Home Network Community >
Wi-Fi Routers >
[Security Flaws] Severe flaws called "KRACK" are discovered in the WPA2 protocol
[Security Flaws] Severe flaws called "KRACK" are discovered in the WPA2 protocol
This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
[Security Flaws] Severe flaws called "KRACK" are discovered in the WPA2 protocol
Posts: 334
Helpful: 16
Solutions: 0
Stories: 0
Registered: 2012-03-28
2017-10-17 11:29:42
Posts: 334
Helpful: 16
Solutions: 0
Stories: 0
Registered: 2012-03-28
[Security Flaws] Severe flaws called "KRACK" are discovered in the WPA2 protocol
2017-10-17 11:29:42
Tags:
Dear All,
On October 16th, 2017, an security researcher has disclosed some severe flaws in the WPA2 security protocol.
Description of the vulnerability
The vulnerability that known as "KRACK", short for Key Reinstallation Attack, will target the four-way handshake of the WPA2 protocol. Mathy Vanhoef, who published the flaw, said that the flaw may allow an attacker within the Wi-Fi range to decrypt network traffic from a WPA2-enabled device, hijack connections, and inject content into the traffic stream.
The publisher also points out that, the main attack is against the 4-way handshake, and does not exploit access points, but instead targets clients. So it might be that your router does not require security updates.
For more details, please refer to the below article published by Vanhoef:
https://www.krackattacks.com/
The following Common Vulnerabilities and Exposures (CVE) identifiers were assigned to track which products are affected by specific instantiations of the key reinstallation attack:CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13084, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088
TP-Link is aware of the vulnerabilities (KRACKs) in the WPA-2 protocol. We have published a security advisory on the official website and are working to solve the problems now.
Security Advisory: http://www.tp-link.com/en/faq-1970.html
[FONT=&]Software updates for the affected devices will be post at http://www.tp-link.com/support.html over the next few weeks.[/FONT]
Your network security is highly regarded by TP-Link.
Clarification for the WPA2 Vulnerabilities:
1. Please have a look at the article published by Mathy Vanhoef and pay attention to the QA listed at the end:
Q: What if there are no security updates for my router?
A: Our main attack is against the 4-way handshake, and does not exploit access points, but instead targets clients. So it might be that your router does not require security updates. We strongly advise you to contact your vendor for more details. In general though, you can try to mitigate attacks against routers and access points by disabling client functionality (which is for example used in repeater modes) and disabling 802.11r (fast roaming). For ordinary home users, your priority should be updating clients such as laptops and smartphones.
From the QA, we can get clear that the vulnerabilities only targets the devices act as Wi-Fi clients, including laptops, smartphones, range extenders working in RE mode, routers/gateways working in RE/WDS/WISP mode.
Thus if you're using the following TP-Link products:
(Unaffected Devices)
# All powerline adapters
# All mobile Wi-Fi products
# Routers and gateways working on default Router mode or Access Point mode
# Range extenders working in AP mode
You will not be affected by the WPA2 vulnerabilities. What you need to do is updating your Wi-Fi clients.
2. Conditions under which devices are vulnerable:
# Physical proximity: An attack can only happen when an attacker is in physical proximity to and within wireless range of your network.
