WiFi fragattacks. Mainly a concern for Apple computer users

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts
  • Bryn
    Banned
    • Mar 2007
    • 24688

    WiFi fragattacks. Mainly a concern for Apple computer users



    Windows users are advised to update now if they have not already done so recently.
  • Dave2002
    Full Member
    • Dec 2010
    • 18034

    #2
    Why should it be more of a concern for Apple users? That doesn't come from the article, I think.

    Comment

    • Bryn
      Banned
      • Mar 2007
      • 24688

      #3
      Originally posted by Dave2002 View Post
      Why should it be more of a concern for Apple users? That doesn't come from the article, I think.
      Because, as made clear in the article, Microsoft has already issued a fix in a Windows 10 update. Hence the suggestion to make sure Windows machines have their O/S brought up to date.

      The good news is, Vanhoef disclosed the vulnerabilities responsibly and gave a nine-month lead time. Microsoft already released patches for Windows 10 that should mitigate the problem, and a fix for Linux is coming. But that still leaves plenty of IOT devices, routers, and macOS vulnerable. Vanhoef even managed to trick a macOS device to switch to a malicious DNS server, redirecting unsuspecting users to sites owned by a hacker. And with a malicious DNS server in place, the hacker could exfiltrate private data, like usernames, passwords, and possibly more.

      Comment

      • Anastasius
        Full Member
        • Mar 2015
        • 1860

        #4
        Originally posted by Dave2002 View Post
        Why should it be more of a concern for Apple users? That doesn't come from the article, I think.
        It does. The article says that there is a patch for Windows but not MacOS.

        What the article doesn't say is how the malicious stuff is injected...presumably by wi-fi ....I skim read the article ...need to read it in more depth.
        Fewer Smart things. More smart people.

        Comment

        • Anastasius
          Full Member
          • Mar 2015
          • 1860

          #5
          Quick Google...

          To conduct an attack based on these flaws, the adversary has to be within range of the victim and the applicable Wi-Fi access point. The adversary would then have to dupe the victim into some network interaction, like downloading an image from an adversary-controlled server.


          I won't be losing any sleep.
          Fewer Smart things. More smart people.

          Comment

          • Bryn
            Banned
            • Mar 2007
            • 24688

            #6
            Originally posted by Anastasius View Post
            Quick Google...

            To conduct an attack based on these flaws, the adversary has to be within range of the victim and the applicable Wi-Fi access point. The adversary would then have to dupe the victim into some network interaction, like downloading an image from an adversary-controlled server.


            I won't be losing any sleep.
            It's as well to be aware of what dangers there are, however, and many Mac users tend to think themselves and their computer's operating system to be immune from malware attacks.

            Comment

            • Dave2002
              Full Member
              • Dec 2010
              • 18034

              #7
              Originally posted by Anastasius View Post
              It does. The article says that there is a patch for Windows but not MacOS.

              What the article doesn't say is how the malicious stuff is injected...presumably by wi-fi ....I skim read the article ...need to read it in more depth.
              I agree about the Windows patch, but unless I missed something it didn’t mention MacOS.

              Absence of evidence ...

              Comment

              • Bryn
                Banned
                • Mar 2007
                • 24688

                #8
                Originally posted by Dave2002 View Post
                I agree about the Windows patch, but unless I missed something it didn’t mention MacOS.

                Absence of evidence ...
                Ahem. As quoted in #3, "Vanhoef even managed to trick a macOS device to switch to a malicious DNS server, redirecting unsuspecting users to sites owned by a hacker. And with a malicious DNS server in place, the hacker could exfiltrate private data, like usernames, passwords, and possibly more".

                Comment

                • Bryn
                  Banned
                  • Mar 2007
                  • 24688

                  #9
                  Further Windows 10 update(s) available today.

                  Comment

                  Working...
                  X