logosobscura
Member
 Offline
Activity: 84
Merit: 16
Tru Reputation Network Pre-Sale: tru.ltd/tokensale
|
 |
October 19, 2017, 03:24:21 AM |
|
Crypto isn’t the only thing that these types of hackers are after/give value to. I would think every password, sensitive financial information (SSN, account number etc.), and credit card number has some amount of value, especially if it was obtained in a non-mass hack way (as passwords stolen via the yahoo hack for example are known to be compromised and other business know to either force a reset or use extra caution when accepting said passwords).
If you live in that densely populated area then you will want to use a VPN to connect to any website you need to login to if you are using WiFi. Totally agree but Crypto targets do offer high rewards- it's less that Krack makes it easy to directly hit you with a MITM, but it does make you easier to flag, trace and devote more time to (seen some really concerning attacks against some individuals). On the VPN point, yeah, it amazes how many people think it's optional or do it for their laptop and not their phone (...?). See enough hacks, you get paranoid quick, and I've seen some quite amazing ones. |
|
|
|
|
|
|
|
|
|
|
|
|
"Bitcoin: mining our own business since 2009" -- Pieter Wuille
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
|
|
|
Wind_FURY
Legendary
Offline
Activity: 2898
Merit: 1823
|
|
October 19, 2017, 05:27:51 AM |
|
The patches are out everyone. You should install them before the automated tools for this vulnerability comes online. I read that all operating systems should install the patches while routers are optional. But it is still recommended to update their firmware.
Pass the word around the forum. This is especially important for cryptocurrency users.
|
| .SHUFFLE.COM.. | ███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████ | ███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████ | .
...Next Generation Crypto Casino... |
|
|
|
Karartma1
Legendary
Offline
Activity: 2310
Merit: 1422
|
|
October 19, 2017, 09:08:09 PM |
|
I have an old mobile hotspot from ZTE that will not receive any patch. I will have to buy a new one to avoid the risks associated. Damn KRACK  |
|
|
|
|
|
Coin-Keeper
|
|
October 19, 2017, 09:31:59 PM |
|
I have been working on this KRACK thing. My router has been patched and my linux systems have too. I know this may appear just a bit off topic but one great security counter measure is the hardware wallet. I know KRACK is about more than crypto but for coins I love the Trezors (or other good hardware wallets). No matter what, say the next hack when KRACK is fixed, the private keys will still remain safe. My privacy computers such as this one all use Cat 6 and encrypted relay jumps. Even then I prefer to keep all private btc keys inside a hardware wallet only.
|
|
|
|
|
marky89
|
|
October 19, 2017, 10:06:46 PM |
|
I have been working on this KRACK thing. My router has been patched and my linux systems have too. I have a router from AT&T and they seem pretty clueless. I called and asked a rep and he said the router was "already secure" despite no firmware updates, but I don't think he knew what he was talking about. He told me they don't even do firmware updates on routers. So, question: My operating systems have all been patched (Windows 7SP1, 8 and 10). Does that mean that my PCs are safe to use normally, or am I still vulnerable because of the router? It seems the likelihood of falling victim to this attack vector is low, but you can never be too careful... |
|
|
|
Quickseller
Copper Member
Legendary
Offline
Activity: 2870
Merit: 2298
|
|
October 20, 2017, 02:18:21 AM |
|
Crypto isn’t the only thing that these types of hackers are after/give value to. I would think every password, sensitive financial information (SSN, account number etc.), and credit card number has some amount of value, especially if it was obtained in a non-mass hack way (as passwords stolen via the yahoo hack for example are known to be compromised and other business know to either force a reset or use extra caution when accepting said passwords).
If you live in that densely populated area then you will want to use a VPN to connect to any website you need to login to if you are using WiFi. Totally agree but Crypto targets do offer high rewards- it's less that Krack makes it easy to directly hit you with a MITM, but it does make you easier to flag, trace and devote more time to (seen some really concerning attacks against some individuals). On the VPN point, yeah, it amazes how many people think it's optional or do it for their laptop and not their phone (...?). See enough hacks, you get paranoid quick, and I've seen some quite amazing ones. I guess it is fair enough to say KRACK could potentially allow an attacker to “Dox” a bitcoin user and subsequently execute a different attack that involves the theft of bitcoin. If an attacker is not going to use a MITM attack to change a deposit address then he will need to either hack whatever device contains the private keys (difficult) via some other attack, or have physical access to said device (obtaining of which may involve the risk of arrest, violence or even death on the part of the attacker). I would note that a few very wealthy individuals are known to own bitcoin whose addresses are presumably known or at least are generally public with minimal research who apparently have not had their bitcoin stolen. |
|
|
|
|
Karartma1
Legendary
Offline
Activity: 2310
Merit: 1422
|
|
October 20, 2017, 07:47:51 AM |
|
I have been working on this KRACK thing. My router has been patched and my linux systems have too. I know this may appear just a bit off topic but one great security counter measure is the hardware wallet. I know KRACK is about more than crypto but for coins I love the Trezors (or other good hardware wallets). No matter what, say the next hack when KRACK is fixed, the private keys will still remain safe. My privacy computers such as this one all use Cat 6 and encrypted relay jumps. Even then I prefer to keep all private btc keys inside a hardware wallet only.
