{"id":2296,"date":"2017-10-20T13:47:31","date_gmt":"2017-10-20T01:47:31","guid":{"rendered":"https:\/\/kinetics.co.nz\/?p=2296"},"modified":"2017-10-20T13:47:31","modified_gmt":"2017-10-20T01:47:31","slug":"krack-wireless-access-vulnerability","status":"publish","type":"post","link":"https:\/\/new.kinetics.co.nz\/?p=2296","title":{"rendered":"KRACK Wireless Access Vulnerability"},"content":{"rendered":"<p><strong>[header2 text=&#8221;KRACK &#8211; Wireless Access Vulnerability&#8221; align=&#8221;left&#8221; color=&#8221;#336A40&#8243; margintop=&#8221;&#8221;]<\/strong><\/p>\n<p>It\u2019s been all over the news that the dastardly hackers have struck again, this time hitting your favourite wireless.\u00a0 According to some reports, the world will end (again!).<\/p>\n<p>Firstly, its true : this week has seen the public release of information about a vulnerability with Wi-Fi access.\u00a0 As with all breaking news details can differ between reports and many exaggerate the issue.\u00a0 In this case, there is an issue and it does need to be addressed.<\/p>\n<p><strong>[header2 text=&#8221;<\/strong><strong>What is affected?<\/strong><strong>&#8221; align=&#8221;left&#8221; color=&#8221;#336A40&#8243; margintop=&#8221;&#8221;]<\/strong><\/p>\n<p>The issue impacts wireless access that uses the WPA2 (Wi-Fi Protected Access II) standard.\u00a0 It\u2019s fairly safe to say that most every Wi-Fi device in the world supports this protocol.\u00a0 This impacts everything from mobile phones\/laptops\/desktops that have Wi-Fi to the Wireless Access Points themselves.<\/p>\n<p>Online sources warn that Android and Linux devices are most at risk, while MacOS and Windows are exposed to a lesser extent.<\/p>\n<p><strong>[header2 text=&#8221;<\/strong><strong>What can the hack do?<\/strong><strong>&#8221; align=&#8221;left&#8221; color=&#8221;#336A40&#8243; margintop=&#8221;&#8221;]<\/strong><\/p>\n<p>The release of information is still very new.\u00a0 As yet no one has had time to build any tools that take advantage of the hack.\u00a0 Past experience suggest that active exploration can lag a month or two behind release.\u00a0 But the tools will come.\u00a0 When they do a hacker should be able to:<\/p>\n<ul>\n<li>Disrupt your Wi-Fi.<\/li>\n<li>Gain unauthorised access to your Wi-Fi.<\/li>\n<li>Read and decrypt data sent from the victim device to the WAP (Wireless Access Point).<\/li>\n<\/ul>\n<p>From what we\u2019ve read to date, it seems that the hack finds it much harder to capture the data that comes down from the network to the victim.\u00a0 Hacking the data-stream does not guarantee that they can hack its content.\u00a0 That\u2019s because often the data inside the stream is encrypted again.\u00a0 Nevertheless, this is a very real risk and it needs to be mitigated.<\/p>\n<p><strong>[header2 text=&#8221;<\/strong><strong>What can be done?<\/strong><strong>&#8221; align=&#8221;left&#8221; color=&#8221;#336A40&#8243; margintop=&#8221;&#8221;]<\/strong><\/p>\n<p>The hack is based on a lazy fault in which the WPA2 protocol can be tricked into reusing encryption details.\u00a0 This is an easy fault for manufacturers to fix and most reputable makers of Wireless Access Points have already released a update.<\/p>\n<p><strong>[header2 text=&#8221;<\/strong><strong>What is Kinetics doing?<\/strong><strong>&#8221; align=&#8221;left&#8221; color=&#8221;#336A40&#8243; margintop=&#8221;&#8221;]<\/strong><\/p>\n<p>This will impact almost every Kinetics client.\u00a0 We are taking a systematic approach to work though everyone in a timely manner.<\/p>\n<p>Kinetics Premium KARE clients will have their Wi-Fi access points updated at no charge.\u00a0 This will require a restart which will happen after hours.\u00a0 We have already started work on Premium clients.<\/p>\n<p>When we have completed Premium clients, we will review all Core Fundamental and Ready Reaction clients in that order.\u00a0 Those clients will then be contacted asking permission to upgrade the Wi-Fi.\u00a0 The process can be done remotely and will include some after hours work to apply the restart.\u00a0\u00a0 We expect the cost to be equal to an hour\u2019s labour and we are happy to fix the cost at that.<\/p>\n<p>For all KARE clients the costs assume that the WAP has a current manufactures support agreement.\u00a0 If it does not, extra cost may be incurred.<\/p>\n<p>When we have completed all clients on a KARE agreement.\u00a0 We will contact all remaining clients by email or phone.\u00a0 For non KARE clients, upgrading will be on a time and materials basis once we have your permission.<\/p>\n<p><strong>[header2 text=&#8221;<\/strong><strong>Useful Links<\/strong><strong>&#8221; align=&#8221;left&#8221; color=&#8221;#336A40&#8243; margintop=&#8221;&#8221;]<\/strong><\/p>\n<p><a href=\"https:\/\/www.kb.cert.org\/vuls\/id\/228519\/\" target=\"_blank\" rel=\"noopener\">Software Engineers Institute Vulnerability Notes Database<\/a><\/p>\n<p><a href=\"https:\/\/www.krackattacks.com\/\" target=\"_blank\" rel=\"noopener\">Krack Attacks report<\/a><\/p>\n<p><a href=\"https:\/\/9to5mac.com\/2017\/10\/16\/wifi-wpa2-hacked\/\" target=\"_blank\" rel=\"noopener\">9TO5Mac<\/a><\/p>\n<p><a href=\"https:\/\/arstechnica.com\/information-technology\/2017\/10\/severe-flaw-in-wpa2-protocol-leaves-wi-fi-traffic-open-to-eavesdropping\/\" target=\"_blank\" rel=\"noopener\">ARS Technica<\/a><\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>[header2 text=&#8221;KRACK &#8211; Wireless Access Vulnerability&#8221; align=&#8221;left&#8221; color=&#8221;#336A40&#8243; margintop=&#8221;&#8221;] It\u2019s been all over the news that the dastardly hackers have struck again, this time hitting your favourite wireless.\u00a0 According to some reports, the world will end (again!). Firstly, its true : this week has seen the public release of information about a vulnerability with Wi-Fi [&hellip;]<\/p>\n","protected":false},"author":5,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"","_et_pb_old_content":"","_et_gb_content_width":"","footnotes":""},"categories":[4],"tags":[],"class_list":["post-2296","post","type-post","status-publish","format-standard","hentry","category-news"],"_links":{"self":[{"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/wp\/v2\/posts\/2296","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2296"}],"version-history":[{"count":0,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/wp\/v2\/posts\/2296\/revisions"}],"wp:attachment":[{"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2296"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2296"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2296"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}