Confusion is sweeping Australian internet users after the disclosure of a flaw in the WPA2 protocol used to secure wi-fi, with many unsure of what they need to patch.
The flaw, which was made public late on Monday night local time, puts almost all personal and enterprise wireless-enabled devices and networks at risk of attack.
The researchers who uncovered the so-called KRACK attack assert that it “does not exploit access points, but instead targets clients” - and that “for ordinary home users, your priority should be updating clients such as laptops and smartphones”.
Despite this, there remains considerable confusion on whether home routers need to be updated or not.
A D-Link A/NZ representative told Whirlpool that the vulnerability “is targeting ... clients and not the routers/access points" (APs).
“If the router/AP is running in normal wi-fi mode (as an access point) – it is not vulnerable (but the client still is, unless it is patched),” the representative said.
“A router/AP will only be affected if running in ‘AP client mode’ – this mode is not enabled in our routers and very rarely used in APs.”
The D-Link representative indicated the router maker would patch its firmware using code from the manufacturers of wi-fi chipsets incorporated into its products.
“But again – the important part is to patch the clients (computers, phones, tablets),” the representative said.
“Modifying the wi-fi code on [a] router/AP will still leave clients exposed to this attack, unless they are patched.”
Australian ISPs including Telstra, Optus, TPG and iiNet were all facing questions last night over whether they would quickly approve and pass on router firmware patches.
Many of those ISPs were in turn seeking assurances from the makers of devices they supplied to end users as part of internet service packages.
Telstra’s Asia Pacific CISO Berin Lautenbach said in a blog post overnight that Telstra “is working rapidly with our modem suppliers to determine if any devices are vulnerable.".
“If we determine there is an issue with a specific modem or wi-fi device then this can be resolved through software updates,” Lautenbach said.
“Telstra will first determine which devices could be affected and then where possible update the device remotely to fix the security vulnerability.”
iiNet fielded several questions on patches, particularly for some of its legacy devices such as its BoB and Budii Lite boxes.
In a brief statement, iiNet said it had “reached out to our suppliers to understand if our devices require an update and how soon these updates will be available".
A customer of TPG’s fibre-to-the-basement network reported that users would need to wait for a TPG-approved firmware patch for their Huawei modems as any patch sourced directly from the manufacturer by an end user could not be applied.