Hardware wallets should be fine so long as the keys are not exposed. This is a matter of data transmission and data leaks. Good old trezor and nano s should be unaffected |
|
|
|
|
bob123
Legendary
Offline
Activity: 1624
Merit: 2481
|
|
October 20, 2017, 04:27:14 PM |
|
So, question: My operating systems have all been patched (Windows 7SP1, 8 and 10). Does that mean that my PCs are safe to use normally, or am I still vulnerable because of the router?
If your PC is patched and your router is still vulnerable to this attack then it depends on which device initiates the handshake. One direction of your data stream can be decrypted (decrypted in terms of WPA2). If you are still encrypting your information with TLS (https) then you are completely safe. The KRACK attack puts you in a situation comparable with a free wifi hotspot in a public place. If your PC is clean and you are communicating via https (valid signatures from website provider) you are safe. |
|
|
|
|
marky89
|
|
October 20, 2017, 09:19:13 PM |
|
So, question: My operating systems have all been patched (Windows 7SP1, 8 and 10). Does that mean that my PCs are safe to use normally, or am I still vulnerable because of the router?
If your PC is patched and your router is still vulnerable to this attack then it depends on which device initiates the handshake. One direction of your data stream can be decrypted (decrypted in terms of WPA2). If you are still encrypting your information with TLS (https) then you are completely safe. The KRACK attack puts you in a situation comparable with a free wifi hotspot in a public place. If your PC is clean and you are communicating via https (valid signatures from website provider) you are safe. Thanks for the info. If I understand correctly, anything sent over https is safe from this attack. So, that should cover all my bases -- my banking sites, email, crypto exchanges, charting sites and Bitcointalk are all sent over an https connection. If you live in that densely populated area then you will want to use a VPN to connect to any website you need to login to if you are using WiFi.
The primary risk to crypto users is MITM attacks when depositing crypto (and to a lesser extent withdrawing crypto- many businesses use certain precautions that make these attacks more difficult). Assuming you aren’t using a web wallet, your private keys are safe and any transaction you sign can’t be changed (although you can be tricked into sending to an incorrect address), and unconfirmed transactions are no longer safe to accept due to the fee market, and faking a block would be very expensive and would not be guaranteed to work.
You would recommend using a VPN to log into websites, even if our OS is patched and sent over https? Getting conflicting messages in this thread. Also, just to confirm, there's no way this attack can expose the private keys in our desktop wallet, right? Because nothing would be sent over Wi-fi except the signed transaction. I think... |
|
|
|
bounty1996
Newbie
Offline
Activity: 6
Merit: 0
|
|
October 21, 2017, 06:49:46 AM |
|
For me just keep your devices up to date. That means that your device can download an update that protects against KRACK and still communicate with unpatched hardware while being protected from the security flaw. Given the potential reach of KRACK, patches are coming quickly from many major hardware and operating system vendors. Up-to-date Windows PCs, for example, are already protected.
|
|
|
|
|
desmodiAN
Member
Offline
Activity: 164
Merit: 19
|
|
October 21, 2017, 11:37:29 AM |
|
first of all dont use public wifis atm for sensitive information.
bank account, passwords, money transfers...
2nd check your own router and search for an appropriate update, or simply take a ethernet cable...
|
|
|
|
|
Intel 4004
Member
Offline
Activity: 84
Merit: 10
Nimium ne crede colori
|
|
October 21, 2017, 01:26:22 PM |
|
Update your devices and if you use crypto-related services like wallets and exchange on smartphone, use mobile data instead of WiFi networks. HTTPS, VPNs and other precautions doesn't really help with this attack. The real problem tho is in big cities like NY, LA, etc... Prefer LAN over WiFi  |
|
|
|
|
ranochigo
Legendary
Offline
Activity: 2954
Merit: 4165
|
|
October 21, 2017, 02:52:06 PM |
|
Thanks for the info. If I understand correctly, anything sent over https is safe from this attack. So, that should cover all my bases -- my banking sites, email, crypto exchanges, charting sites and Bitcointalk are all sent over an https connection.
Yes. But an attacker can always use SSLStrip to take the https off and force your computer to connect through the unsecured version. It is not a glaring issue since most website implemented it correctly and SSLStrip won't work. You would recommend using a VPN to log into websites, even if our OS is patched and sent over https?
It's hard to tell if the router is patched. Getting conflicting messages in this thread. Also, just to confirm, there's no way this attack can expose the private keys in our desktop wallet, right? Because nothing would be sent over Wi-fi except the signed transaction. I think...