# Time window: An attack can only happen when a client is connecting or reconnecting to a Wi-Fi network.
Devices affected by the vulnerability
Routers working in Repeater Mode/WISP Mode/Client Mode:
TL-WR940N with firmware version 3.17.1 Build 170717 Rel.55495n or earlier (Hardware Version 3.0 or earlier not affected)
[FONT=verdana]TL-WR841Nv13 with firmware version 0.9.1 4.16 v0348.0 Build 170814 Rel.59214n or earlier (Hardware Version 12.0 or earlier not affected)
TL-WR840N with firmware version 0.9.1 4.16 v019a.0 Build 170524 Rel.56478n or earlier (Hardware Version 2.0 or earlier not affected)
TL-WR941HP with firmware version 3.16.9 Build 20170116 Rel.50912n or earlier
TL-WR841HP with firmware version 3.16.9 Build 160612 Rel.67073n or earlier
TL-WR902AC with firmware version 3.16.9 Build 20160905 Rel.61455n or earlier
TL-WR802N with firmware version 0.9.1 3.16 v0188.0 Build 170705 Rel.34179n or earlier
TL-WR810N with firmware version 3.16.9 Build 160801 Rel.57365n or earlier
Routers with WDS function enabled (disabled by default) may be affected. Refer to the [COLOR=#0000ff]FAQ to learn how to check if WDS is enabled on your router.
Range Extenders working in Repeater Mode during a WPA2 handshake that is initiated only when connecting or reconnecting to a router:
TL-WA850RE with firmware version 1.0.0 Build 20170609 Rel.34153 or earlier
TL-WA855RE with firmware version 1.0.0 Build 20170609 Rel.36187 or earlier
TL-WA860RE with firmware version 1.0.0 Build 20170609 Rel.38491 or earlier
RE200 with firmware version 1.1.3 Build 20170818 Rel.58183 or earlier
RE210 with firmware version 3.14.2 Build 160623 Rel.43391n or earlier
RE305 with firmware version 1.0.0 Build 20170614 Rel.42952 or earlier
RE450 with firmware version 1.0.2 Build 20170626 Rel.60833 or earlier
RE500 with firmware version 1.0.1 Build20170210 Rel.59671 or earlier
RE650 with firmware version 1.0.2 Build 20170524 Rel.58598 or earlier
Wireless Adapters:
Archer T6E
Archer T9E
Whole Home Wi-Fi System:
Deco M5 with firmware version 1.1.5 Build 20170820 Rel.62483 or earlier
CPE/WBS/CAP:
CAP300 with firmware version 1.1.0 Build 20170601 Rel.60253 or earlier
CAP300-Outdoor with firmware version 1.1.0 Build 20170601 Rel.60212 or earlier
CAP1750 with firmware version 1.1.0 Build 20170601 Rel.60196 or earlier
CAP1200 with firmware version 1.0.0 Build 20170801 Rel.61314 or earlier
TL-ER604W with firmware version 1.2.0 Build 20160825 Rel.45880 or earlier
CPE520 with firmware version 2.1.6 Build 20170908 Rel.45234 or earlier
CPE610 with firmware version 2.1.5 Build 20170830 Rel. 58245 or earlier
CPE510 with firmware version 2.1.6 Build 20170908 Rel. 45233 or earlier
CPE220 with firmware version 2.1.6 Build 20170908 Rel. 45233 or earlier
CPE210 with firmware version 2.1.6 Build 20170908 Rel. 45234 or earlier
WBS210 with firmware version 2.1.0 Build 20170609 Rel. 57434 or earlier
WBS510 with firmware version 2.1.6 Build 20170908 Rel. 45234 or earlier
Smart home devices:
Smart Plugs and Switch: HS100,HS105,HS110,HS200
Smart Repeater with Plugs: RE350K,RE270K,RE370K
Cameras: NC250,NC260,NC450, KC120
[/FONT]
How to protect your devices
Until a software update is available to eliminate the vulnerability for your product, it is recommended to take the following precautions:
For wireless routers: Make sure your routers are in Router Mode or AP Mode, and patch the operating system of your smartphones, tablets and computers.
For wireless adapters: Patch the operating system of your computers.
Microsoft security update: Microsoft has fixed such security issues as mentioned in https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-13080
TP-Link has been working on affected models and will release firmware over the next few weeks on our official website.
Reversion History
2017-10-17: Initial release
2017-10-18: Updated some clarifications for the WPA2 vulnerabilities
2017-10-18: Updated the list of affected devices
On October 16th, 2017, an security researcher has disclosed some severe flaws in the WPA2 security protocol.
