krack hack patch
I learned today that wifi routers (AirPort Extreme) can be hacked with KRACK. Is there a fix for this?
iPhone 6, iOS 8.3
You can make a difference in the Apple Support Community!
When you sign up with your Apple Account, you can provide valuable feedback to other community members by upvoting helpful replies and User Tips.
When you sign up with your Apple Account, you can provide valuable feedback to other community members by upvoting helpful replies and User Tips.
I learned today that wifi routers (AirPort Extreme) can be hacked with KRACK. Is there a fix for this?
iPhone 6, iOS 8.3
Please, people, educate yourselves. The hack is limited to clients and has to do with the WPA2 4 handshake protocol. The hack is made possible by the CLIENT’s response to the fourth handshake, not the authenticator (router). The flaw has been around since day 1 of the WPA2 implementation. It’s a flaw in how the protocol was implemented. This is NOT an Apple only issue. Any device that uses WPA2 is affected. The router is not the base cause and cannot be hacked unless it acting as a client to another router, something almost no home network does. If you want to educate yourself and find out what’s really going on trying watching this video. It’s about twenty minutes long and will tell you everything you want to know about KRACK in great detail. Apple Wi-Fi clients have all been patched in current beta releases. No need to panic or be paranoid.
https://twit.tv/shows/security-now/episodes/633?autostart=false
Fast forward to the 1:32:08 point and listen.
And finally, Apple has NOT stopped support of its networking products. It was a rumor based on another rumor that claimed Apple was reassigning engineers from its networking products team to other projects. RUMOR only, no verification and no confirmation from Apple. Apple networking products are supported and available at Apple stores, online, and at resellers like Best Buy and Amazon. Like the Mac Mini, the Airport and Time Capsule haven’t seen hardware updates in a few years. That does not mean they are no longer supported so STOP with the babbling nonsense.
Please, people, educate yourselves. The hack is limited to clients and has to do with the WPA2 4 handshake protocol. The hack is made possible by the CLIENT’s response to the fourth handshake, not the authenticator (router). The flaw has been around since day 1 of the WPA2 implementation. It’s a flaw in how the protocol was implemented. This is NOT an Apple only issue. Any device that uses WPA2 is affected. The router is not the base cause and cannot be hacked unless it acting as a client to another router, something almost no home network does. If you want to educate yourself and find out what’s really going on trying watching this video. It’s about twenty minutes long and will tell you everything you want to know about KRACK in great detail. Apple Wi-Fi clients have all been patched in current beta releases. No need to panic or be paranoid.
https://twit.tv/shows/security-now/episodes/633?autostart=false
Fast forward to the 1:32:08 point and listen.
And finally, Apple has NOT stopped support of its networking products. It was a rumor based on another rumor that claimed Apple was reassigning engineers from its networking products team to other projects. RUMOR only, no verification and no confirmation from Apple. Apple networking products are supported and available at Apple stores, online, and at resellers like Best Buy and Amazon. Like the Mac Mini, the Airport and Time Capsule haven’t seen hardware updates in a few years. That does not mean they are no longer supported so STOP with the babbling nonsense.
Where did you hear this? The press are reporting that Apple has told them that Airport devices are not affected (and fixes for iPhones, iPads, Macs, etc. are in the next point release of their OSs currently in beta): www.imore.com/krack
Before you start running around shouting the sky is falling..
1. This has only been discovered and mechanism released today as research paper. To get those as tools for hackers could take sometime.. the average hacker is buying the script.. not writing their own.
2. For this attack to work, a person must be in your immediate vicinity with suitable equipment.. this has to be done by direct connection to your wifi.. if you live in apartment block filled with people who never leave and are feed by continuous stream of pizza delivery.. be worried.. if you live in normal suburban area, where the number of people is small, who could actually connect to your wifi.. be alert not alarmed.. the world is not ending tomorrow.. or even the day after. watch out for black vans with blacked out windows in front of your house.. but that is true at any time.
3. If you own android it is far worse than iOS although the hint is linux and MacOS are pretty vulnerable.
Hi, Bob
At home, I mainly use an iPad wifi-connected to an AirPort generation 2 router. This is fed by an Ethernet cable connected to an AirPort Extreme router. Will this avoid a Krack attack? Or will it be necessary to switch the router off, but if I do, will this cut the Ethernet feed? That is to say do the Extreme’s Ethernet feeds require power?
Ken
What you say may be true; however, this remains an open vulnerability in Airport and Time Capsule products.
It would prove Apple's commitment to its customers to provide an update to fix this, even more so since they've abandoned the products.
I've been generally very happy with my Airport products, I think my 3TB Time Capsule is the 4th product in the Airport family I've owned starting with the flying model with the modem. The TC has restored a disk once, infrequently provided a needed lost file (maybe a couple of times), and in general done this while remaining invisible. I've had to trash a backup and start over once or maybe twice, but that's it. The Apple Airport products have all be been very good for their time.
I'll keep this thing going until the hard drive fails if Apple updates it.
Otherwise it's out the door in a few weeks.
JIC, I'm gonna be shopping around for a router with some additional security features besides no KRACK. And a new backup system.
JIC, I'm gonna be shopping around for a router with some additional security features besides no KRACK. And a new backup system.
