This week started off rough for Android security as it was revealed that 41% of all Android devices were severely susceptible to a WPA2 vulnerability now known as KRACK. Standing for key reinstallation attack, KRACK is possible thanks to the weaknesses in the Wi-Fi standard itself and not the devices, meaning more than 41% of Android devices could be attacked as well. Still, the devices can be patched to prevent an attack and that’s what is being done right now. Yesterday we told you that current builds of LineageOS were protected from the attacks and starting today, official builds of OmniROM are as well.
For those who are unaware, we recommend you read through our initial report on KRACK and to get familiar with the vulnerability itself. The exploit first works by creating a second WiFi network using all of the attributes of the original network except this one is put on a different channel. With that done, it then attempts to force the target device to connect to it using what is called a CSA Beacon (aka Channel Switch Announcement Beacon).
Once the connection has been made, it uses a program called sslstrip to manipulate all traffic that isn’t on port 80 to port 10,000. This means that data that is normally sent over HTTPS (on port 443 usually) has its secure data request stripped and then sent through as normal. As you can see, the result here is that what you think is secure actually isn’t so the attacker is able to read this traffic data (including usernames and passwords) plain as day.
Thankfully, OEMs and custom ROM builders are taking notice and patching impacted devices. Along with official builds of LineageOS receiving the patches, it has also been confirmed that they will be included in Omnirom Builds as well. So, if you’re running a Nougat build of OmniROM then be sure you’re using the latest one available for your device.
Source: OmniROM Blog
from xda-developers By Doug Lynch
READ FULL ARTICLE