Re: KRACK security hole in WPA2 - VM fixes incoming?
 

Well if its bad, we are all in trouble.

No and you have a point but every little bit helps...

Re: KRACK security hole in WPA2 - VM fixes incoming?
 

I think you're vastly underestimating the sheer amount of RF radiation around the place.

Re: KRACK security hole in WPA2 - VM fixes incoming?
 

They may not be that noticeable. There is a small car park just behind my garden, and when I first got a Wifi router (admittedly before I found out about encrypted Wifi), I found a lot of strange M.A.C. addresses in the access logs. There were also a lot of unsecured Wifi networks in the neighbourhood, and we tended to get a lot of lorries staying overnight in the carpark. Then, one by one, the residents (myself included) locked down our networks, and the Lorrys stopped appearing.

Re: KRACK security hole in WPA2 - VM fixes incoming?
 

I'm in real trouble, then.

I have a Three femtocell downstairs, along with a wireless router pumping out a 40 MHz wide signal in the 2.4 GHz band, an 80 MHz wide signal in the 5 GHz band and a 2.16 GHz wide channel in the 60 GHz range.

There's also an access point upstairs pumping out 20 MHz of 2.4 GHz band and another 80 MHz of 5 GHz band.

Lastly 2 x IoT networks using LORA, ZigBee or similar.

Those are just the producers of RF inside that are intended to produce it. Obviously there'll be a bunch of other stuff producing it, such as all client devices and indeed the monitor I'm looking at right now.

Re: KRACK security hole in WPA2 - VM fixes incoming?
 

There was a feature on last nights Gadget Show. They obtained permission first from a family and managed to hack into their Wi-Fi. Within three hours they could see them, hear them and browse their wedding photos.

They said that to avoid this users should update their password and make sure that all security updates were downloaded:

https://www.my5.tv/the-gadget-show/season-27/episode-5

Re: KRACK security hole in WPA2 - VM fixes incoming?
 

I bought a Fingbox from Amazon, which blocks any new devices connecting without permission.

Any new devices that try and connect, an alert is sent to my phone via the app.

This will then allow me to grant or deny access.

Re: KRACK security hole in WPA2 - VM fixes incoming?
 

Typical media hype. Yes it is possible to do but before you start worrying about it just stop and think.

It took professional penetration testers 3 hrs to eventually get in. These are people who have access to all the latest penetration software and know how to use it.

Next consider who is going to go to that extent just to hack you. Are you that important for a professional hacker to take the time? I mean this in general not specifically at you.

It is a non issue for the majority of users and just serves as a reminder to keep systems updated. Update router password? No, change it from the moment you install it.

Re: KRACK security hole in WPA2 - VM fixes incoming?
 

Even more so now that, apparently, Russia wants to cause problems for us in retaliation for Syria:

https://www.theguardian.com/technolo...cked-your-wifi

Re: KRACK security hole in WPA2 - VM fixes incoming?
 

but by that logic you should make your password password123 how many people are going to try and break your password

you are saying how likely are you to be in range of somebody with the knowledge to do it

I say how many people are around people who can I have 4 neighbours that I can reach from my desk

how long until it's packaged up in something like Backtrack so it's basically press 1 to hack

Re: KRACK security hole in WPA2 - VM fixes incoming?
 

what Pip is trying to say is yes, the means are out there, but what are the chances that

a) somebody with the knowledge

and

b) somebody with the software

and

c) somebody is going to take the time

and

d) going to specifically target you

Unless it is an intentional attack for personal reasons the chances are that you are not worth a hackers time because you will yield little reward. Last time I checked 100,000 people live in Lincoln. Statistically what are the chances that somebody is going to come and sit outside my house for 3 hours and try and crack my password for my Asus router? Even if they managed it they wouldn't get anything of value so it just isn't worth their time. There are bigger fish to fry!

Re: KRACK security hole in WPA2 - VM fixes incoming?
 

More than this, it means they also had a poorly secured security camera or computer with webcam and decent wide area microphone, and NAS with a file share hosting their wedding photos.

A bit tenuous really.

Re: KRACK security hole in WPA2 - VM fixes incoming?
 

Exactly.

BTW for those interested nothing like this will ever be integrated into Backtrack. (Shhh General).

Re: KRACK security hole in WPA2 - VM fixes incoming?
 

the arguments seem to be

a) there's not a lot of people who can boot up linux (if it's not that simple now somebody will package it up so it is soon)

b) somebody with the software (if you're into hacking you will find a software or some variant of it)

c) somebody is going to take the time(I spend hours and hours fiddling with tech I don't see this as a barrier for somebody who like's hacking)

d) going to specifically target you (they are going to target somebody)


so you are comfortable. Playing the odds that the guy who is hacked isn't you
I'm saying it will happen to some people
the more that they leave it the easier it will be to do and the more it will be combined with other attacks and the more common it will become

Re: KRACK security hole in WPA2 - VM fixes incoming?
 

Ok let me put it this way, i am very happy that statistically i am never going to be hacked.