Yes, none of the wallet that I know actually send private keys out of the system. Unless you are using an online wallet which credentials could be sent over. |
.
.HUGE. | | | | | | █▀▀▀▀
█
█
█
█
█
█
█
█
█
█
█
█▄▄▄▄ | ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
.
CASINO & SPORTSBOOK
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ | ▀▀▀▀█
█
█
█
█
█
█
█
█
█
█
█
▄▄▄▄█ | | |
|
|
|
bob123
Legendary
Offline
Activity: 1624
Merit: 2481
|
|
October 21, 2017, 05:12:35 PM |
|
So, question: My operating systems have all been patched (Windows 7SP1, 8 and 10). Does that mean that my PCs are safe to use normally, or am I still vulnerable because of the router?
If your PC is patched and your router is still vulnerable to this attack then it depends on which device initiates the handshake. One direction of your data stream can be decrypted (decrypted in terms of WPA2). If you are still encrypting your information with TLS (https) then you are completely safe. The KRACK attack puts you in a situation comparable with a free wifi hotspot in a public place. If your PC is clean and you are communicating via https (valid signatures from website provider) you are safe. Thanks for the info. If I understand correctly, anything sent over https is safe from this attack. So, that should cover all my bases -- my banking sites, email, crypto exchanges, charting sites and Bitcointalk are all sent over an https connection. Thats true if you are looking at the security aspect. Noone can steal your banking information or let you visit a phishing site (as long as you use a standard browser which shows https certificates). But its possible to read out meta data. This means an attacker could theoretically see packets arriving (or being sent; depending on the wpa handshake). Information like IP-Addresses (Websites visited) and duration of "interacting" with the website can be reviewed by an attacker. But the Key Reinstallation Atta CK is a targeted Attack, meaning the attacker has to be in your wifi range and he has to be specific aiming at you. |
|
|
|
|
soham
|
|
October 21, 2017, 05:52:00 PM |
|
Can anyone weigh in on the security implications of the recently disclosed KRACK attack for Bitcoin wallet usage on PCs that connect via Wi-fi? My initial reaction is that nothing is pushed until broadcasting the signed transaction, so nothing of concern should be exposed to a potential attacker.
But I'm a complete layman here, so I'd love for someone with more expertise to opine. I'm getting so paranoid that I'm tempted to stick to using an air-gapped PC to sign all transactions, then pushing them from a connected computer. Or I guess I could dig out the old ethernet cables...
Yes, I have also recently came to know about this when I received an email from my companies information security team. There are two precautions they have mentioned to save yourself from getting your data leaked. First, get your mobile or laptop a good internet security package. Not a free one, instead buy a good and known internet security package like Kaspersky or Norton. Secondly avoid joining any public wifi or hotspot service. It seems like the risk is more from the public wifi service which are mainly not monitored. These two precaution can save your from getting your data stolen from KRACK attack. |
|
|
|
|
walou
|
|
October 22, 2017, 04:20:11 PM |
|
My understanding this a problem within the WPA-2 protocol implementation, which means that a fix is needed for both client and access point(AP) side.
|
|
|
|
|
BTCMILLIONAIRE
|
|
October 22, 2017, 04:40:05 PM |
|
Could someone get access to my private keys through my WiFi even if I only connect through cable (but WiFi is activated)?
|
|
|
|
|
|
illyiller
|
|
October 22, 2017, 07:57:31 PM |
|
My understanding this a problem within the WPA-2 protocol implementation, which means that a fix is needed for both client and access point(AP) side.
Hmmm. My understanding from this thread is that patched operating systems (Windows, Apple, IOS, etc) are safe to use over wi-fi with unpatched hardware while communicating over SSL. If SSL is incorrectly implemented, I believe this will be noticed by your browser and you'll be alerted before entering your credentials over an insecure connection. Hopefully someone can correct me if I'm wrong. Could someone get access to my private keys through my WiFi even if I only connect through cable (but WiFi is activated)?
Your private keys shouldn't be exposed either way, if we're talking about a desktop wallet that you control. Wallets need to be able to work offline, and it would be a glaring security flaw to require communicating private keys over the internet in order to use Bitcoin. |
|
|
|
|
|
Coin-Keeper
|
|
October 22, 2017, 08:49:55 PM |
|
The router can only be attacked if you are running it as a Bridge. Otherwise it is not a client so KRACK doesn't apply.
|
|
|
|
|
pebwindkraft
|
|
October 23, 2017, 09:32:05 AM |
|
The router can only be attacked if you are running it as a Bridge. Otherwise it is not a client so KRACK doesn't apply.
Sure? How do you derive it? In bridge mode, we would be at layer 2 of the protocol, where one network talks to the other only at the MAC address layer. How does Krack play in here? Krack's vulnerability comes from the key handling procedure between client and server (wifi-router), and key handling happens at layer 2? |
|
|
|
|
|
