Apple confirms KRACK Wi-Fi WPA-2 attack vector patched in iOS, tvOS, watchOS, macOS betas
AppleInsider has learned that Apple has rectified the "KRACK Attack" Wi-Fi WPA-2 exploit in "recent" macOS, iOS, tvOS, and watchOS betas -- but was unable to confirm that a patch is coming for the AirPort series of routers.
Sources inside Apple not authorized to speak on behalf of the company has told AppleInsider that the patch to remove hardware susceptibility was included in a "previous" beta of the current range of operating systems -- meaning a release before Monday's batch. However, our source specifically noted that AirPort hardware, including the Time Machine, AirPort Extreme base station, and AirPort Express does not have a patch available -- and was not certain if one was in progress.
The last firmware update for the AirPort family of hardware was in Dec. 2016 -- well before the May disclosure of the vulnerability. It is not clear at this time if a patch for the KRACK exploit will be issued for the AirPort.
AppleInsider has reached out to Apple for more information regarding the AirPort family of devices, and to find out specifically which beta versions implement the KRACK patch.
Both a router and a client device must be susceptible to the KRACK Attack vector for the assault to succeed. If either are patched, then no data can be gleaned from the man-in-the-middle method publicized on Monday morning.
The exploit takes advantage of a four-way handshake between a router and a connecting device to establish the encryption key. Properly executed, the third step can be compromised, resulting in the re-use of an encryption key -- or in some cases in Android and Linux, the establishment of a null key.
The researchers claim that the attack vector completely opens up an Android 6.0 and later devices. Other operating systems, including iOS and macOS are less impacted, but "a large number of packets" can still be decrypted from all.
The attack uses one or more of 10 different exploits. The details of the exploit were submitted for review on May 19, and a conference presentation will be delivered on Nov. 1.
Sources inside Apple not authorized to speak on behalf of the company has told AppleInsider that the patch to remove hardware susceptibility was included in a "previous" beta of the current range of operating systems -- meaning a release before Monday's batch. However, our source specifically noted that AirPort hardware, including the Time Machine, AirPort Extreme base station, and AirPort Express does not have a patch available -- and was not certain if one was in progress.
The last firmware update for the AirPort family of hardware was in Dec. 2016 -- well before the May disclosure of the vulnerability. It is not clear at this time if a patch for the KRACK exploit will be issued for the AirPort.
AppleInsider has reached out to Apple for more information regarding the AirPort family of devices, and to find out specifically which beta versions implement the KRACK patch.
Both a router and a client device must be susceptible to the KRACK Attack vector for the assault to succeed. If either are patched, then no data can be gleaned from the man-in-the-middle method publicized on Monday morning.
The exploit takes advantage of a four-way handshake between a router and a connecting device to establish the encryption key. Properly executed, the third step can be compromised, resulting in the re-use of an encryption key -- or in some cases in Android and Linux, the establishment of a null key.
The researchers claim that the attack vector completely opens up an Android 6.0 and later devices. Other operating systems, including iOS and macOS are less impacted, but "a large number of packets" can still be decrypted from all.
The attack uses one or more of 10 different exploits. The details of the exploit were submitted for review on May 19, and a conference presentation will be delivered on Nov. 1.
Comments
So to sum up, it is a serious flaw apparently. Will it mean the end of all life online? Not a chance. Will it turn into the usual Android vs iOS pissing contest? No doubt.
The vulnerability affects the last step in a four-way handshake. Normally, that last step is performed by the Wi-Fi client. When 802.11r is enabled, and a client roams from one access point to another, it can be the access point that performs the last step.
802.11r is a feature you'd be more likely to find in mesh Wi-Fi or enterprise-grade Wi-Fi systems.
https://www.imore.com/krack-wpa2-wi-fi-exploit-already-fixed-ios-macos-tvos-watchos-betas
Either a client or a router needs to be patched for a connection to be secure. If every client ever is patched, then no router will need to be, and the converse is true.
However, the reality is that there will be many macs, PCs, phones, and routers that will not get patched either because of age, or user inaction. Do you think Apple is going to patch Lion, for instance? It behooves everyone, users and companies alike, to patch as much gear as they can, as far as they can.
Mavericks was released four years ago; is there some software you’re using on Mavericks that can’t run on El Capitan? Otherwise there’s no excuse for not keeping up to date with the OS and security.
I've not seen the hyperbolic responses you are claiming. Every credible source I've read has calmly stated that an attacker needs to be in range of your wireless network and that if your device is patched, then you need not worry about unpatched routers. That being said, I prefer over-communication so that I can make my own determination as to what my security posture should be. Also, non-technical users should be told to avoid public hotspots if at all possible until their devices are patched. This is not paranoia; it's just good advice.
So is it 10 exploits, or one exploit? Or should that be details "of the attack" of which there are 10 different possible ways to execute (exploit) it?