Follow Slashdot blog updates by subscribing to our blog RSS feed

 


Forgot your password?
Close
typodupeerror
×
Wireless Networking Bug Security

New Vulnerabilities Found In WPA3 WiFi Standard (zdnet.com) 58

Posted by EditorDavid from the pwning-passwords dept.
Slashdot reader Artem S. Tashkinov writes: Mathy Vanhoef and Eyal Ronen have recently disclosed two new additional bugs impacting WPA3. The security researched duo found the new bugs in the security recommendations the WiFi Alliance created for equipment vendors in order to mitigate the initial Dragonblood attacks [found by the same two security researchers]. "Just like the original Dragonblood vulnerabilities from April, these two new ones allow attackers to leak information from WPA3 cryptographic operations and brute-force a WiFi network's password," reports ZDNet.
More from ZDNet: "[The] Wi-Fi standard is now being updated with proper defenses, which might lead to WPA3.1," Vanhoef said. "Although this update is not backwards-compatible with current deployments of WPA3, it does prevent most of our attacks," the researchers said.

But besides just disclosing the two new Dragonblood vulnerabilities, the two researchers also took the chance to criticize the WiFi Alliance again for its closed standards development process that doesn't allow for the open-source community to contribute and prevent big vulnerabilities from making it into the standard in the first place.

"This demonstrates that implementing Dragonfly and WPA3 without side-channel leaks is surprisingly hard," the researchers said. "It also, once again, shows that privately creating security recommendations and standards is at best irresponsible and at worst inept."
While these type of feedback might be ignored when coming from other researchers, it means more when it comes from Vanhoef. The Belgian researchers is the one who discovered the KRACK attack that broke the WPA2 WiFi authentication standard and forced the WiFi Alliance to develop the WPA3 standard, which it launched in June 2018.
This discussion has been archived. No new comments can be posted.

New Vulnerabilities Found In WPA3 WiFi Standard More

New Vulnerabilities Found In WPA3 WiFi Standard

Comments Filter:

  • I don't want the source code for the driver. I want the source code for EVERYTHING. I want the source code for the wifi firmware, I want the source code for the driver, I want the source code for my router, my management engine firmware, my printer, my hard drive, my everything.

    Without sources I can't be reasonably confident that we have a chance at fixing the problems that exist or securing the systems I've been fraudulently sold. When you sell an item you are giving up control of that item. However that i

    • Re: (Score:1)

      by Anonymous Coward

      Make no mistake the N$A has their hooks in all that firmware.

    • Re: People keep calling me crazy for demanding sou (Score:3, Funny)

      by Anonymous Coward

      It's not just enough to have the source code to drivers. The drivers need to be written in an ultra safe programming language, too. Only one programming language meets that criteria today: Rust.

      I think we'll only see truly secure systems when we finally have full stack Rust software, meaning that the only code that's running on a given computer is written in Rust.

      • Re: (Score:1)

        by Anonymous Coward

        It's not just enough to have the source code to drivers. The drivers need to be written in an ultra safe programming language, too. Only one programming language meets that criteria today: Rust.

        I think we'll only see truly secure systems when we finally have full stack Rust software, meaning that the only code that's running on a given computer is written in Rust.

        And at that point someone will still find a security vulnerability.
        For example a quick check of the vulnerabilities in the report show that none of them would have been mitigated by using Rust.

        unless you go back to basically 486 days or leave x86 your dream will most likely never become true but it's a nice idea.

      • This arrogance around Rust is really exhausting. While the language may help avoid certain edge cases, it still requires the protocols and algorithms are themselves secure. Your faith in a language to somehow shit security rainbows is immature and it shows you don't have a true understanding software engineering or computer science. Also, if developers stop worrying about edge cases, because Rust, you are going to create a situation where security is an afterthought.

        • Re: (Score:2)

          by _merlin ( 160982 )

          I don't think the AC you're replying to believes Rust is a panacea for security issues. The meme has taken on a life of its own and now gets posted as a joke.

      • I don't think it was meant to be funny (even though it is), for some time now I've been seeing some very low level PR campaign on /. about RUST in the form of "Title: A Rocket Failed - comment: if it had been programmed in RUST it wouldn't have failed" - not sure if it's a good sign or bad for this language though.

        Not to be offtopic, going back to the article: ... "It also, once again, shows that privately creating security recommendations and standards is at best irresponsible and at worst inept." - th

    • Re: (Score:2, Funny)

      by AHuxley ( 892839 )
      Just use ethernet AC. Any device with wifi? Turn off wifi. Plug in the ethernet.

  • We should hold off on buying that new AP we've been coveting.

    • It doesn't really matter, if you haven't been using WPA2 enterprise, you probably aren't super concerned about security on your wifi access point anyway.