Remember every other router is vulnerable.. not one is excluded.. this is a flaw in the WPA2 spec. Only a couple of companies have even announced firmware updates.. e.g. Ubiquiti and Cisco. As to be expected the more professional companies rather than domestic tend to be ahead of the curve.
Also all the clients are vulnerable.. you can fix the router and still get KRACKED>.. this is not only a router failure.. this is the whole WPA2 spec.
Certainly you can buy an Asus router today.. and use it with VPN.. connect all your wireless devices only through the vpn.. that means if the wireless is cracked.. the packets are still encrypted in the VPN tunnel. Expect about a 30% slow down in your transfer speeds at least.. maybe a lot more.
Don't worry, I'm not buying anything unless it has a fix of some sort.
There are a few routers with some network security protection built-in or available as add-ons. I've looked into them and some time ago I had hope that a future Apple Airport would be an industry leader in that too.
I've had Apple's since the MacPlus, but my 2014 Mini has been a major disappointment in so many ways I'm wavering for my next computer, BTW it runs High Sierra. El Capitan was a disaster on my iMac, fixed by Sierra. I can't update the iMac to High Sierra without buying a new version of Office, so my options are open for the future. We pound our Windows PCs at work hard and they never falter.
I hope Tim Cook realizes that brand loyalty has limits.
Ken,
If Apple Airport devices are indeed vulnerable to the Krack Hack and if you live in an area where it is likely someone with the right tools and motivation could connect to your WiFi signal, then any device communicating via WiFi to your base stations would be vulnerable. I haven’t followed the iMore link above to verify if Apple devices are or are not vulnerable, but the issue as I understand it allows a properly skilled and equipped person to crack (or change in the case of Android) the WPA2 key and subsequently monitor Wi-Fi traffic between Wi-Fi connected devices and your Wi-Fi access point(s).
There are a few “ifs” there, but the point is that the vulnerability has to do with Wi-Fi traffic regardless of how your network devices are connected to each other.
Update...
This is what iMore said about Apple products...
“Update: Apple has told iMore that KRACK has already been fixed in the beta versions of iOS, macOS, watchOS, and tvOS, and that AirPort routers and Time Capusules don't appear to be vulnerable too the exploit.”
“Update: Apple has told iMore that KRACK has already been fixed in the beta versions of iOS, macOS, watchOS, and tvOS, and that AirPort routers and Time Capusules don't appear to be vulnerable too the exploit.”
If you are really interested in what Apple will or will not do regarding this issue, you might want to wait for an official statement from Apple.
AirPort routers and Time Capusules don't appear to be vulnerable too the exploit
That's reassuring as ****! (I meant the place you go when you die and don't go to heaven, not the F word, btw)
Also, I doubt old TC, if vulnerable, will get an update.
(not gonna rant about it - had a huge post but we'll stick with that)
3. If you own android it is far worse than iOS although the hint is linux and MacOS are pretty vulnerable.
The first being worst than the second says nothing about the second and being an Apple customer one should care less than nothing about other devices.
(I understand what's ament to say but Android is Google/third party problem, not Apple's customers)
Not sure why you replied to me, quoting information that I did not provide.
My input was this.......If you want to know what Apple is or is not doing regarding this issue, you might want to wait for an official statement from Apple.
Third hand information, rumors, and speculation unfortunately appears in far too many forum posts.
Well, this fixes Apple devices but I’m, betting you have numerous non-Apple devices that may or may not get patched. Most HDTVs connect to your home network these days with Wi-Fi. So do Blu-ray players, AVR stereo systems, game systems, smart home devices like thermostats, lights, switches, door locks, refrigerators, garage door openers. Wi-Fi has become ubiquitous and any of those devices can be targeted to get access to your home Wi-Fi network. Will your thermostat or garage door opener get updates? Think about that.
this fixes Apple devices
Not quite, unless I missed something from the Apple "updates".
What if you have an AirPort Express, AirPort Extreme or AirPort Time Capsule acting as a wireless extender for the network? In order to do this, the AirPort must be configured to operate as a wireless client on the network, just like any other wireless device that might connect to the network.
If there was a firmware "fix" for AirPorts behaving as wireless clients on a network.....just like any of the other wireless clients that you have named above.....TVs, thermostats, smart home devices, etc......I missed it.
No firmware updates have appeared for the AirPorts....or....did I miss something?
Don't think you fully understood what was mentioned in an earlier post.
I got that information, which assumed that the AirPorts were acting as routers.
But....if the AirPorts are configured to act as extenders, or an AirPort Express is set up to join a network for AirPlay.....the devices "join" a wireless network as wireless clients.....so they are not acting as routers.
It is the clients on a network that are subject to attack, just like any other client....a computer, a mobile device, a TV, a thermostat, etc.
So, Apple provided fixes for other clients.....Macs running High Sierra, Sierra and El Capitan, and iPhones/iPads running a current iOS operating system, the AppleTV4, and others.....but no fix for the AirPorts when they act as clients.
Think about all the users....most of them using 3rd party wireless routers or ISP provided modem/routers....who have purchased an AirPort Express for use with AirPlay. I'll bet that 95% of them connect using wireless.
Most.....maybe 60-70% of Apple users who have set up an AirPort to extend a network are unfortunately using wireless to connect.....because they don't want to run the Ethernet cable.
krack hack patch