Get Even More Visitors To Your Blog, Upgrade To A Business Listing >>

Starting Today, Official OmniROM Builds Include Patches for KRACK ★★ XDA DEVLOPERS FORUM ★★

This week started off rough for Android security as it was revealed that 41% of all Android devices were severely susceptible to a WPA2 vulnerability now known as KRACK. Standing for key reinstallation attack, KRACK is possible thanks to the weaknesses in the Wi-Fi standard itself and not the devices, meaning more than 41% of Android devices could be attacked as well. Still, the devices can be patched to prevent an attack and that’s what is being done right now. Yesterday we told you that current builds of LineageOS were protected from the attacks and starting today, official builds of OmniROM are as well.

For those who are unaware, we recommend you read through our initial report on KRACK and to get familiar with the vulnerability itself. The exploit first works by creating a second WiFi network using all of the attributes of the original network  except this one is put on a different channel. With that done, it then attempts to force the target device to connect to it using what is called a CSA Beacon (aka Channel Switch Announcement Beacon).

Once the connection has been made, it uses a program called sslstrip to manipulate all traffic that isn’t on port 80 to port 10,000. This means that data that is normally sent over HTTPS (on port 443 usually) has its secure data request stripped and then sent through as normal. As you can see, the result here is that what you think is secure actually isn’t so the attacker is able to read this traffic data (including usernames and passwords) plain as day.

Thankfully, OEMs and custom ROM builders are taking notice and patching impacted devices. Along with official builds of LineageOS receiving the patches, it has also been confirmed that they will be included in Omnirom Builds as well. So, if you’re running a Nougat build of OmniROM then be sure you’re using the latest one available for your device.


Source: OmniROM Blog



from xda-developers By Doug Lynch

READ FULL ARTICLE



This post first appeared on Stack Solved, please read the originial post: here

Share the post

Starting Today, Official OmniROM Builds Include Patches for KRACK ★★ XDA DEVLOPERS FORUM ★★

×

Subscribe to Stack Solved

Get updates delivered right to your inbox!

Thank you for your subscription

×