      I recommend leaving your wifi open, without a password, and using HTTPS to keep your traffic hidden.

      • It doesn't really matter, if you haven't been using WPA2 enterprise, you probably aren't super concerned about security on your wifi access point anyway.

        I've never seen a WPA2 enterprise deployment I would consider to be secure.

        Backend transport of encryption keys is a total mess.

        Very few clients are properly configured to sufficiently constrain certificate issuers and identity. Most of the popular supplicants have extraordinarily dangerous default behavior.

      • Bad suggestion unless you don't care about your bandwidth. The correct answer is lock it down then treat it as if it is open.
        • I'm happy to let people use my bandwidth.
          • ... and yet you straight out refuse to admit you gave bad advice by failing to recognize that smart people are not OK with strangers using their LANs.
            • If you're really smart then you'll figure out a way to deal with it.

              My advice was to normal people, not heartless people like you who want to hoard bandwidth.
              • It has nothing to do with being "heartless" and everything to do with not wanting to be blacklisted because someone else either is malicious or has malware that is malicious. Just admit you didn't think before you posted instead of digging yourself deeper.
                • I thought long and hard, what are you talking about? I think you should share your wifi, and I share mine. If you want something different, go somewhere else.

                  Furthermore you ignored the main point, which is that if you aren't using WPA2 enterprise or something similar, you don't care about security enough to research how to secure a wireless LAN anyway. That probably matches you, which is why you are so irrationally upset.

                  • I thought long and hard, what are you talking about?

                    That isn't even remotely believable.

                    Furthermore you ignored the main point, which is that if you aren't using WPA2 enterprise or something similar, you don't care about security enough to research how to secure a wireless LAN anyway.

                    You are an idiot. WPA2 Personal is more than sufficient to keep people out in 99.9% of all cases. You need to learn to shut the fuck up when it comes to how security works. You are the same idiot that says "unless you are wilin

                    • You are an idiot. WPA2 Personal is more than sufficient to keep people out in 99.9% of all cases

                      So is WEP. I don't think you have a point.

                    • I never said that given the choice between WEP and wide open you should choose wide open. Since no modern router forces that choice it is not an issue that needs to be considered. Even you aren't as stupid as you are pretending to be right now.

    • We should hold off on buying that new AP we've been coveting.

      Well, why buy it when you can p0wn it?

      • Give it a rest. The chances of any wireless connection being hacked, WPA2 or WPA3, is virtually non-existent unless an APT has targeted you.

  • That's it, I'm going back to WEP (Score:4, Funny)

    by jfdavis668 ( 1414919 ) on Sunday August 04, 2019 @04:01PM (#59038910)
    If they are going to crack everything that comes out, might as well go back to the simplest.

  • My (aging but still chugging along) Apple Airport Extreme was not affected by the original Dragonfly attacks. I suspect these new variants won't impact my equipment either.

    It's really too bad Apple stopped making wifi equipment. I found it to be pretty robust compared to the D-Link and Linksys hardware I'd previously owned.

    • If your aging wifi equipment hasn't been updated recently, it's probably vulnerable to a bunch of WPA2 attacks [krackattacks.com].

      • Apple released patches for its hardware against KRACK back in 2017 - first on the client side, then later on their routers. Despite discontinuing the hardware, they've pushed a few firmware updates for their base stations during the past few years.

    • It's really too bad Apple stopped making wifi equipment. I found it to be pretty robust compared to the D-Link and Linksys hardware I'd previously owned.

      There are a lot better choices in the middle of the road between the two - especially Asus and Netgear on the consumer side.

      The Airport devices were very prone to overheating and then losing their configuration.

  • I'll have to buy the White Album again.
    https://www.youtube.com/watch?... [youtube.com]

  • Implementation vs specification bugs (Score:5, Insightful)

    by WaffleMonster ( 969671 ) on Sunday August 04, 2019 @05:57PM (#59039216)

    Cache/timing side channels are IMPLEMENTATION bugs.

    Asserting this crap represents a vulnerability in WPA3 standards is like saying RFC791 is vulnerable to crashing systems because Microsoft fucked up their implementation (ping of death).

    Downgrade attacks were obvious to all out of the gate. The only way to win is not to allow it in the first place.

  • WPA is at the wrong layer (Score:3)

    by reanjr ( 588767 ) on Sunday August 04, 2019 @09:13PM (#59040010) Homepage

    Meh. WPA is at the wrong layer for security. It's a nice-to-have. Your device needs to be secured along with end-to-end encryption. Period. Full stop. Network security is so 80s.

Slashdot Top Deals

What is research but a blind date with knowledge? -- Will Harvey

Close