What is KRACK Vulnerability and How WPA-2 was compromised
GeneralThis forum is for non-technical general discussion which can include both Linux and non-Linux topics. Have fun!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
What is KRACK Vulnerability and How WPA-2 was compromised
Anyone here is heard about the KRACK Vulnerability?
WPA2 encryption protocol was compromised by KRACK vulnerability because hackers can now decrypt the data but you can protect your IoT devices by avoiding connecting to Wi-FI routers and start using VPN of your devices. Here is the full brief on.
[removed]It may help you.
Thanks.
Remember that WPA2 was never really intended to be all that secure. It was devised to be an improvement to WEP, but to be compatible with hardware designed for WEP. The data-scrambling capabilities of wireless hardware are actually comparatively weak.
Anytime you are connected to a "secure" web site, the underlying content of your packets are encrypted using TLS, which is strong. If you use VPN, the content is also securely encrypted.
Most web sites these days – including LQ – are using encryption for everything, primarily so that users can be certain that they are, in fact, communicating with the real site and not a man-in-the-middle proxy. If you see a "lock" icon by the URL, then you know that all of the data you're sending to that web site has been securely encrypted before being handed to the network. "No one else in the coffee shop" can understand any of it, even if they filched it using this or any other WPA2 crack.
But also – a great many of these exploits depend on the user in question being "an Administrator." (Which, in Linux parlance, is "a member of the ("I'm a big ...")wheel group.) And that restrictive policies are not in place.
I'm sorry but the "typical Windows user" does NOT have full administrator rights without either Logging on as Administrator with Adinistrator rights or by using so called "safe mode" which is restricted anyay.
Distribution: Currently: OpenMandriva. Previously: openSUSE, PCLinuxOS, CentOS, among others over the years.
Posts: 3,881
Rep:
Quote:
Originally Posted by dave@burn-it.co.uk
I'm sorry but the "typical Windows user" does NOT have full administrator rights without either Logging on as Administrator with Adinistrator rights or by using so called "safe mode" which is restricted anyay.
The only problem with that is that, most Windows users I see, DO login under a "Administrator" account, as unlike most Linux/UNIX users, don't think about the rights, such a user account has. That's a fact.
+1 #7 I think my XP only has a single Admin user; Idk: I never 'login'!!! I personally hate that most Linux makes me waste effort typing in:
root\Nroot (or sometimes user\nuser)
My preferred distro mllhas no /etc/passwd !!!
Edit: sorry, OT since #6. My apology for this reply.
Distribution: Currently: OpenMandriva. Previously: openSUSE, PCLinuxOS, CentOS, among others over the years.
Posts: 3,881
Rep:
Quote:
Originally Posted by !!!
+1 #7 I think my XP only has a single Admin user; Idk: I never 'login'!!! I personally hate that most Linux makes me waste effort typing in:
root\Nroot (or sometimes user\nuser)
My preferred distro mllhas no /etc/passwd !!!
Good point! (about WinXP that is)
Quote:
Edit: sorry, OT since #6. My apology for this reply.
In order to ge FULL Administrator rights under Windows you must log in with the user name Administrator as well as have administrator rights. Anything else is only a subset.
Distribution: Currently: OpenMandriva. Previously: openSUSE, PCLinuxOS, CentOS, among others over the years.
Posts: 3,881
Rep:
Quote:
Originally Posted by dave@burn-it.co.uk
In order to ge FULL Administrator rights under Windows you must log in with the user name Administrator as well as have administrator rights. Anything else is only a subset.
Ah, David, It's the NT_AUTHORITY\System account that is the most powerful "Administrator" account under Windows and is a FULL member of the "Administrators" user group. Which "Administrator" accounts are also FULL members of. Also, you cannot use the NT_AUTHORITY\System as a normal 'login' account, as it is only used for system services/purposes.
The EFF published an article about this yesterday. They are concerned, but think much of the coverage borders on hysterical, if it doesn't actually cross the border.
This week security researchers announced a newly discovered vulnerability dubbed KRACK, which affects several common security protocols for Wi-Fi, including WPA (Wireless Protected Access) and WPA2. This is a bad vulnerability in that it likely affects billions of devices, many of which are hard to patch and will remain vulnerable for a long time. Yet in light of the sometimes overblown media coverage, it’s important to keep the impact of KRACK in perspective: KRACK does not affect HTTPS traffic, and KRACK’s discovery does not mean all Wi-Fi networks are under attack. For most people, the sanest thing to do is simply continue using wireless Internet access.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.