cancel
Showing results for 
Search instead for 
Did you mean: 

FragAttacks

Philip144
I Plan to Stick Around

https://www.reviewgeek.com/82521/every-wi-fi-device-back-to-1997-likely-vulnerable-to-fragattacks/

 

Does Rogers have any protection against this attack in place.

 

***EDITED LABELS***

1 ACCEPTED SOLUTION

Accepted Solutions

Re: FragAttacks

-G-
Resident Expert
Resident Expert

@Philip144 wrote:

Does Rogers have any protection against this attack in place.


I don't know.  The security researcher did a responsible disclosure and vendors have had many months to fix it.  However, I'm not overly concerned about FragAttacks because these specific protocol design flaws are difficult to exploit.

 

Even the web page for the FragAttacks vulnerability confirms this:

Fortunately, the design flaws are hard to abuse because doing so requires user interaction or is only possible when using uncommon network settings. As a result, in practice the biggest concern are the programming mistakes in Wi-Fi products since several of them are trivial to exploit.

 

I'm not saying that the FragAttacks bugs do not need to be fixed.  However, the reality is that if some "bad guy" was really determined to hack you, there are far easier and FAR more effective ways to do so.

View solution in original post

2 REPLIES 2

Re: FragAttacks

-G-
Resident Expert
Resident Expert

@Philip144 wrote:

Does Rogers have any protection against this attack in place.


I don't know.  The security researcher did a responsible disclosure and vendors have had many months to fix it.  However, I'm not overly concerned about FragAttacks because these specific protocol design flaws are difficult to exploit.

 

Even the web page for the FragAttacks vulnerability confirms this:

Fortunately, the design flaws are hard to abuse because doing so requires user interaction or is only possible when using uncommon network settings. As a result, in practice the biggest concern are the programming mistakes in Wi-Fi products since several of them are trivial to exploit.

 

I'm not saying that the FragAttacks bugs do not need to be fixed.  However, the reality is that if some "bad guy" was really determined to hack you, there are far easier and FAR more effective ways to do so.

Re: FragAttacks

Philip144
I Plan to Stick Around
Thank you.
We Want Your Opinion
Would you be interested in becoming a Community Testing Lab member?
Topic Stats
  • 2 replies
  • 589 views
  • 3 Likes
  • 2 in conversation