Description of the vulnerability
The vulnerability that known as "KRACK", short for Key Reinstallation Attack, will target the four-way handshake of the WPA2 protocol. Mathy Vanhoef, who published the flaw, said that the flaw may allow an attacker within the Wi-Fi range to decrypt network traffic from a WPA2-enabled device, hijack connections, and inject content into the traffic stream.
The publisher also points out that, the main attack is against the 4-way handshake, and does not exploit access points, but instead targets clients. So it might be that your router does not require security updates.
For more details, please refer to the below article published by Vanhoef:
https://www.krackattacks.com/
The following Common Vulnerabilities and Exposures (CVE) identifiers were assigned to track which products are affected by specific instantiations of the key reinstallation attack:CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13084, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088
TP-Link is aware of the vulnerabilities (KRACKs) in the WPA-2 protocol. We have published a security advisory on the official website and are working to solve the problems now.
Security Advisory: http://www.tp-link.com/en/faq-1970.html
[FONT=&]Software updates for the affected devices will be post at http://www.tp-link.com/support.html over the next few weeks.[/FONT]
Your network security is highly regarded by TP-Link.
Clarification for the WPA2 Vulnerabilities:
1. Please have a look at the article published by Mathy Vanhoef and pay attention to the QA listed at the end:
Q: What if there are no security updates for my router?
A: Our main attack is against the 4-way handshake, and does not exploit access points, but instead targets clients. So it might be that your router does not require security updates. We strongly advise you to contact your vendor for more details. In general though, you can try to mitigate attacks against routers and access points by disabling client functionality (which is for example used in repeater modes) and disabling 802.11r (fast roaming). For ordinary home users, your priority should be updating clients such as laptops and smartphones.
From the QA, we can get clear that the vulnerabilities only targets the devices act as Wi-Fi clients, including laptops, smartphones, range extenders working in RE mode, routers/gateways working in RE/WDS/WISP mode.
Thus if you're using the following TP-Link products:
(Unaffected Devices)
# All powerline adapters
# All mobile Wi-Fi products
# Routers and gateways working on default Router mode or Access Point mode
# Range extenders working in AP mode
You will not be affected by the WPA2 vulnerabilities. What you need to do is updating your Wi-Fi clients.
2. Conditions under which devices are vulnerable:
# Physical proximity: An attack can only happen when an attacker is in physical proximity to and within wireless range of your network.
# Time window: An attack can only happen when a client is connecting or reconnecting to a Wi-Fi network.
Devices affected by the vulnerability
Routers working in Repeater Mode/WISP Mode/Client Mode:
TL-WR940N with firmware version 3.17.1 Build 170717 Rel.55495n or earlier (Hardware Version 3.0 or earlier not affected)
[FONT=verdana]TL-WR841Nv13 with firmware version 0.9.1 4.16 v0348.0 Build 170814 Rel.59214n or earlier (Hardware Version 12.0 or earlier not affected)
TL-WR840N with firmware version 0.9.1 4.16 v019a.0 Build 170524 Rel.56478n or earlier (Hardware Version 2.0 or earlier not affected)
TL-WR941HP with firmware version 3.16.9 Build 20170116 Rel.50912n or earlier
TL-WR841HP with firmware version 3.16.9 Build 160612 Rel.67073n or earlier
TL-WR902AC with firmware version 3.16.9 Build 20160905 Rel.61455n or earlier
TL-WR802N with firmware version 0.9.1 3.16 v0188.0 Build 170705 Rel.34179n or earlier
TL-WR810N with firmware version 3.16.9 Build 160801 Rel.57365n or earlier
Routers with WDS function enabled (disabled by default) may be affected. Refer to the [COLOR=#0000ff]FAQ to learn how to check if WDS is enabled on your router.
