WPA2 KRACK Attack. Huge new security bug that pretty much everyone needs to solve


#21

So, as the gen1 stack vendor, you can see our press release on this here:

Summary is yes, the silicon vendor (who supplies a binary blob which includes the supplicant) has confirmed that their supplicant is affected - however, this in no way affects the security of the device, the data, or adversely affects other devices on the same network through the vulnerability in the Rachio. The Rachio gen1 uses TLS 1.2 with ECDHE and mutual authentication - an attacker cannot perform MITM on this connection.

It is totally possible for an attacker to use KRACK to (for example) spoof DNS to redirect a connection, but they cannot get the device to accept a connection to a server which does not pass authentication.

When patches are available from the silicon vendor, we will release an OS update which will patch all Electric Imp based devices, regardless of the application (our platform explicitly ensures we can update devices without the product manufacturer’s involvement - though Rachio are responsible and responsive, others may not be as fast).

More detail if you’re interested:

The Rachio gen1 is NOT susceptible to: CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13082, CVE-2017-13084, CVE-2017-13086, CVE-2017-13087 or CVE-2017-13088

It IS susceptible to CVE-2017-13080 and CVE-2017-13081, but these only allow packet duplication, so attacks on TLS are essentially impossible.


#22

You rock @hfiennes, thanks for the detailed information!

:cheers: