Search
WPA2 Key Reinstallation Vulnerabilities (KRACK) Explained
Posted by Hemant Chaskar on Oct 16, 2017
WPA2 Vulnerability.png

Researchers from the University of Leuven (@vanhoefm and team) have discovered flaws in WPA2 implementation in clients and APs. These flaws create vulnerabilities for replay and decryption attacks on packets transferred over WiFi links. They have named them KRACKs (Key Reinstallation AttaCKs). Both 802.1x (EAP) and PSK (password) based networks are affected. These vulnerabilities have been cataloged under 10 CVEs. In the series of videos below, I explain these CVEs in detail with Vivek Ramachandran, Founder and CEO of Pentester Academy.

Posts by Topic

see all
free-on-demand-webinars.png
WiFi - A Key Enabler of Digital India
Posted by Kiran Deshpande on May 1, 2017

Recently, I received a ‘Thank You’ letter from IEEE President & CEO for making a contribution to an IEEE fund that helps advance technology for humanity and realize full potential of IEEE. The IEEE President listed three areas of global concern – access to high speed Internet, adequate sanitation and electric power. Today Internet access is indeed as fundamental as having electric power and sanitation. This is reflected in policies across nations worldwide.

For instance, in India, Prime Minister Modi has outlined his vision for every Indian to have high speed access to Internet. Its akin to a Prime Minister laying out the vision for expressways for speedy and hassle free movement of vehicles across the country. A network of good roads and good communication infrastructure are critical to growth and prosperity. Hon. Indian Prime Minister is on the mark putting digitization along with ‘Swaccha Bharat’ as a top national priority.

In an emerging economy like India where wired network infrastructure is limited largely to urban areas, wireless Internet access is an attractive proposition. People love the convenience of wireless access even if the quality of connection is poor. You don't have to be glued to one place as it happens when using a landline phone or a computer connected to an Ethernet cable. Wireless access is ubiquitous as the entire space becomes the medium of communication. Governments around the world have recognized this as a national asset and have sold radio spectrum at a charge. While this creates revenue for governments, it can work against building affordable communication infrastructure. WiFi on the other hand operates in 2.4GHz and 5.0GHz radio spectrums that are unlicensed; one can operate in these frequency ranges without having to pay a license fee. This is very important as telecom operators, Internet service providers can build networking infrastructure using WiFi without having to pay for the spectrum. Coming to my road analogy, one needs a combination of toll roads and non toll roads. Both have their place in creating the infrastructure. In a country like India where sensitivity to pricing is high, WiFi will not only de-congest expensive licensed radio spectrum like 4G LTE but will reduce the cost significantly.

Smart cities and public hotspots are among the best known use cases of WiFi. However, many other innovative ways exist. For instance, top national colleges like IITs, NITs, IIITs and IIMs want WiFi across their campuses and spend considerable time and effort putting together vendors to look for this technology. There is a very good chance that requirements are largely the same for all of them and hence these need not be handled individually. A massively scalable WiFi Management Console that can manage WiFi at say top 100 national universities with a sharable architecture while giving flexibility to each university is feasible. The same approach can be used for smart cities, government departments and even Gram Panchayats. A unified approach for critical national digital infrastructure is efficient and possible with the current state of the art in WiFi technology.

Under the Hood of Vendor Unlocked Whitebox APs
Posted by Sudhan Kayarkar on Apr 17, 2017

The data center industry has embraced hardware/software disaggregation promoted by Open Compute Project (OCP) in servers and switches. It brings benefits of cost, flexibility and innovation. OCP has now started a working group called Campus, Branch and Wireless (CBW) to extend disaggregation concept to enterprise networking. For additional details on OCP/CBW whitebox WLAN AP, see this #wlpc 2017 video presentation by @CHemantC. Mojo Networks has been an active contributor to the CBW group. At the recently concluded Open Compute Summit in Santa Clara, we demonstrated open install of Mojo WLAN software on the latest Qualcomm 802.11ac Wave 2 AP platforms manufactured by 3 different hardware vendors (ODMs). 

Getting on the WiFi Freedom Trail with Open AP Standards
Posted by Hemant Chaskar on Feb 10, 2017

In the past, the “open revolution” became ingrained in our lives in the form of open source software. Now it is coming to infrastructure components in the form of hardware-software disaggregation.

What is Hardware-Software Disaggregation?

Disaggregation breaks vendor lock-in between infrastructure hardware and function-enabling software. The approach is to standardize interfaces between the two. Standardization of disaggregation started with OCP (Open Compute Project) founded by Facebook. Now, OCP has vendors across the industry as active participants. OCP’s first focus areas was scale computing. Disaggregation for data center compute and storage turned out to be a big success as many vendors today provide OCP based server technologies.

The Future of WiFi Starts Here
Posted by Rick Wilmer on Apr 28, 2016

I am thrilled to share that following a successful trial with Global 2000 customers over the past year, Mojo is rolling out its new business strategy for enterprise WiFi to all users. Through our esteemed channel partners, our customers can now purchase our state-of-the-art WiFi hardware without a pricey markup...none, zero, no mark up...period. Customers can buy our access points just the way they always have – from Mojo partners – along with our leading cloud service to manage those access points. The access points, and thus the overall solution, is now (a lot) less costly. This revolutionary direct-to-market business model lets users save up to 50% over traditional WiFi vendors.

Accton heralds the future as they open networking standards for WiFi
Posted by Freddy Mangum on Mar 9, 2016

Since launching in 2003, we’ve been committed to advancing innovation and integrity in the digital age. We take pride in creating — and constantly improving upon — cloud-managed WiFi that can meet the world’s increasing demand for seamless connectivity. We recognize that the industry has many hurdles to overcome, and as such are always excited to see fellow tech visionaries sharing our values and goals — enterprises that are focused on the present and the future needs of an increasingly cloud-first world.