cancel
Showing results for 
Search instead for 
Did you mean: 
Anonymous User
Not applicable

WPA Krack issue

Hi NowTV, when do you expect to have a patched firmware for the WPA Krack issues? 

14 REPLIES 14
Anonymous User
Not applicable

yes, i think we'd all like to see a prominently displayed message and guidance.

Andy
Legend 5
Legend 5

@jackalope

Welcome to the forum. Are you a NOW TV Combo customer, as the main focus would be knowing if the NOW TV hub (or router of whichever broadband provider you have) needs patching (some providers have already been patching).

 

The exploit requires someone to be in physical range of your wifi network, so unless you notice someone with a laptop sat in a car outside or you have dodgy neighbours there's no immediate need to panic, but worth following all the usual sensible guidance such as checking certificates of any https websites you connect to, only shopping on secure websites, being especially aware of public networks and making sure computers, phones and tablets (especially Android) are updated as soon as updates show available.

 

I'd also like to know what the position is with the NOW TV Hub so I'll tag a few of the NOW TV Team to see if there's any info they can provide.

 

@Eddie-M @Anonymous User @Anonymous User @Tony-D

Anonymous User
Not applicable

Yes of course, yep i'm a now TV customer with the black box . that all makes sense. It would be very helpful to know what the risk is from the nowtv side. This is especially an issue if you were living in a block of flats with many people close to your AP. Might finally be time to get a unifi or meraki. 

Tony-D
NOW Team Member
NOW Team Member


@Anonymous User wrote:

Hi NowTV, when do you expect to have a patched firmware for the WPA Krack issues? 


This is the Android Based WPA2 Security issue yes?

 

As @Andy has mentioned above, the 'hacker' needs to be within range of your router or network. If you are really paranoid about it you can use this Guide http://classroom.synonym.com/monitor-internet-activity-router-21455.html to find out how monitor incoming and outgoing connections. If a patch is to be realeased i'll update this post on what's happening 🙂

 

As far as i'm aware @Anonymous User  Our Roku is based on haevily modified version of Linux and shouldn't be a vulnerability. However we still have to identify IF any of our devices needs a fix pushed OTA. From what i've been told from higher up is that if you change your anti-virus software settings to 'Public Network'. This will give them an additional layer of protection.

We take the security of our customers extremely seriously and, along with the rest of the industry, are looking into this matter as a priority. 

 

If, you do have an android device and are concerned about KRACK, post here and we can dsicuss it. Even if it has nothing to do with NOW TV post it here. The more info we get to each other the better. However, as this is affecting a large userbase i'd suspect Google to push a hotfix ASAP as this can damage there brand way more than anything else can.

 

UPDATE:

The biggest problem for client devices (i.e. not routers or Wi-Fi access points) is Android. Researchers suggest that 41% of Android devices are vulnerable to an “exceptionally devastating” version of the attack, which allows attacks to insert fake websites into a network and collect sensitive information.

Google has said that its own Pixel devices will be the first to get a patch for the attack, and that will come on November 6th. Other manufacturers will likely push Android updates to fix the flaw sometime after Google, but given the number of Android devices still being used that won’t get a security update, old Android devices are likely to be the weakest link.

 

Source: http://bgr.com/2017/10/16/krack-wi-fi-wpa2-patches-available-android-ios-windows/

 

Looks like, that if you have an older android device and do live in a block of flats or very plublic place, avoid connecting to your AP at this point.  I'll keep udating this thread if i hear anything else.

 

 

UPDATE: List of Devices and Manufactures that have pushed fixes.

 

Arris: a spokesperson said the company is "committed to the security of our devices and safeguarding the millions of subscribers who use them," and is "evaluating" its portfolio. The company did not say when it will release any patches.

Aruba: Aruba has been quick off the mark with a security advisory and patches available for download for ArubaOS, Aruba Instant, Clarity Engine and other software impacted by the bug.

AVM: This company may not be taking the issue seriously enough, as due to its "limited attack vector," despite being aware of the issue, will not be issuing security fixes "unless necessary."

Cisco: The company is currently investigating exactly which products are impacted by KRACK, but says that "multiple Cisco wireless products are affected by these vulnerabilities."

"Cisco is aware of the industry-wide vulnerabilities affecting Wi-Fi Protected Access protocol standards," a Cisco spokesperson told ZDNet. "When issues such as this arise, we put the security of our customers first and ensure they have the information they need to best protect their networks. Cisco PSIRT has issued a security advisory to provide relevant detail about the issue, noting which Cisco products may be affected and subsequently may require customer attention.

"Fixes are already available for select Cisco products, and we will continue publishing additional software fixes for affected products as they become available," the spokesperson said.

In other words, some patches are available, but others are pending the investigation.

Espressif Systems: The Chinese vendor has begun patching its chipsets, namely ESP-IDF and ESP8266 versions, with Arduino ESP32 next on the cards for a fix.

Fortinet: At the time of writing there was no official advisory, but based on Fortinet's support forum, it appears that FortiAP 5.6.1 is no longer vulnerable to most of the CVEs linked to the attack, but the latest branch, 5.4.3, may still be impacted. Firmware updates are expected.

