Article 4ZZWW Flaw in Billions of Wi-Fi Devices Left Communications Open to Eavesdropping

Flaw in Billions of Wi-Fi Devices Left Communications Open to Eavesdropping

by
Fnord666
from SoylentNews on (#4ZZWW)

Freeman writes:

https://arstechnica.com/information-technology/2020/02/flaw-in-billions-of-wi-fi-devices-left-communications-open-to-eavesdroppng/

Billions of devices-many of them already patched-are affected by a Wi-Fi vulnerability that allows nearby attackers to decrypt sensitive data sent over the air, researchers said on Wednesday at the RSA security conference.

[...]Eset researchers wrote in a research paper published on Wednesday. "The attack surface is greatly increased, since an adversary can decrypt data that was transmitted by a vulnerable access point to a specific client (which may or may not be vulnerable itself)."

[...]Kr00k exploits a weakness that occurs when wireless devices disassociate from a wireless access point. If either the end-user device or the access point is vulnerable, it will put any unsent data frames into a transmit buffer and then send them over the air. Rather than encrypt this data with the session key negotiated earlier and used during the normal connection, vulnerable devices use a key consisting of all zeros, a move that makes decryption trivial.

[...]Eset researchers determined that a variety of devices are vulnerable, including:

  • Amazon Echo 2nd gen
  • Amazon Kindle 8th gen
  • Apple iPad mini 2
  • Apple iPhone 6, 6S, 8, XR
  • Apple MacBook Air Retina 13-inch 2018
  • Google Nexus 5
  • Google Nexus 6
  • Google Nexus 6S
  • Raspberry Pi 3
  • Samsung Galaxy S4 GT-I9505
  • Samsung Galaxy S8
  • Xiaomi Redmi 3S

The researchers also found that the following wireless routers are vulnerable:

  • Asus RT-N12
  • Huawei B612S-25d
  • Huawei EchoLife HG8245H
  • Huawei E5577Cs-321

An Apple spokesman said the vulnerabilities were patched last October with details for macOS here and for iOS and iPadOS here.

[...]While the vulnerability is interesting and users should make sure their devices are patched quickly-if they aren't already-there are a few things that minimize the real-world threat posed.

[...]Despite the limited threat posed, readers should ensure their devices have received updates issued by the manufacturers. This advice is most important for users of vulnerable Wi-Fi routers, since routers are often hard to patch and because vulnerable routers leave communications open to interception even when client devices are unaffected or are already patched.

Original Submission

Read more of this story at SoylentNews.

External Content
Source RSS or Atom Feed
Feed Location https://soylentnews.org/index.rss
Feed Title SoylentNews
Feed Link https://soylentnews.org/
Feed Copyright Copyright 2014, SoylentNews
Reply 0 comments