I very much appreciate the long and thoughtful response Ted Lemon.
David Koff
102

The reason I reacted the way I did is that I’ve been working on home network security in the IETF for some time; one of the arguments I always have to have with people is that they say “why do you need protocol security? the link is secure!” Nobody who is serious about network security takes this claim seriously, but it’s still widely believed.

Briefly, even without KRACK, the key is always vulnerable to compromise by malware running on any device that’s allowed to connect to the network. And some infected device is going to be allowed to connect to the network. So assuming that the link is secure is a recipe for disaster.

And that is why we don’t make that assumption. Any traffic that contains private information is expected to be encrypted. If you are using Chrome, Chrome will warn you before you submit data to the network over an unencrypted link. Remember, here the link is the TLS link, not the network link layer. So every transaction is individually protected against many attacks that a secure link layer can’t protect against. An attacker that has the WPA2 key can’t eavesdrop. If your router has been compromised, it can’t eavesdrop.

What the WPA2 key is is an inconvenience. And it’s an inconvenience even with KRACK: it raises the cost of attacking the network quite substantially.

And this is the basis for my criticism of your comparison. The risk to individuals of a security flaw like the one at Equifax, which, remember, is not an isolated occurrence, is that a single compromise affects millions of people. We see this happen time and time again, and the impact is something like six orders of magnitude worse than the impact of a similar-cost attack on WPA2. Yes, you can crack WPA2 with KRACK. Yes, if you do, you can compromise the security of a local link, and all of the vulnerable devices on that link will be easy to attack. But what are the chances that someone’s going to attack your link? If you aren’t special, they are very small: not only does the attacker need to spend the time to attack you, they also have to be physically present to attack you. So the number of people who can in principle attack you is also orders of magnitude smaller than the number who can attack Equifax over the Internet.

And that brings me to the next issue, which is that if I wanted to attack your network specifically, unless I happen to be able to drive by your house, I’m much better off finding someone who already has malware running on a machine that already has access to your local network. There’s a good chance that there’s a MIRAI bot or some other bot already on your network. So why would I waste my time driving over to your house, even if you are in the neighborhood, when I can hack you through a Tor connection and not leave any physical evidence?

The most dangerous hack since Equifax is the next hack like the Equifax hack. We don’t know about it yet, but it’s already happened. We may never actually find out about it.

It’s important to report this stuff accurately, because a lot of nonsense is being spread around about network security. People don’t have good threat models. If you’re going to write about network security, it’s best if you can improve their threat model. The reason I criticized your headline is that I think it makes a typical reader’s internal model of where their risk lies worse, not better.

One clap, two clap, three clap, forty?

By clapping more or less, you can signal to us which stories really stand out.