Range Extenders working in Repeater Mode during a WPA2 handshake that is initiated only when connecting or reconnecting to a router:
TL-WA850RE with firmware version 1.0.0 Build 20170609 Rel.34153 or earlier
TL-WA855RE with firmware version 1.0.0 Build 20170609 Rel.36187 or earlier
TL-WA860RE with firmware version 1.0.0 Build 20170609 Rel.38491 or earlier
RE200 with firmware version 1.1.3 Build 20170818 Rel.58183 or earlier
RE210 with firmware version 3.14.2 Build 160623 Rel.43391n or earlier
RE305 with firmware version 1.0.0 Build 20170614 Rel.42952 or earlier
RE450 with firmware version 1.0.2 Build 20170626 Rel.60833 or earlier
RE500 with firmware version 1.0.1 Build20170210 Rel.59671 or earlier
RE650 with firmware version 1.0.2 Build 20170524 Rel.58598 or earlier
Wireless Adapters:
Archer T6E
Archer T9E
Whole Home Wi-Fi System:
Deco M5 with firmware version 1.1.5 Build 20170820 Rel.62483 or earlier
CPE/WBS/CAP:
CAP300 with firmware version 1.1.0 Build 20170601 Rel.60253 or earlier
CAP300-Outdoor with firmware version 1.1.0 Build 20170601 Rel.60212 or earlier
CAP1750 with firmware version 1.1.0 Build 20170601 Rel.60196 or earlier
CAP1200 with firmware version 1.0.0 Build 20170801 Rel.61314 or earlier
TL-ER604W with firmware version 1.2.0 Build 20160825 Rel.45880 or earlier
CPE520 with firmware version 2.1.6 Build 20170908 Rel.45234 or earlier
CPE610 with firmware version 2.1.5 Build 20170830 Rel. 58245 or earlier
CPE510 with firmware version 2.1.6 Build 20170908 Rel. 45233 or earlier
CPE220 with firmware version 2.1.6 Build 20170908 Rel. 45233 or earlier
CPE210 with firmware version 2.1.6 Build 20170908 Rel. 45234 or earlier
WBS210 with firmware version 2.1.0 Build 20170609 Rel. 57434 or earlier
WBS510 with firmware version 2.1.6 Build 20170908 Rel. 45234 or earlier
Smart home devices:
Smart Plugs and Switch: HS100,HS105,HS110,HS200
Smart Repeater with Plugs: RE350K,RE270K,RE370K
Cameras: NC250,NC260,NC450, KC120
[/FONT]
How to protect your devices
Until a software update is available to eliminate the vulnerability for your product, it is recommended to take the following precautions:
For wireless routers: Make sure your routers are in Router Mode or AP Mode, and patch the operating system of your smartphones, tablets and computers.
For wireless adapters: Patch the operating system of your computers.
Microsoft security update: Microsoft has fixed such security issues as mentioned in https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-13080
TP-Link has been working on affected models and will release firmware over the next few weeks on our official website.
Reversion History
2017-10-17: Initial release
2017-10-18: Updated some clarifications for the WPA2 vulnerabilities
2017-10-18: Updated the list of affected devices
#1
Options
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
Thread Manage
Announcement Manage
149 Reply
Posts: 6
Helpful: 0
Solutions: 0
Stories: 0
Registered: 2017-10-17
Re:[Security Flaws] Severe flaws called "KRACK" are discovered in the WPA2 protocol
2017-10-18 11:29:19
saying that wifi routers are not effected is wrong and not correct!
- both the client and wifi router need to be fixed
- it is true that if a client OR wifi router is patched then the vulnerability cant be exploited
is tplink saying that since apple, MS, etc. have fixed the client side that tplink doesn't need to fix the wifi router end of the issue? maybe i am not understanding but this sounds like what is being said and is wrong. therefore any wifi router supporting WPA2 should be patched.
