
Beyond KrØØk: Even more Wi‑Fi chips vulnerable to eavesdropping - PatrolX
https://www.welivesecurity.com/2020/08/06/beyond-kr00k-even-more-wifi-chips-vulnerable-eavesdropping/
======
valera_rozuvan
Just tested the script provided by the researchers [1]. Yep, it works, and my
system is vulnerable.

\----------

[1] [https://raw.githubusercontent.com/eset/malware-
research/mast...](https://raw.githubusercontent.com/eset/malware-
research/master/kr00k/kr00k.py)

~~~
valera_rozuvan
This is not that serious though. Quoting from [1]:

~~~

Furthermore, the bug cannot be used part of automated botnet attacks, requires
physical proximity to a victim (WiFi network range), and Kr00k cannot retrieve
large and long-winded communications streams without the user noticing
problems with their WiFi communications.

~~~

\----------

[1] [https://www.zdnet.com/article/new-kr00k-vulnerability-
lets-a...](https://www.zdnet.com/article/new-kr00k-vulnerability-lets-
attackers-decrypt-wifi-packets/)

~~~
zenexer
It’s still serious. For example, consider the potential for industrial
espionage. Want to steal some trade secrets? Grab a cantenna and set up shop
next door.

~~~
Piskvorrr
Hopefully nobody treats the link layer as secure nowadays, and good luck with
the TLS sessions that you've grabbed.

Yeah, I know. "No need to secure the internal traffic: the perimeter is
absolutely secure (there's also no way we've left the WPA passphrase laying
around on post-it notes that go into the unlocked dumpster out back.)"

------
mobilio
When Kr00k was released we almost knows that this isn't special "feature" only
for Broadcom chips. And was just matter of time Qualcomm to be hit with
similar.

------
teddyh
I’ve never understood this: When TLS gets updated seemingly yearly, why should
we trust crypto implemented in hardware and set in stone by standards ages
ago?

~~~
gruez
>I’ve never understood this: When TLS gets updated seemingly yearly

What? We're on TLS 1.3 for years now, and before that, were using TLS for a
decade.

[https://en.wikipedia.org/wiki/Transport_Layer_Security#Histo...](https://en.wikipedia.org/wiki/Transport_Layer_Security#History_and_development)

~~~
teddyh
I dunno. It certainly _feels_ like I have to edit my server configs at least
every year to make something or other stop complaining about the TLS
parameters not being secure enough.

