). Do not connect to online shopping and social media when using wifi.
- Avoid social media, email, and definitely stay away from online shopping over wifi.
- Use a third-party router as PLDT, Smart, and Globe have no patch updates at all for their modem/ONU/routers and personal wifi devices.
There have been posts online and in social media already about the KRACK wifi bug and how dangerous it potentially can be. Those posts are absolutely true.
No known pre-built exploit has been made public yet but rest assured that one will be inevitably out, probably soon. MOST wifi devices (including Android phones and commercial routers/access points) are VULNERABLE! And many devices still DO NOT have a patch. PLDT, SMART and GLOBE devices (modem/routers, personal wifi) still DO NOT have a patch.
For network professionals and sysadmins, please note that this is not remotely executable (like a SQL injection) as this can be utilized more for sniffing on client machines than on the server side. This bug will probably be used more for MITM attacks (e.g. wifi pineapple). This, however, can still be leveraged as an attack vector if and when eavesdropping can lead to exposing other vulnerabilities on a network.
Be wary of Linux POS systems (point-of-sale) systems that are on wifi, they need to move to wired ethernet up until this is patched. Turn off wifi on your phone and stay away from social media and online shopping when connected to public hotspots. Enterprise and residential wifi are both equally at risk, btw.
Will post below on companies that have already issued a patch.Last edited by Verbl Kint; October 17th, 2017 at 04:01 AM.
-
October 17th, 2017 04:09 AM #2
thanka for this.. norton issued a warning as well earlier..
Sent from my SM-G935F using Tsikot Forums mobile app
-
October 17th, 2017 07:39 AM #3
Forgot to mention that if your CCTV system is IP Camera based, it may make sense to disconnect your cameras for now up until a patch is built for both the cameras and the router/access point.
It will be so easy to get streams from an IP camera with this exploit, since you just need to get within range of the wifi signal.
-
October 17th, 2017 07:51 AM #4
Lists of vendors affected and patched from WPA2 KRACK bug from US-CERT (US Computer Emergency Readiness Team)
Site gets updated regularly.
-
October 17th, 2017 10:52 AM #5
Checked my router and other gadgets, no updates yet.
Avoid doing online transactions through wifi.
Sent from my SM-T705 using Tsikot Forums mobile app
-
-
October 17th, 2017 12:11 PM #7
Microsoft has released a fix, none for android yet.
Microsoft already has a fix for that severe WiFi security exploit (updated)
Sent from my SM-T705 using Tsikot Forums mobile app
-
October 17th, 2017 12:14 PM #8
My Ubiquiti access points has been patched. And apparently, Microsoft has patched Windows from Krack as early as last week, if you had Windows Update on autopilot.
Just waiting for Google Android and Apple iOS for their respective patches.
-
October 17th, 2017 01:31 PM #9
-
Verified Tsikot Member
- Join Date
- Mar 2014
- Posts
- 686
October 17th, 2017 01:46 PM #10Our enterprise clients are on full alert.
Sent from my LG-H990 using Tapatalk
sinabi moh! i hardly see my children now. when they were young, schedules were more predictable.
Traffic!