"So again, update all your devices once security updates are available. Finally, although an unpatched client can still connect to a patched AP, and vice versa, both the client and AP must be patched to defend against all attacks!"
https://www.krackattacks.com/#faq
- both the client and wifi router need to be fixed
- it is true that if a client OR wifi router is patched then the vulnerability cant be exploited
is tplink saying that since apple, MS, etc. have fixed the client side that tplink doesn't need to fix the wifi router end of the issue? maybe i am not understanding but this sounds like what is being said and is wrong. therefore any wifi router supporting WPA2 should be patched.
"So again, update all your devices once security updates are available. Finally, although an unpatched client can still connect to a patched AP, and vice versa, both the client and AP must be patched to defend against all attacks!"
https://www.krackattacks.com/#faq
0
We appreciate your feedback. Feel free to let us know more. Log in to submit feedback.
0
We appreciate your feedback. Feel free to let us know more. Log in to submit feedback.
#42
Options
- Copy Link
- Report Inappropriate Content
Thread Manage
Announcement Manage
Posts: 2
Helpful: 0
Solutions: 0
Stories: 0
Registered: 2017-10-17
Re:[Security Flaws] Severe flaws called "KRACK" are discovered in the WPA2 protocol
2017-10-18 11:41:37
is2017 wrote
it is true that if a client OR wifi router is patched then the vulnerability cant be exploited
This is wrong. The attack primarily focuses on the client and so if only the router/access point is patched, the client is still vulnerable. All clients MUST be patched.
Ideally all routers and access-points would be patched as well. However, even the krack attacks website acknowledges that not all access points will need to be, as the vulnerability exists when they make a connection to an upstream device (i.e. wireless repeaters). I think this is what TP-Link are attempting to point out when they say not to enable wireless bridging on the devices that feature it.
0
We appreciate your feedback. Feel free to let us know more. Log in to submit feedback.
0
We appreciate your feedback. Feel free to let us know more. Log in to submit feedback.
#43
Options
- Copy Link
- Report Inappropriate Content
Thread Manage
Announcement Manage
Posts: 334
Helpful: 16
Solutions: 0
Stories: 0
Registered: 2012-03-28
Re:[Security Flaws] Severe flaws called "KRACK" are discovered in the WPA2 protocol
2017-10-18 11:54:18
is2017 wrote
saying that wifi routers are not effected is wrong and not correct!
- both the client and wifi router need to be fixed
- it is true that if a client OR wifi router is patched then the vulnerability cant be exploited
is tplink saying that since apple, MS, etc. have fixed the client side that tplink doesn't need to fix the wifi router end of the issue? maybe i am not understanding but this sounds like what is being said and is wrong. therefore any wifi router supporting WPA2 should be patched.
"So again, update all your devices once security updates are available. Finally, although an unpatched client can still connect to a patched AP, and vice versa, both the client and AP must be patched to defend against all attacks!"
https://www.krackattacks.com/#faq
Just as what I said, TP-Link will patch the routers as well in weeks. And routers are only affected in WDS bridging mode.
The vulnerability mainly targets the Wi-Fi clients, thus if you don't get the router (in default router mode or AP mode) patched through the router, you won't be attacked. If you get the router patched, but Wi-Fi clients not patched, you are likely to be attacked.
0
We appreciate your feedback. Feel free to let us know more. Log in to submit feedback.
0
We appreciate your feedback. Feel free to let us know more. Log in to submit feedback.
#44
Options
- Copy Link
- Report Inappropriate Content
Thread Manage
Announcement Manage
Posts: 6
Helpful: 0
Solutions: 0
Stories: 0
Registered: 2015-11-23
It's not really true the AP are not affected if not used in client or repeater mode
2017-10-18 16:50:25
Hi TP-Link,
I would kindly ask to review your statement about AP/Router are not affected if not used in client or repeater mode for below reason:
If you check the dedicated KRACK research paper at https://papers.mathyvanhoef.com/ccs2017.pdf you can understand that the problem why a client can be "attacked" from KRACK is also due to AP/Router implementation as follow:
In the research paper you can read:
" In practice, we found that several APs indeed accept an older replay
counter. More precisely, some APs accept replay counters that were
used in a message to the client, but were not yet used in a reply
from the client (see column 2 in Table 2 on page 8). These APs
will accept the older unencrypted message 4, which has the replay counter r+1 in Figure 4."
