Well not sure many of you have heard about the KRACK network vulnerability on WPA2 networks but its pretty serious.

[Link: engadget.com]

[Link: zdnet.com]

https://www.krackattacks.com/

Looks like you android folks are really affected lol. Apple is pretty much covered already. IOT devices are also subject to this. Pretty much any WPA2 wireless device. "advising Android users to "turn off WiFi on these devices until fixes are applied."

I already rolled out updates to my ubiquiti clients. Perfect example of why we should all be charging recurring revenue. I need to get on that bandwagon myself.

Its a wifi range attack. and it only can grab data you are sending or receiving.

Yes, its bad, but not "Turn your wifi off" bad. And apple is less susceptible to the attack, but they are still vulnerable and havent patched jack yet. the patch is in current beta builds. not live.

Its not nearly as serious as some people are making it out to be.

that being said, we will absolutely be updating the 180+ Unifi sites we manage.

It will be great for sales. For once the media is helping us.

Another reason not to use that cheap IoT device, and to upgrade to quality networking equipment, and to wire stuff instead of relying on wireless, and for RMR to keep firmware up to date.

Doesn't this only affect wireless AP's with 802.11r enabled? Last time I checked, UniFi used some proprietary roaming method not industry standard 802.11r.

I guess my point is, how or if this affects or doesn't affect UniFi line differently.

Eero patched this 10-17-17.

More like another reason to go back to selling only stereos. :P

Exactly what I was thinking. A good reason for network management fees to keep firmware up to date. An even better reason for selling equipment that has remote management.

Remember when the solution was "turn down the volume knob, and then push the Tape Monitor button". Oh, those were the days.

!!!BLARE!!!

"Sir, did you miss the part where I said to turn the volume down first?"



Funny, just left a house with tape-2 on...

Lol, most stereos have wpa2 wireless nowadays.

[Link: wired.com]

So the attacker must be on the same network as you...which means that you're probably fine at home, unless someone in your home is a hacker trying to exploit this, or an IT person working on your home network. Also, if you're using an https website, you're fine. So, don't be sending nudie pics while you're at Starbucks or Wal-Mart or McDonalds.

I have questions for you network folks. Since I install a lot of property-wide wifi systems (I don't design them) I'd like to know: Obviously we're going to have to update all of the access points we have in place when a patch is made available. We'll also need to update our routers when a patch is available. I'm guessing that our Cisco managed switches are okay, as they basically just pass information from one place to another? Or is there an opportunity for someone who gets on the network to (I guess there could be) get into the switches and mess with them as well?

Also, how about this one: ""Also implement things like isolation, so one Wi-Fi client can't talk to another," he says." ~~~~ Obviously, property-wide wifi systems allow for roaming all over the property. Is he saying that devices should only be able to talk with the access point that they originally connect to, that you shouldn't roam between access points?

Yhsnkd@ (That's the language from my home planet of "I had my left hand on the wrong keys" for "Thanks!")