Security Market Segment LS
Thursday, 19 October 2017 09:06

WPA2 flaw's worst impact on Android, Linux devices Featured


The flaw in the WPA2 wireless protocol revealed recently has a critical impact on Android phones running version 6.0 of the mobile operating system and Linux devices, a security researcher says.

Ty Miller, managing director of security company Threat Intelligence, said unencrypted messages could be sent and full control gained over the wireless network traffic of anyone who was using these devices.

The vulnerability, revealed on Monday night, by Belgian researcher Mathy Vanhoef. At the time, he said: "Note that if your device supports Wi-Fi, it is most likely affected. During our initial research, we discovered ourselves that Android, Linux, Apple, Windows, OpenBSD, MediaTek, Linksys, and others, are all affected by some variant of the attacks."

Miller explained: "The Linux and Android specific vulnerability is due to a flaw in their implementation of the protocol standard where the Temporal Key (TK) is overwritten with zeros.

"This is basically comparable to your password being overwritten with all zeros to gain access to all of your data. This allows the capture of sensitive information such as usernames and passwords, as well as the ability to inject malicious data into your Web browsing."

He said even after a majority of Linux and Android devices were patched, IoT devices would constitute a major long-term risk to organisations. These devices either never had patches released or else were rarely patched.

"It is a well-known fact that IoT devices have a terrible history when it comes to security, such as requesting software updates over HTTP," Miller said.

"This would enable the attacker to deploy a fake update to the vulnerable device causing it to become compromised, and ultimately provides the attacker with a foothold within your wireless network. If this device is on your corporate network, then your organisation is suddenly at risk of a major security breach."

The next worst affected would be Apple and OpenBSD, Miller said. "The primary challenge is that these operating systems only accept encrypted messages to be sent to the wireless client that makes it slightly more difficult," he pointed out.

However, this security control could still be bypassed by identifying encrypted messages by their size, and then replaying them against the vulnerable wireless client.

"This makes them just as vulnerable as in the Linux example above, except that some additional effort will be required to crack the key," Miller said.

"The upside is that the main risk is associated with macOS devices in this case, which are far more likely to be patched across the board than IoT devices."

Linux expert Russell Coker told iTWIre: "It (the vulnerability) sounds bad. But then given that so many systems are using old and unpatched versions of Android - I think we can assume that almost all Android 4.4 systems are unpatched - it's wide open anyway.

"It seems that if you run an Android device that's not a Nexus or Pixel then security support will end long
before the device wears out or becomes obsolete."

Read 5665 times

Please join our community here and become a VIP.

Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here


The past year has seen a meteoric rise in ransomware incidents worldwide.

Over the past 12 months, SonicWall Capture Labs threat researchers have diligently tracked the meteoric rise in cyberattacks, as well as trends and activity across all threat vectors, including:

Encrypted threats
IoT malware
Zero-day attacks and more

These exclusive findings are now available via the 2022 SonicWall Cyber Threat Report, which ensures SMBs, government agencies, enterprises and other organizations have the actionable threat intelligence needed to combat the rising tide of cybercrime.

Click the button below to get the report.



It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site and prominent Newsletter promotion and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinars and campaigns and assistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.


Sam Varghese

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.

Share News tips for the iTWire Journalists? Your tip will be anonymous




Guest Opinion

Guest Interviews

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News