So maybe you should check if your router/AP is accepting older replay counter.
and in addition it seems also below technique can be used against AP as per the research paper:
" it is still possible to indirectly attack them by performing a key reinstallation attack against the AP during an FT handshake" (see Section 5 - A Key Reinstallation Attack against the AP):
"This attack technique requires us to wait until a rekey of the
session key occurs. Several APs do this every hour [66], some examples
being [24, 26]. In practice, clients can also request a rekey by
sending an EAPOL frame to the AP with the Request and Pairwise
bits set. Coincidently, Broadcom routers do not verify the authenticity
(MIC) of this frame, meaning an adversary can force Broadcom
APs into starting a rekey handshake. All combined, we can assume
a rekey will eventually occur, meaning an adversary can carry out
the key reinstallation attack."
So maybe you should check if your AP/Router are affected about " not verify the authenticity (MIC) of this frame"
So I would really kindly ask you to re-check your product if they are affected and support us as your customers with a fix on AP/Router side (in my case W8970)
Thanks in advance for your understanding!
I would kindly ask to review your statement about AP/Router are not affected if not used in client or repeater mode for below reason:
If you check the dedicated KRACK research paper at https://papers.mathyvanhoef.com/ccs2017.pdf you can understand that the problem why a client can be "attacked" from KRACK is also due to AP/Router implementation as follow:
In the research paper you can read:
" In practice, we found that several APs indeed accept an older replay
counter. More precisely, some APs accept replay counters that were
used in a message to the client, but were not yet used in a reply
from the client (see column 2 in Table 2 on page 8). These APs
will accept the older unencrypted message 4, which has the replay counter r+1 in Figure 4."
So maybe you should check if your router/AP is accepting older replay counter.
and in addition it seems also below technique can be used against AP as per the research paper:
" it is still possible to indirectly attack them by performing a key reinstallation attack against the AP during an FT handshake" (see Section 5 - A Key Reinstallation Attack against the AP):
"This attack technique requires us to wait until a rekey of the
session key occurs. Several APs do this every hour [66], some examples
being [24, 26]. In practice, clients can also request a rekey by
sending an EAPOL frame to the AP with the Request and Pairwise
bits set. Coincidently, Broadcom routers do not verify the authenticity
(MIC) of this frame, meaning an adversary can force Broadcom
APs into starting a rekey handshake. All combined, we can assume
a rekey will eventually occur, meaning an adversary can carry out
the key reinstallation attack."
So maybe you should check if your AP/Router are affected about " not verify the authenticity (MIC) of this frame"
So I would really kindly ask you to re-check your product if they are affected and support us as your customers with a fix on AP/Router side (in my case W8970)
Thanks in advance for your understanding!
0
We appreciate your feedback. Feel free to let us know more. Log in to submit feedback.
0
We appreciate your feedback. Feel free to let us know more. Log in to submit feedback.
#45
Options
- Copy Link
- Report Inappropriate Content
Thread Manage
Announcement Manage
Posts: 10
Helpful: 1
Solutions: 0
Stories: 0
Registered: 2017-05-11
Re:[Security Flaws] Severe flaws called "KRACK" are discovered in the WPA2 protocol
2017-10-18 20:01:28
The DecoM5 ist listed to be vulnerable in post #1.
Since the mesh design is a bit more complex and does not transparently allow for deactivation of WDS, bridgeing an Co. (at least not for the backhaul) I am wondering under which cicumstances the DecoM5 is vulnerable - and of course when a fix will be availible fo this top of e line product.