FreeBSD Project: A patch is actively being worked on for the base system.

Google: Google told sister-site CNET that the company is "aware of the issue, and we will be patching any affected devices in the coming weeks."

HostAP: The Linux driver provider has issued several patches in response to the disclosure.

Intel: Intel has released a security advisory listing updated Wi-Fi drives and patches for affected chipsets, as well as Intel Active Management Technology, which is used by system manufacturers.

Linux: As noted on Charged, a patch is a patch is already available and Debian builds can patch now, while OpenBSD was fixed back in July.

Netgear: Netgear has released fixes for some router hardware. The full list can be found here.

Microsoft: While Windows machines are generally considered safe, the Redmond giant isn't taking any chances and has released a security fix available through automatic updates.

MikroTik: The vendor has already released patches that fix the vulnerabilities.

OpenBSD: Patches are now available.

Ubiquiti Networks: A new firmware release, version 3.9.3.7537, protects users against the attack.

Wi-Fi Alliance: The group is offering a tool to detect KRACK for members and requires testing for the bug for new members.

Wi-Fi Standard: A fix is available for vendors but not directly for end users.

WatchGuard: Patches for Fireware OS, WatchGuard legacy and current APs, and for WatchGuard Wi-Fi Cloud have become available.

Apple: Apple has patched the issue in iOS, tvOS, watchOS, macOS betas with fixes due to roll out to consumers soon.

 

 

Taken from www.zdnet.com

Anonymous User
Not applicable

Hi all, I'm new to this forum but work in IT covering cyber security.

You may have seen this in the news today regarding a recently discovered WPA2 vulnerability https://www.wired.com/story/krack-wi-fi-wpa2-vulnerability/ 

 

Essentially any wifi device communicating with a vulnerable AP (router) may allow an attacked to gather sensitive data (usernames, passowrds, bank details etc). WPA2 is an encrypted protocol but due to the way it is implemented in a lot of routers it leaves them open to this type of attack.

 

@Anonymous User could you tell me:

 

Are your routers currently vulnerable?

 

If so, when will there be a software update available to resolve?

 

Thanks

Tony-D
NOW Team Member
NOW Team Member

@Anonymous User wrote:

Hi all, I'm new to this forum but work in IT covering cyber security.

You may have seen this in the news today regarding a recently discovered WPA2 vulnerability https://www.wired.com/story/krack-wi-fi-wpa2-vulnerability/ 

 

Essentially any wifi device communicating with a vulnerable AP (router) may allow an attacked to gather sensitive data (usernames, passowrds, bank details etc). WPA2 is an encrypted protocol but due to the way it is implemented in a lot of routers it leaves them open to this type of attack.

 

@Anonymous User could you tell me:

 

Are your routers currently vulnerable?

 

If so, when will there be a software update available to resolve?

 

Thanks


I've moved this post to this thread so it's all in one place @Anonymous User Cheers.

Anonymous User
Not applicable

Thanks Tony, yes that all makes sense and ya I think it mostly affects android devices, especially as you say older ones that won't get patched. But I wouldnt advise customers to use that page, its not very helpful. 

 

http://classroom.synonym.com/monitor-internet-activity-router-21455.html

 

  • The syslog feed from the nowtv box doesn't log sites visisted etc. (from what i remember from my previous sky box) just the router logs so you would probably need a different router or gateway firewall in place
  • Netstat will only be applicable for the individual host to the network - wireshark might be a bit more useful here 
  • Passler looks OK, but TDI mon is discontinued

The update list is very helpful thanks :). 

 

This would be awesome if I had spare monies https://www.indiegogo.com/projects/fingbox-network-security-wi-fi-troubleshooting

Tony-D
NOW Team Member
NOW Team Member

@Anonymous User wrote:

Thanks Tony, yes that all makes sense and ya I think it mostly affects android devices, especially as you say older ones that won't get patched. But I wouldnt advise customers to use that page, its not very helpful. 

 

http://classroom.synonym.com/monitor-internet-activity-router-21455.html

 

  • The syslog feed from the nowtv box doesn't log sites visisted etc. (from what i remember from my previous sky box) just the router logs so you would probably need a different router or gateway firewall in place
  • Netstat will only be applicable for the individual host to the network - wireshark might be a bit more useful here 
  • Passler looks OK, but TDI mon is discontinued

The update list is very helpful thanks :). 

 

This would be awesome if I had spare monies https://www.indiegogo.com/projects/fingbox-network-security-wi-fi-troubleshooting


@Anonymous User Note taken, thanks for giving the link a lookover for me anyway. I'll edit to remove the link. Still no word on a patch yet for the Router but i'll keep checking. If i get any more updates on patches for specific services/devices i'll update the list. Thanks again for the input 🙂

 

Edit:

 

That's an amazing piece of tech right there. Hopefully it comes to the masses soon. Would love one myself.

Andy
Legend 5
Legend 5

@Tony-D

 

If you have any word on if the NOW TV Hub is vulnerable and/or when a fix is pushed I'd be grateful. Ta.