× Introducing the Orbi 970 Series Mesh System with WiFi 7 technology. For more information visit the NETGEAR Press Room.

Start a New Discussion

Start a New Discussion

Nighthawk M6 Pro Unlocked Hotspot 5G mmWave
Reply

A repeated query about AC790S and KRACK

ausgumbie
Aspirant
Aspirant
‎2017-11-06 10:28 PM
‎2017-11-06 10:28 PM

A repeated query about AC790S and KRACK

I am going to attempt to resubmit a question I had submitted on 17th October last, but which mysteriously disappeared. The thread was found on another url. I won't bother including this as it isn't visible to me when I'm logged off and isn't listed among the "Mobile Routers, Hotspots & Modems" topics.

 

Another mystery - I've tried to include my model in the relevant place as I make this post. But all that happens is a message pops up: "Please verify that the model# and/or category are correct." I've got no idea what's going on.

 

My model: AirCard 790S (BigPond)|AC790S BigPond Wi-Fi 4G Advanced II

 

My previously-posted and "lost" thread follows. (It may be dated but I think it deserves another shot):

 

Hi all (I use an AC790S mobile hotspot),

I have a query following Mathy Vanhoef's article, "Key Reinstallation Attacks: Breaking WPA2 by forcing nonce reuse" and Netgear's "Security Advisory for WPA-2 Vulnerabilities, PSV-2017-2826, PSV-2017-2836, PSV-2017-2837".

Netgear's Security Advisory says: "Mobile hotspots are only affected while using WiFi data offloading, which is not enabled by default." It does not show my AC790S as an affected product.

However, in Mathy Vanhoef's article, he says "The attack works against all modern protected Wi-Fi networks. ... The weaknesses are in the Wi-Fi standard itself, and not in individual products or implementations. Therefore, any correct implementation of WPA2 is likely affected. To prevent the attack, users must update affected products as soon as security updates become available. Note that if your device supports Wi-Fi, it is most likely affected." (* my emphasis)

So:

(1) Can offloading be enabled in the 790S? (It's not in the 790S manual but that doesn't mean it mightn't be able to be done).

(2) How do we reconcile my quote from the Vanhoef article with Netgear's lead statement: "NETGEAR is aware of WPA-2 security vulnerabilities that affect (*some) NETGEAR products". (* my insertion).

(3) What protection will be available for "non-affected Netgear products", e.g., a 790S?

Many thanks

ausgumbie

Message 1 of 4
0 Kudos
Reply

Accepted Solutions
ausgumbie
Aspirant
Aspirant
‎2017-11-15 10:44 PM
‎2017-11-15 10:44 PM

Re: A repeated query about AC790S and KRACK

Many Thanks

 

ausgumbie

View solution in original post

Message 3 of 4
0 Kudos
Reply

All Replies
JamesGL
Master
Master
‎2017-11-15 06:41 PM
‎2017-11-15 06:41 PM

Re: A repeated query about AC790S and KRACK

Hi ausgumbie,

 

Device does not support bridging that is why it is not on the list. If the device does not have bridging option then it is not affected.

Message 2 of 4
0 Kudos
Reply
ausgumbie
Aspirant
Aspirant
‎2017-11-15 10:44 PM
‎2017-11-15 10:44 PM

Re: A repeated query about AC790S and KRACK

Many Thanks

 

ausgumbie

Message 3 of 4
0 Kudos
Reply
ausgumbie
Aspirant
Aspirant
‎2017-11-15 10:47 PM
‎2017-11-15 10:47 PM

Re: A repeated query about AC790S and KRACK

Hi James

 

Made a bit of an error allocating "Solution" mark. Gave it to my "Thank You" note. Anyone able to change it to your post of the 15th which is the post I meant to mark?

 

Many thanks

 

ausgumbie

Message 4 of 4
0 Kudos
Reply
Top Contributors
See All
Discussion stats
  • 3 replies
  • ‎2017-11-06 10:28 PM
  • 2251 views
  • 0 kudos
  • 2 in conversation
Announcements

Orbi WiFi 7