Since the mesh design is a bit more complex and does not transparently allow for deactivation of WDS, bridgeing an Co. (at least not for the backhaul) I am wondering under which cicumstances the DecoM5 is vulnerable - and of course when a fix will be availible fo this top of e line product.
0
We appreciate your feedback. Feel free to let us know more. Log in to submit feedback.
0
We appreciate your feedback. Feel free to let us know more. Log in to submit feedback.
#46
Options
- Copy Link
- Report Inappropriate Content
Thread Manage
Announcement Manage
Posts: 2
Helpful: 0
Solutions: 0
Stories: 0
Registered: 2017-10-18
Re:[Security Flaws] Severe flaws called "KRACK" are discovered in the WPA2 protocol
2017-10-18 20:20:08
I've read TP-Link's latest updates, and some of them are hard to reconcile with the information on the linked krack info page. It explicitly states that most wifi-using devices are vulnerable, not just clients (even though clients are the main focus of the attack):
Most other mainstream router vendors have already either released patches or announced plans to patch this. It may be that TP-Link's devices don't need to be updated, but as every device using the WPA2 protocol is affected, that would be a little surprising. Could you please explain what's different about TP-Link's implementation of the WPA2 protocol that would eliminate the need to address it? And are there any other non-standard protocol implementations we should be aware of?
The weaknesses are in the Wi-Fi standard itself, and not in individual products or implementations. Therefore, any correct implementation of WPA2 is likely affected. To prevent the attack, users must update affected products as soon as security updates become available. Note that if your device supports Wi-Fi, it is most likely affected .
Most other mainstream router vendors have already either released patches or announced plans to patch this. It may be that TP-Link's devices don't need to be updated, but as every device using the WPA2 protocol is affected, that would be a little surprising. Could you please explain what's different about TP-Link's implementation of the WPA2 protocol that would eliminate the need to address it? And are there any other non-standard protocol implementations we should be aware of?
0
We appreciate your feedback. Feel free to let us know more. Log in to submit feedback.
0
We appreciate your feedback. Feel free to let us know more. Log in to submit feedback.
#47
Options
- Copy Link
- Report Inappropriate Content
Thread Manage
Announcement Manage
Posts: 1
Helpful: 0
Solutions: 0
Stories: 0
Registered: 2017-10-18
Switched to DD-WRT Firmware ...
2017-10-18 22:05:43
.. because DD-WRT has immediatly fixed the KRACK vulnarability and I can't wait for weeks until TP-Link doing the same.
0
We appreciate your feedback. Feel free to let us know more. Log in to submit feedback.
0
We appreciate your feedback. Feel free to let us know more. Log in to submit feedback.
#48
Options
- Copy Link
- Report Inappropriate Content
Thread Manage
Announcement Manage
Posts: 6
Helpful: 0
Solutions: 0
Stories: 0
Registered: 2017-10-17
Re:[Security Flaws] Severe flaws called "KRACK" are discovered in the WPA2 protocol
2017-10-18 23:38:48
I suppose we are all speculating and tplink are the only ones that know for sure what the impact is to their products (for now). as with any public vulnrability,many people are developing exploit kits.
when those are tested against tplink patched devices and devices deemed not to require a patch, we will know for sure. at that time if it is discovered that tplink did not patch a device it should have, it will look far worse then this poor response.
I will reserve judgment until then and assume tplink will do the right thing.
when those are tested against tplink patched devices and devices deemed not to require a patch, we will know for sure. at that time if it is discovered that tplink did not patch a device it should have, it will look far worse then this poor response.
I will reserve judgment until then and assume tplink will do the right thing.
0
We appreciate your feedback. Feel free to let us know more. Log in to submit feedback.
0
We appreciate your feedback. Feel free to let us know more. Log in to submit feedback.
