Yeah, a tech from Cisco sent me that link yesterday and I’m pleased to see my equipment isn’t (so far) listed in the affected hardware section. I updated my router at home, and all my wireless clients have had updates pushed out via Windows/Microsoft, so I think we are probably fine now. Fingers crossed.
The problem isn’t really on the AP side of things, unless you put it in client or bridge mode. Hopefully there’s something they can do to mitigate it there, but the real nightmare is having to patch all those clients.
I am using ancient Linksys router and adapter:
WRT54GL v1.1
WUSB54G v4
They work fine. But should I replace them? I doubt new firmware will be forthcoming.
I wouldn’t replace them unless you can’t patch your client devices. Basically, either the clients or the router need to be patched. If both are unpatched, then the vulnerability is there. So, if you don’t think that all of your devices that connect to the router and adapter will be patched, then yeah, it’s something to consider.
Although I haven’t checked to see if those devices are specifically vulnerable to KRACK. They might not be. Apparently older Apple Airport Expreses are unaffected.
It’s unclear if it can be mitigated at the AP level at all.
I forget which is the access point. The router or the adapter?
Is it enough if Windows 7 is patched? Or do I need to patch more stuff?
Your router is the AP.
If your only client runs windows7, and win7 is patched, then you’re good. So, no cellphones, then?
I also have a Motorola cellphone running Android Nougat, Brother network printer, Roku TV, Kindle, another computer with Windows 10, and an older Lumia with Windows 10 Mobile which also need to connect to wifi. If only one of these is not patched, will it put all the other devices at risk?
Nope, just the unpatched client. But those things are computers, and they can inject code into the datastream, so if they can get remote access to your cellphone then they have all your data and free access to your internal network that way.
We refer to this with a funny description, “poop in the pool.” If someone gets into the pool with poop on them, anyone then using the pool needs to worry about it, as the poo can get anywhere else.
The same applies here, if your client is susceptible and later compromised, chances are that the compromise will be more than just viewing what you’re doing. It will probably be a redirect to something that then infects you, so now your home network is at risk. The risk may be low, but it is still there. Especially so if you take your cellphone elsewhere, join a wireless network there, then come back home and use your own. You brought poo into the pool.
Yes, that’s pretty much what I said yesterday.
Yep, didn’t mean to repeat it either, stusser, I had a reply half typed that I sat on until today. Sorry, man.
UNACCEPTABLE APOLOGY. NEVER LOOK ME IN THE EYES. KNEEL BEFORE ME AND BEG, WORM.
Asus still hasn’t patched its routers yet. This is getting ridiculous.
Oh thanks for the reminder. Orbi has a beta firmware here to patch it (only released on 11-02)
https://kb.netgear.com/000049562/RBR50-RBS50-Firmware-Version-2-0-0-76-Hot-Fix
If you don’t use your router in clientmode, which is fairly rare, it doesn’t matter.
I like bakery fresh firmware, I also like to put heatsinks on my m.2 SSDs stusser stop harshing my mellow man
Mesh routers are totally exposed to this-- you needed to update. Your mellow is earned.
Asus: Nothing yet. Update 19-Oct-2017: At 01:46am this morning, ASUS posted to their forums that they’re aware of and investigating a patch in partnership with their chipset vendors. No ETA other than “soon”.
Also for me and I think someone else here on Google WiFi routers:
Google Wi-Fi: In a statement to CNET, Google said, “We’re aware of the issue, and we will be patching any affected devices in the coming weeks.”
Still nothing.