PDA

View Full Version : Any fix coming for Squeezebox Radio for Krack WPA2 vulnerability?



StewLG
2017-10-16, 23:36
I have been a happy user for many years of my Squeezebox Radio. And I fully understand how far out of warranty it is. But I would assume it is vulnerable to this WPA2 attack, and as a persistent, always-on client I really can't ignore the hole it represents in my network.

https://www.krackattacks.com/

Anything known definitively about vulnerability of the device? Any plans for patching it?

drmatt
2017-10-17, 00:47
Feel free to help build a new firmware image...


Transcoded from Matt's brain by Tapatalk

Mnyb
2017-10-17, 01:47
Check the other tread on this subject

StewLG
2017-10-17, 06:02
Check the other tread on this subject

I did look, but could not find any threads about it, which is why I posted.

Can you point me to the thread?


Feel free to help build a new firmware image...

I had been assuming the firmware for the radio was closed source - I'm glad to be wrong if I am. Is there a repository for the Squeezebox Radio firmware? I looked on the Logitech Github page but it was not immediately apparent.

drmatt
2017-10-17, 06:13
We wish.. i don't know the answer to that question tbh. I would guess it would be possible to produce a live hack but flashing a new image with a fixed wpa_supplicant seems to require full dev kit access or a great deal of ingenuity.


Transcoded from Matt's brain by Tapatalk

Mnyb
2017-10-17, 06:58
We wish.. i don't know the answer to that question tbh. I would guess it would be possible to produce a live hack but flashing a new image with a fixed wpa_supplicant seems to require full dev kit access or a great deal of ingenuity.


Transcoded from Matt's brain by Tapatalk

Thats for Radio and Touch and Controller , some parts of squeezeplay is not fully open sopurce, the older players are even more propriotary mostly closed source

bpa
2017-10-17, 07:09
I did look, but could not find any threads about it, which is why I posted.

Can you point me to the thread?

http://forums.slimdevices.com/showthread.php?108140-KRACK-attacks

The big problem will be the routers - has your router been updated yet ?

mavit
2017-10-19, 03:40
The big problem will be the routers - has your router been updated yet ?

Perhaps surprisingly, this issue mainly affects clients, not routers. See the question "What if there are no security updates for my router?" at https://www.krackattacks.com/#faq

earthbased
2017-10-19, 15:21
I have been a happy user for many years of my Squeezebox Radio. And I fully understand how far out of warranty it is. But I would assume it is vulnerable to this WPA2 attack, and as a persistent, always-on client I really can't ignore the hole it represents in my network.

https://www.krackattacks.com/

Anything known definitively about vulnerability of the device? Any plans for patching it?

From what I understand as long as your WiFi access point/router that SB connects to is updated for KRACK Attack and SB only connects to that router then you should be OK.

drmatt
2017-10-19, 22:51
From what I understand as long as your WiFi access point/router that SB connects to is updated for KRACK Attack and SB only connects to that router then you should be OK.Not true. The issue is all client not router.

Anyway in a remarkable coincidence it seems most hardware squeezeboxes use such an old version of wpa_supplicant that they are not vulnerable to krack ....


Transcoded from Matt's brain by Tapatalk

earthbased
2017-10-20, 11:02
Not true. The issue is all client not router.

Anyway in a remarkable coincidence it seems most hardware squeezeboxes use such an old version of wpa_supplicant that they are not vulnerable to krack ....


Transcoded from Matt's brain by Tapatalk

BrainSlayer of DD-WRT updated his firmware to fix KRACK vulnerability. If paranoid, hardwire SB to bridge.

drmatt
2017-10-20, 14:08
Ok but fixing the router can't prevent your clients being exploited.


Transcoded from Matt's brain by Tapatalk

Soulkeeper
2017-10-30, 15:30
The faq (https://www.krackattacks.com/#ap-mitigations) seems to suggest otherwise, at least in part:

It's possible to modify the access point (router) such that connected clients are not vulnerable to attacks against the 4-way handshake and group key handshake. Note that we consider these two attacks the most serious and widespread security issues we discovered. However, these modifications only prevent attacks when a vulnerable client is connected to such a modified access point. When a vulnerable client connects to a different access point, it can still be attacked.

Update: The newest versions of the Linux based alternative OpenSource router firmware DD-WRT (http://www.dd-wrt.com) are not only patched against Krack, they also feature a selectable workaround (https://www.dd-wrt.com/wiki/index.php/QCA_wireless_settings#Disable_EAPOL_Key_Retries) to protect clients against attacks:

Unfortunately this can cause interoperability issues and reduced robustness of key negotiation, hence the default setting of disabled.
I have had this feature enabled for almost a day now, and I haven't noticed any ill effects yet. Naturally it's too soon to say for sure, but it looks promising.