cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

WPA2 Key Reinstallation Attacks (KRACK) Vulnerability.

curtis_
Neighbour

Good day all!

 

I work in the WiFi industry and I'm also a Telus residential Internet Customer. I also have several family and friends who use Telus residential Internet, and their security is important to me.

 

I would like to know how Telus plans to address the WPA2 Key Reinstallation Attack (KRACK) WiFi vulnerability announced on 16 OCT 2017.

 

The following links detail the attack (first link) and a list of vendor responses (second link).  

 

Among the list of vendor responses, Actiontec (The routers used by Telus) has no information.

 

https://www.krackattacks.com/

https://www.bleepingcomputer.com/news/security/list-of-firmware-and-driver-updates-for-krack-wpa2-vu...

 

 

I realize there will not likely be an immediate solution, but I would like to know; what is the timeline for installation of security updates on the Actiontec routers provided by Telus?

 

curtis_

21 REPLIES 21

Nighthawk
Community Power User
Community Power User

I'm sure once a fix for the WPA2 protocol is out that the router firmware will be updated. Since it just came out it's hard to say how long it'll take to fix.

 

The vulnerability is also client side as well. Windows, Mac, iOS, Android, Linux etc. All sides will need patching, especially Android 6.0 devices as they are especially vulnerable.


If you find a post useful, please give the author a "Like" or mark as an accepted solution if it solves your trouble. 🙂

Thanks for the response Nighthawk.  Device patching is straight forward since the user controls the device.  I'm more interested in the devices the user doesn't control.  What makes you sure the firmware will be patched?  I've been looking for a Telus residential maintenance schedule that customers can access, but I haven't been able to find anything.

 

Part of the reason I've posted this though, is to hopefully someone at Telus is keen and will direct me to Telus's official announcement on the vulnerability.

NFtoBC
Community Power User
Community Power User

Some client repair is already in the pipe, while others are suggesting the sky is not yet falling.

 

I figure I am in a remote enough location that patches will be applied before it becomes a direct issue.

 

NFtoBC
If you find a post useful, please give the author a "Like"

t1mmen
Just Moved In

I also want to know when we can expect TELUS routers to be patched for KRACK.


@t1mmen wrote:

I also want to know when we can expect TELUS routers to be patched for KRACK.


I asked on the Actiontec forum. They didn't say it isn't vulnerable and the answer implies that it is:

 

  • I have a T1200H DSL modem-router that is supplied by my ISP. They are notorious for taking forever and a half to push updates. Given that I'm using it in the standard access point mode (not bridging), is the device vulnerable or should I just disable the radio until my ISP updates me?

    Thanks.

     
    Admin
    Today at 13:15
  • You have two options you can switch your wireless security to use WEP which is an older less secure type of wireless security or disable your wireless radio altogether. Since your modem was supplied by your ISP I would recommend you call them for the recommended course of action that they suggest. I hope this helps.

     

     

    The thread on the Actiontec forum is here:

    https://actiontecsupport.zendesk.com/hc/en-us/articles/115005205283?page=1#comment_115000913183

Thanks for the reply Hubbmeister

 

VERY bad advise from Actiontec...  Even with this vulnerability, WPA2 is still much more difficult to exploit than WEP.

 

Your best bet would be to request a new modem from Telus if Actiontec has no plan to patch your current one.

 

curtis_

Nighthawk
Community Power User
Community Power User

WEP can be cracked so fast that it's basically useless. Also from what I understand, Actiontec only supplies the hardware, not the ISP specific software.

 

While waiting for the patch, make sure all your other devices are updated as well. Many won't get updates but that's a risk most users will have to decide if they want to take. The odds of someone trying to hack your network are extremely remote.

 

@curtis_ Requesting a new modem from Telus will be useless as it'll still be running the same software as the current ones. Better off waiting for an update.

 


If you find a post useful, please give the author a "Like" or mark as an accepted solution if it solves your trouble. 🙂

@Nighthawk fair enough... I had made the assumption that the T1200H was end of life, but I see that I miss read the post.

Reanimators
Just Moved In

My T3200M was patched to 31.164L.12 early this morning:

 

10/17/2017 12:11 AM ACS Complete 31.164L.12

 


Don't know the contents of that and it seems a little fast, but perhaps not a coincidence... 

Nighthawk
Community Power User
Community Power User

I haven't heard of a single ISP that has announced a timetable for their individual devices at this point. The Wi-Fi Alliance has already issued some updates to their internal members and it's only a matter of time until they are out to vendors etc. Depending on the device manufacturer, some may be out fast, some may take longer. I'd be more cautious around older Android devices as most will never get a fix for this problem.

 


If you find a post useful, please give the author a "Like" or mark as an accepted solution if it solves your trouble. 🙂

Thanks Nighthawk.  Sounds like an opportunity for Telus to be the first across the finish line!

 

As for the Android devices, I agree most will never be patched.  It makes me shudder to think of all the IoT devices that will live with this bug for the remainder of their service.... Cameras, home automation equipment. etc...  Most of that gear has all kinds of vulnerabilities ready to be tested, including... default password exploits.  Haha.  

Actiontec has an official response. We will likely see an update from Telus soon(ish).  

 

https://actiontecsupport.zendesk.com/hc/en-us/articles/115005205283-KRACK-Vulnerability

how do we update the Actiontek?

The Actiontec gateways will automatically update themselves one the update is available.


If you find a post useful, please give the author a "Like" or mark as an accepted solution if it solves your trouble. 🙂

curtis_
Neighbour

It looks as though Actiontec posted an update on Tuesday.  Telus is among the list of devices not affected.

 

https://actiontecsupport.zendesk.com/hc/en-us/articles/115005205283-KRACK-Vulnerability

It says "These products do not operate in repeater mode and do not have 802.11r FT enabled". Does anyone know what this means? If not, does anyone know an appropriate forum where I could ask this question?

 

Thanks,

Shane.

Nighthawk
Community Power User
Community Power User

The Actiontec isn't a wireless repeater. It's a standard router.

 

Google says: https://en.wikipedia.org/wiki/IEEE_802.11r-2008#Fast_BSS_Transition

 

The devices most suseceptible to this hack are not routers but end user devices. Computers, tablets, cell phones (especially Android ones), game consoles, etc.


If you find a post useful, please give the author a "Like" or mark as an accepted solution if it solves your trouble. 🙂

Control-Alt-Delete
Just Moved In
I work in IT and almost always turnoff the isp wifi. Typically we install ubiquiti AP's They had firm ware available on Oct 16 that addressed the vulnerability.

Language is important on this too. This is a "vulnerability" that may "possibly" be used "if" the hacker is within "close proximity" to the device. This vulnerability has no scale, no great reach. It's most important to organizations that have a trusted W-Fi environment not using authentication. Personally, use VPN software if you're worried, or even if you're not, and relax. Cat LOL

I would like to hopefully dispel peoples complacency with respect to security issues like this.  In general, when there is a new exploit, It's inevitable that someone somewhere will automate the attack and make tools available online. People say things like, "I'm not likely a target because of where I live", or "nobody around me is smart enough to do that."  Though those things may seem true, the reality is, when tools are available that will exploit targets; simply by driving around, it doesn't take long before it becomes a standard practice for criminals.

 

@Lola unfortunately, VPN software doesn't protect devices on the victims home network.  Specifically un-secure devices with microphones, cameras, or worse yet devices that will provide entry to the house, like an un-patched garage door opener are all targets for criminals.  Users almost never change the default passwords on these, so exploiting them once you have access into the network is trivial.

 

@Control-Alt-Delete Ubiquity APs are outstanding value for the dollar, now if only Telus would buy me one.

 

Now, taking off my tin-foil hat for a minute.  There's no need to panic about this exploit; a simple and effective strategy to combat this.. is... make a list of your devices, keep an eye on the vendors website for patches (or get a geeky friend to do it).. and most importantly ....  change the default passwords!!!!