WPA2 Security Vulnerability

Discussions about ideaMaker and other printing software.
Docmani
Posts: 10
Joined: Fri Mar 03, 2017 2:57 am

WPA2 Security Vulnerability

Postby Docmani » Wed Oct 18, 2017 12:08 pm

I was curious if your company was looking into patching the firmware on your devices in case they are vulnerable to the new WPA2 security vulnerability.

https://www.krackattacks.com/

I would hate to see anyone use your product as an attack vector into a network.

Hopefully, its an easy patch to integrate.

User avatar
Vicky@Raise3D
Posts: 2432
Joined: Fri Mar 25, 2016 3:54 am

Re: WPA2 Security Vulnerability

Postby Vicky@Raise3D » Thu Oct 19, 2017 2:18 am

Thank for your suggestion!
For the recent WPA2 Security problem, we need to confirm with our supplier of Wi-Fi chips first for more details. Then we will discuss together whether there is a good solution for this.

Jetguy
Posts: 1784
Joined: Tue Mar 22, 2016 1:40 am

Re: WPA2 Security Vulnerability

Postby Jetguy » Thu Oct 19, 2017 1:16 pm

we need to confirm with our supplier of Wi-Fi chips first for more details

Vicky, no this is not a hardware chip issue. This is a software issue with the firmware running on the pcDuino.
This is a patch or replacement of the WPA supplicant package loaded into the operating system to support the network function.

Basically, it's this simple.
The Wireless function in your operating system of the pcDuino is vulnerable due to the very open source code you used in the operating system. There will be patches for the OS or WPA Supplicant specifically.

I know these files exist on the system and they are the vulnerable versions.
That's what is trying to be pointed out to you.

Jetguy
Posts: 1784
Joined: Tue Mar 22, 2016 1:40 am

Re: WPA2 Security Vulnerability

Postby Jetguy » Thu Oct 19, 2017 2:20 pm

Further details to pass to the proper team that needs to fix this:
https://linux.die.net/man/8/wpa_supplicant

wpa_supplicant is an implementation of the WPA Supplicant component, i.e., the part that runs in the client stations. It implements WPA key negotiation with a WPA Authenticator and EAP authentication with Authentication Server. In addition, it controls the roaming and IEEE 802.11 authentication/association of the wireless LAN driver.

wpa_supplicant is designed to be a "daemon" program that runs in the background and acts as the backend component controlling the wireless connection. wpa_supplicant supports separate frontend programs and an example text-based frontend, wpa_cli, is included with wpa_supplicant.

The patch is- figuring out the exact install of wpa_supplicant in the Raise3D underlying operating system on the pcDuino. Going back to the wpa_supplicant source repositories and ensuring you get the recently patched code. Incorporate the patch into the next Raise 3D Raisepack. Notify all users and make a warning on the mainpage that users should update the LCD touch raisepack once this fix is released. Alternatively, notify all users of the vulnerability, explain the technical details, provide instructions to turn off wireless if the consumer is concerned about security.

To the rest of the group and why this might affect you and what it all means.
https://www.androidcentral.com/krack
Now yes, that article is about the Android OS, but the details are explained.
Almost every Linux based operating system and devices are using open source code called wpa_supplicant to provide the WPA and WEP security protocols and function within the operating system. Your Raise 3D printer contains a small mini computer running a Linux based operating system for the touch LCD screen. When you change the settings for the wireless network, the underlying function is actually handled by the wpa_supplicant. Basically, any device that has not been patched (with a patch to fix this specific issue) in the last couple of days is going to have a version of wpa_supplicant that has this problem. The problem is slightly technical but not too hard for most to understand. WPA provides encryption as a way to secure wireless communications on your wireless network. In order to do that encryption it uses an electronic "key". The issue is that during the negotiation AKA "handshake" sequence between your wireless router and the 3D printer, the handling of that key and how it gets placed into memory has flaws in the current existing wpa_supplicant code. Basically, it allows an outside attacker (could be a bored kid in your neighborhood) to disrupt the wireless signal and manipulate this key process. That then means they can potentially see what should be encrypted communications on your wireless network. Again, in simple terms, it's not just that your printer is hacked- it's a way for someone to get inside your wireless network. And, this attack, it doesn't require some genius hacker dude in his car with a big honking antenna. A kid with google skills and a smartphone just walking around can perform this exploit. Yes, absolutely mobile devices (smart phones and tablets) in public places are more vulnerable just because the exposure factor is higher.

I'm not saying every user should run out and disable the wifi on the printer this instant. I am saying that fellow users should be aware of what this is, what this means, and perform your own personal risk assessment. Maybe you feel there is little likely hood in your area and radio range of the printer. Maybe you are not concerned about information on your wireless network.

The key is basic understanding of what is going on here. The Raise 3D printer has a wonderful touch screen interface and wifi and network capabilities. These are great functions to have to make the 3D printer easier to use. At the same time, open source code is used to provide those functions and every once in blue moon, a security flaw may be discovered. Because this is a tiny but certainly powerful enough computer on your network, be it a home, work, office, or even government (school or direct government) network. So it's not just exploiting the printer- it's a way for someone to ALSO attack a network and other computers and things attached to that network.
Last edited by Jetguy on Thu Oct 19, 2017 3:59 pm, edited 1 time in total.

Jetguy
Posts: 1784
Joined: Tue Mar 22, 2016 1:40 am

Re: WPA2 Security Vulnerability

Postby Jetguy » Thu Oct 19, 2017 2:38 pm

Again, just some notes on this.
If concerned, you can simply turn off the wireless network function on the printer until this is patched.
The wired network connection is not vulnerable to this specific issue.

There is also a likely hood your smartphone, many tablets, and other devices have the same chances of getting hit with this exploit as the printer. So this is not just a printer thing- but understanding the how and what details and what it means for your entire work and home networks and devices.

EldRick
Posts: 114
Joined: Thu Jun 22, 2017 5:55 am

Re: WPA2 Security Vulnerability

Postby EldRick » Thu Oct 19, 2017 3:59 pm

Unfortunately, the wired Ethernet connection software is badly broken - slow and unreliable.

Jetguy
Posts: 1784
Joined: Tue Mar 22, 2016 1:40 am

Re: WPA2 Security Vulnerability

Postby Jetguy » Thu Oct 19, 2017 5:54 pm

If wired Ethernet is slow, the 2 potential known issues are that Ethernet wired is an extension cable from the pcDuino to the external jack on the machine and/or compatibility with your cabling and particular switch or home router to negotiate the cable rate.

We have seen a bad extension cable and verifying the switch port rate proved this and by bypassing and directly plugging in a cable to the pcDuino the user solved this in previous cases
Or
It's entirely possible for some switches and cable combinations to not negotiate the fastest rate.

In fact, just tested this on my own N2 Plus. Knowing that the N2 Plus uses a slightly longer extension between where the pcDuino controller is and the rear panel jack for ethernet, I did see some slow transfer speeds on an 18mb transfer of gcode, where the wireless N1 beside it transfered probably 3 times faster over wireless. However, when I bypassed this internal ethernet extension to the rear panel and directly plugged in the ethernet cable between the N2 Plus and the router, I transferred the same 18mb nearly on parity with the speeds I saw on wireless. So even my own N2 Plus may have a less than ideal cable.


Return to “Software”

Who is online

Users browsing this forum: No registered users and 1 guest