05-13-2021 09:25 AM - last edited on 05-13-2021 09:38 AM by RogersCorey
https://www.reviewgeek.com/82521/every-wi-fi-device-back-to-1997-likely-vulnerable-to-fragattacks/
Does Rogers have any protection against this attack in place.
***EDITED LABELS***
Solved! Solved! Go to Solution.
05-13-2021 11:41 AM - edited 05-13-2021 11:43 AM
@Philip144 wrote:
Does Rogers have any protection against this attack in place.
I don't know. The security researcher did a responsible disclosure and vendors have had many months to fix it. However, I'm not overly concerned about FragAttacks because these specific protocol design flaws are difficult to exploit.
Even the web page for the FragAttacks vulnerability confirms this:
Fortunately, the design flaws are hard to abuse because doing so requires user interaction or is only possible when using uncommon network settings. As a result, in practice the biggest concern are the programming mistakes in Wi-Fi products since several of them are trivial to exploit.
I'm not saying that the FragAttacks bugs do not need to be fixed. However, the reality is that if some "bad guy" was really determined to hack you, there are far easier and FAR more effective ways to do so.
05-13-2021 11:41 AM - edited 05-13-2021 11:43 AM
@Philip144 wrote:
Does Rogers have any protection against this attack in place.
I don't know. The security researcher did a responsible disclosure and vendors have had many months to fix it. However, I'm not overly concerned about FragAttacks because these specific protocol design flaws are difficult to exploit.
Even the web page for the FragAttacks vulnerability confirms this:
Fortunately, the design flaws are hard to abuse because doing so requires user interaction or is only possible when using uncommon network settings. As a result, in practice the biggest concern are the programming mistakes in Wi-Fi products since several of them are trivial to exploit.
I'm not saying that the FragAttacks bugs do not need to be fixed. However, the reality is that if some "bad guy" was really determined to hack you, there are far easier and FAR more effective ways to do so.
05-13-2021 11:47 AM