#49
Options
- Copy Link
- Report Inappropriate Content
Thread Manage
Announcement Manage
Posts: 15
Helpful: 0
Solutions: 0
Stories: 0
Registered: 2017-08-17
Re:[Security Flaws] Severe flaws called "KRACK" are discovered in the WPA2 protocol
2017-10-19 00:17:01
So, today we have learnt that:
1. TP-Link do not have the technical competency to understand the KRACK vulnerability paper. If they did, they would understand that patching clients AND APs is required to fully mitigate risk.
2. TP-Link do not care about the network security of their customers - they are content to leave unpatched TP-Link APs and state that network security is the responsibility of the client only
3. TP-Link do not understand the nature of the technological landscape in which they operate. If they did, they would understand that many client devices won't get patched in a timely fashion, or at all (old Android devices, IoT devices etc), and they would understand that the best thing they could do for their customers would be to ensure all APs are patched.
I'm literally done with TP-Link after this. I will be recommending all businesses, friends and family members replace any TP-Link devices ASAP.
1. TP-Link do not have the technical competency to understand the KRACK vulnerability paper. If they did, they would understand that patching clients AND APs is required to fully mitigate risk.
2. TP-Link do not care about the network security of their customers - they are content to leave unpatched TP-Link APs and state that network security is the responsibility of the client only
3. TP-Link do not understand the nature of the technological landscape in which they operate. If they did, they would understand that many client devices won't get patched in a timely fashion, or at all (old Android devices, IoT devices etc), and they would understand that the best thing they could do for their customers would be to ensure all APs are patched.
I'm literally done with TP-Link after this. I will be recommending all businesses, friends and family members replace any TP-Link devices ASAP.
0
We appreciate your feedback. Feel free to let us know more. Log in to submit feedback.
0
We appreciate your feedback. Feel free to let us know more. Log in to submit feedback.
#50
Options
- Copy Link
- Report Inappropriate Content
Thread Manage
Announcement Manage
Posts: 6
Helpful: 0
Solutions: 0
Stories: 0
Registered: 2017-10-17
Re:[Security Flaws] Severe flaws called "KRACK" are discovered in the WPA2 protocol
2017-10-19 01:28:23
jgu wrote
So, today we have learnt that:
1. TP-Link do not have the technical competency to understand the KRACK vulnerability paper. If they did, they would understand that patching clients AND APs is required to fully mitigate risk.
2. TP-Link do not care about the network security of their customers - they are content to leave unpatched TP-Link APs and state that network security is the responsibility of the client only
3. TP-Link do not understand the nature of the technological landscape in which they operate. If they did, they would understand that many client devices won't get patched in a timely fashion, or at all (old Android devices, IoT devices etc), and they would understand that the best thing they could do for their customers would be to ensure all APs are patched.
I'm literally done with TP-Link after this. I will be recommending all businesses, friends and family members replace any TP-Link devices ASAP.
I think the biggest failing is lack of a security incident response process to address this issue in a timely manner and proper communication to customers. I posted similar points and received responses saying it's only a client side issue. As I mentioned, I will reserve judgment until I can test with an exploit kit. Now that they have released the list of effected devices, we can test on the other products that are not effected.
Security is a shared responsibility between end users and all of the manufactures of various devices. If there is a security issue, it needs to be addressed by everyone. This is my last post on this issue until I can test exploit kits against my tplink router.
Just published:
https://github.com/vanhoefm/krackattacks-test-ap-ft
0
We appreciate your feedback. Feel free to let us know more. Log in to submit feedback.
0
We appreciate your feedback. Feel free to let us know more. Log in to submit feedback.
#51
Options
- Copy Link
- Report Inappropriate Content
Thread Manage
Announcement Manage
Posts: 334
Helpful: 16
Solutions: 0
Stories: 0
Registered: 2012-03-28
2017-10-17 11:29:42
Posts: 334
Helpful: 16
Solutions: 0
Stories: 0
Registered: 2012-03-28
Information
Helpful: 0
Views: 26525
Replies: 149
Voters 0
No one has voted for it yet.
Tags
Report Inappropriate Content
Transfer Module
New message