[ DONATE TO RMN ] [ Return to Main Page ] [ Read Prev Article ] [ Read Next Article ] [ CGI Media News Room ] [ SUBSCRIBE TO RMN ]

RMN is Reader Supported

Our Goal for
OCT 6 - NOV 5:
$1500

Powered by FundRazr

Click Widget
or Click Here to contribute.

Checks & Money Orders:

Raye Allan Smith
P.O. Box 95
Ashtabula, OH 44005


Users Online:
72

Who Founded RMNews?


Dewitt Jones' Video
"Celebrate What's Right
With The World"


"When the
Starships Fly!"

Listen at YouTube


The Theme for The Obergon Chronicles

Listen at YouTube


The Obergon Chronicles ebook


RUMOR MILL
NEWS RADIO


CGI ROOM
Common Ground
Independent Media


WHAT ARE
THE FACTIONS?


THE AMAZING
RAYELAN ALLAN


BIORHYTHMS

LOTTO PICKS

OTHER WAYS TO DONATE





RUMOR MILL NEWS AGENTS WHO'VE BEEN INTERVIEWED ON RUMOR MILL NEWS RADIO

______________

NOVEMBER 2008

Kevin Courtois - Kcbjedi
______________

Dr Robin Falkov

______________

Melinda Pillsbury Hr1

Melinda Pillsbury Hr2

______________

Daneen Peterson

______________

Daneen Peterson

______________

Disclosure Hr1

Disclosure Hr2
______________

Scribe
______________

in_PHI_nitti
______________

Jasmine Hr1
Jasmine Hr2
______________

Tom Chittum Hr1
Tom Chittum Hr2
______________

Kevin Courtois
______________

Dr Syberlux
______________

Gary Larrabee Hr1
Gary Larrabee Hr2
______________

Kevin Courtois
______________

Pravdaseeker Hr1
Pravdaseeker Hr2
______________

DECEMBER 2008

Tom Chittum
______________

Crystal River
______________

Stewart Swerdlow Hr1
Stewart Swerdlow Hr2
______________

Janet Swerdlow Hr1
Janet Swerdlow Hr2
______________

Dr. Robin Falkov Hr1
Dr. Robin Falkov Hr2
Dr. Robin Falkov Hr3

JANUARY 2009 ______________

Patriotlad
______________

Patriotlad
______________

Crystal River
______________

Patriotlad
______________

Dr. Robin Falcov
______________

Patriotlad

FEBRUARY 2009

Find UFOs, The Apocalypse, New World Order, Political Analysis,
Alternative Health, Armageddon, Conspiracies, Prophecies, Spirituality,
Home Schooling, Home Mortgages and more, in:

The Rumor Mill News Reading Room

Decades-Old Flaws Affect Almost EVERY Wi-Fi Device - The so-called Frag Attack Vulnerabilities Could Let Hackers Steal Data or Compromise Connected Gadgets

Posted By: RumorMail
Date: Tuesday, 18-May-2021 11:04:18
www.rumormill.news/172566

By Lily Hay Newman

Decades-Old Flaws Affect Almost Every Wi-Fi Device

A set of vulnerabilities in how Wi-Fi is designed and used in practice expose virtually every Wi-Fi-enabled device to some form of attack. A handful of those flaws have been around since the original Wi-Fi standard debuted in 1997.

The findings, publicly disclosed this week by New York University Abu Dhabi researcher Mathy Vanhoef, show that an attacker within Wi-Fi range of a target network could potentially exfiltrate data from a victim and compromise their devices. But while the sheer scale and scope of the exposure is staggering, many of the attacks would be difficult to carry out in practice, and not all Wi-Fi devices are affected by all of the flaws.

Vanhoef collectively calls the findings “Frag Attack,” short for “fragmentation and aggregation attacks,” because the flaws largely relate to subtle issues in how Wi-Fi chops up and reorders data in transit to move information as quickly as possible, then puts that data back together on the other end.

“The fragmentation functionality is normally used to improve the performance of your Wi-Fi network if there’s a lot of background noise,” Vanhoef says. The goal is to split data up into more manageable fragments for transmission that can be efficiently reassembled when they’re received. But Vanhoef discovered security weaknesses in the process. “You can cause a receiver to reassemble two fragments that belong to different packets or even store malicious data and combine it with legitimate information,” he says. “Under the right conditions this can be used to exfiltrate data.”

Vanhoef also found a vulnerability that could allow an attacker to inject malformed data and become a “man in the middle” on a network, studying data that passes through to steal information or even take control of other connected devices that have additional vulnerabilities. They would need no special privileges to pull off the hack.

“These design flaws are a concern. Because they’re so widespread, every Wi-Fi device I tested was vulnerable to something,” Vanhoef says. “But on the other hand they're difficult to exploit. I sometimes like to say ‘patch before attacks get better.’”

Vanhoef spent nine months working on coordinated disclosure with numerous internet security bodies and companies across the industry. Microsoft, Samsung, Cisco, Intel, Linksys, Netgear, Eero, and many others have already released patches. There's full list of security advisories and Vanhoef says more fixes will ship in the next few weeks.

Standards bodies and web security groups, including the Wi-Fi Alliance and the Industry Consortium for Advancement of Security on the Internet, released advisories this week urging all Wi-Fi users and network administrators to update their devices if and when patches are available.

Virtually all Wi-Fi devices need fixes or mitigations of some sort, especially routers and other network equipment, which can be targeted to facilitate attacks. But these are exactly the types of devices, for both consumers and businesses, that often don't receive updates, or can't because of concerns about backward compatibility.

“These findings really get to the heart of how Wi-Fi works,” says longtime independent Wi-Fi researcher Jim Palmer, who analyzed the Frag Attack disclosure. “Some of these findings are really freaky, but the attacks are also very complicated to do, it’s not a smash-and-grab thing. And victims have to be in Wi-Fi range—sort of like a blast radius.”

Palmer says that for Wi-Fi specialists, Frag Attack will join a long mental list of vulnerabilities and flaws that need special consideration in real-world deployments. In recent years, Vanhoef also discovered two of the other major Wi-Fi exposures that rise to that level: the Wi-Fi encryption attacks known as KRACK and Dragonblood. As with those findings, Palmer expects that Frag exposures will be around and lurk in devices for decades.


Read More




If you enjoyed this article,
Please consider a monthly subscription to Rumor Mill News!!


RMN is an RA production.

The only pay your RMN moderators receive
comes from ads.
Please consider putting RMN in
your ad blocker's whitelist.

Serving Truth and Freedom
Worldwide since 1996
 
Politically Incorrect News
Stranger than Fiction
Usually True!


Powered
by FundRazr
Click Widget
or Click Here to contribute.


Organic Sulfur 4 Health

^


AGENTS WEBPAGES

Provided free to RMN Agents

Organic Sulfur 4 Health

^


AGENTS WEBPAGES

Provided free to RMN Agents



[ DONATE TO RMN ] [ Return to Main Page ] [ Read Prev Article ] [ Read Next Article ] [ CGI Media News Room ] [ SUBSCRIBE TO RMN ]

The Rumor Mill News Reading Room is maintained by Forum Admin with WebBBS 5.12.