Decades of “fragile attack” flaws affect almost every Wi-Fi device


set In fact, the vulnerabilities in the design and use of Wi-Fi have exposed almost every Wi-Fi-enabled devices Suffering some form of attack Since the original Wi-Fi standard came out in 1997, some of its flaws have existed.

Public investigation results public Research published this week by New York University Abu Dhabi researcher Mathy Vanhoef suggests that attackers within Wi-Fi range of the target network may steal data from victims and damage their devices. However, despite the staggering scale and scope of exposure, it is actually difficult to carry out many attacks, and not all Wi-Fi devices are affected by all flaws.

Vanhoef collectively referred to these findings as “fragmentation attacks”, short for “fragmentation and aggregation attacks,” because these flaws are largely related to the subtle issue of how Wi-Fi streamlines and reorders data in transmission to move information as quickly as possible. Then the data is brought back to the other end.

Vanhoef said: “If there is a lot of background noise, the fragmentation function is usually used to improve the performance of the Wi-Fi network.” The goal is to divide the data into more manageable fragments for transmission so that they can be effectively reassembled when they are received. But Vanhoef discovered a security hole in this process. He said: “You can make the receiver reassemble two fragments belonging to different packets, and even store malicious data and combine it with legitimate information.” “Under the right conditions, this can be used to steal data.”

Vanhoef also discovered a vulnerability that could allow an attacker to inject malformed data and become a “man in the middle” on the network, study the passed data to steal information, and even control other connected devices with other vulnerabilities. They do not need special privileges to launch an attack.

These design flaws are worrying. Because they are so widespread, every Wi-Fi device I tested is vulnerable to attack. Vanhoef said. “But on the other hand, they are difficult to use. Sometimes I say “Patch the patch before the attack gets better.”

Vanhoef spent 9 months coordinating disclosures with numerous Internet security agencies and companies in the industry. Microsoft, Samsung, Cisco, Intel, Linksys, Netgear, Eero and many other companies have already released patches.Have Complete list The security advisory agency and Vanhoef said that more fixes will be released in the coming weeks.

Standards bodies and network security groups, including Wi-Fi Alliance and Internet Security Promotion Industry Alliance, Published advisory This week, all Wi-Fi users and network administrators are urged to update their devices when patches are available.

In fact, all Wi-Fi devices require some form of repair or mitigation measures, especially routers and other network devices, which can be used as targets for attacks. But for consumers and businesses, these are the types of devices. Usually do not receive updates, or cannot receive updates Because of concerns about backward compatibility.

Long-term independent Wi-Fi researcher Jim Palmer (Jim Palmer) said: “These findings have indeed become the core of how Wi-Fi works.” Analyzed Frag Attack disclosed. “Some of these findings are really weird, but the attack is also very complicated. It’s not a mash-up thing. And the victim must be within Wi-Fi range-kind of like an explosion radius.”

Palmer said that for Wi-Fi experts, Frag Attack will add a long list of vulnerabilities and flaws that need special consideration in actual deployment.In recent years, Vanhoef has also discovered two other major Wi-Fi exposures that reach this level: Wi-Fi encryption attacks, known as Clark with Dragon Blood.versus These findings, Palmer predicts that Frag exposure will appear in the device and live in seclusion for decades.


Source link