Wireless network WPA2 Vulnerability
The wireless security breach known as "Krack" has currently no effect on F!B broadband connections since the access points do not use the affected 802.11r standards. However, theoretically, a Krack attack can target the wireless connection of a client who is attempting to connect to the wireless LAN.
To perform an attack on a wireless connection between an access point and an insecure client (laptop, smartphone, TV-supporting WiFi) a whole range of extensive condition must be met. The attacker must place himself between the client and the access point to execute a so-called man-in-the-middle-attack. This needs to be done in the immediate, physical vicinity of the client. The attacker has to be closer to the client than the access point and the client must sign in again voluntarily for this to work. According to the current assessment, the attacker would be able to read only data from clients with certain implementations.
Relevant connections on higher levels are always encrypted, regardless of the wireless LAN. HTTPS connections such as web searches, online banking, online purchases, Facebook, WhatsApp, etc., which can be identified by the padlock symbol or the green display of the browser address have said secure encryption.
The Krack security breach doesn't give access for the attacker to the full functionality of an unfamiliar wireless network.
So far, no attacks have been reported. The high difficulty range of the attack, the necessity to physical proximity, and the fact that encryption still remains effective on higher levels, make the practical implementations of the Krack breach appear to be a minute possibility.
On 16 October the Krack was noticed by AVM. Unfortunately, the responsible disclosure policy which should have been applied was disregarded by the discoverers of the leak. AVM will provide updates for its wireless repeaters, after further investigation and tests.Posted on Oct 20, 2017 | Tags: