All modern Wi-Fi routers are threatened

KRACK researchers: "The attack works against all modern protected Wi-Fi networks"
16 October 2017   1810

On Sunday, 15.10.2017, a Wi-Fi security research results were published. This is reported by the Ars Technica. 

What research? 

The research is called KRACK (Key Reinstallation Attacks). The research has been a big secret for weeks ahead of a coordinated disclosure that is scheduled for 8 a.m. Monday, east coast time. US CERT described the KRACK:

US-CERT has become aware of several key management vulnerabilities in the 4-way handshake of the Wi-Fi Protected Access II (WPA2) security protocol. The impact of exploiting these vulnerabilities includes decryption, packet replay, TCP connection hijacking, HTTP content injection, and others. Note that as protocol-level issues, most or all correct implementations of the standard will be affected. The CERT/CC and the reporting researcher KU Leuven, will be publicly disclosing these vulnerabilities on 16 October 2017.
 

US CERT team

What had researchers found? 

According to official website of KRACK, they've discovered serious weaknesses in WPA2, a protocol that secures all modern protected Wi-Fi networks. An attacker within range of a victim can exploit these weaknesses using key reinstallation attacks (KRACKs). The attack works against all modern protected Wi-Fi networks. Depending on the network configuration, it is also possible to inject and manipulate data. For example, an attacker might be able to inject ransomware or other malware into websites. The weaknesses are in the Wi-Fi standard itself, and not in individual products or implementations. Therefore, any correct implementation of WPA2 is likely affected.

Researchers says that if your device supports Wi-Fi, it is most likely affected. They've discovered that: 

  • Android 
  • Linux 
  • Apple 
  • Windows 
  • OpenBSD 
  • MediaTek 
  • Linksys
  • and others.

are in danger. 

Demo

As a proof-of-concept team executed a key reinstallation attack against an Android smartphone. In this demonstration, the attacker is able to decrypt all data that the victim transmits. For an attacker this is easy to accomplish, because our key reinstallation attack is exceptionally devastating against Linux and Android 6.0 or higher. 

FAQ

KRACK team also released big FAQ list. We are publishing the most interesting.

  • Do we now need WPA3?
    • No, luckily implementations can be patched in a backwards-compatible manner. This means a patched client can still communicate with an unpatched access point, and vice versa.
  • Should I change my Wi-Fi password?
    • Changing the password of your Wi-Fi network does not prevent (or mitigate) the attack.
  • Is my device vulnerable?
    • Probably. Any device that uses Wi-Fi is likely vulnerable. Contact your vendor for more information.
  • Should I temporarily use WEP until my devices are patched?
    • NO! Keep using WPA2.

Learn more at KRACK official website.

Android-x86 8.1 Released

Let's see what team has made in the fresh release of Android to x86 port
17 January 2019   166

The team of the Android-x86 project, which is the independent community porting the Android platform for the x86 architecture, have published the first stable release of the assembly based on the Android 8.1 platform, which includes fixes and additions that ensure seamless operation on x86-based platforms. Universal Android-x86 8.1 Live-builds for x86 32-bit and x86_64 architectures suitable for use on typical laptops and tablet PCs are prepared for download. In addition, assemblies in the form of rpm-packages are available for installing the Android environment in Linux distributions.

Let's check new features:

  • Support both 64-bit and 32-bit kernel and userspace with latest LTS kernel 4.19.15.
  • Support OpenGL ES 3.x hardware acceleration for Intel, AMD, Nvidia and QEMU(virgl) by Mesa 18.3.1.
  • Support OpenGL ES 2.0 via SwiftShader for software rendering on unsupported GPU devices.
  • Support hardware accelerated codecs on devices with Intel HD & G45 graphics family.
  • Support secure booting from UEFI and installing to UEFI disk.
  • A text based GUI installer.
  • Add theme support to GRUB-EFI.
  • Support Multi-touch, Audio, Wifi, Bluetooth, Sensors, Camera and Ethernet (DHCP only).
  • Auto-mount external usb drive and sdcard.
  • Add Taskbar as an alternative launcher which puts a start menu and recent apps tray on top of your screen and support freeform window mode.
  • Enable ForceDefaultOrientation on devices without known sensors. Portrait apps can run in a landscape device without rotating the screen.
  • Support arm arch apps via the native bridge mechanism. (Settings -> Android-x86 options)
  • Support to upgrade from non-official releases.
  • Add experimental Vulkan support for newer Intel and AMD GPUs. (Boot via Advanced options -> Vulkan support)
  • Mouse integration support for VMs including VirtualBox, QEMU, VMware and Hyper-V.

Get more infoand download links at official website of the project.