All replies

    • eturk

      30. Re: TM-AC1900 and KRACK WiFi vulnerability

      sorry Marrisa, you got conned by whoever you spoke with

       

      Check KRACK Attacks: Breaking WPA2 for first-hand truth about the KRACK attack they created to exposedthis vulnerability.

      "AP" mode means "access point" mode. Search for "access point" in the main page and you will see clearly that ALL modern WPA2 users are affected because of WPA2 basic security method.

       

      ALL WPA2 routers & clients are vulnerable in AP mode, the mode most of the worlds routers are in.

       

      So sad we live in an age of alternative facts

      • amc2002

        31. Re: TM-AC1900 and KRACK WiFi vulnerability

        Looks like that's Asus' official line (see GitHub link below): "Additionally, an email response from "security@asus.com" says that they are "co-working with chipset vendors for solutions and will release patched firmware for affected routers soon. If your router is RT-N12 D1, RT-N66U, RT-AC66U, RT-AC68U, RT-AC3200, RT-AC88U, RT-AC3100, RT-AC5300 or GT-AC5300 then your router is not affected by the WPA2 vulnerability in router and AP mode."

         

        SInce ours is based on the RT-AC68U, ASUS is actually claiming it's not affected. Wonder why?

         

        Link here: GitHub - kristate/krackinfo: Vendor Response Matrix for KRACK WPA2 (Key Reinstallation Attack)

        • tmo_marissa

          32. Re: TM-AC1900 and KRACK WiFi vulnerability

          eturk I definitely hope I have not been conned! amc2002 I feel like that "wonder why" is rhetorical, but thanks to the curse of interacting in a forum via text rather than in a medium where we can hear voice inflections, I feel obligated to respond even though I'm not exactly sure what was meant!   Please forgive me if this is super goofy and no reply was necessary.

          I haven't heard anything over here regarding why the router is/isn't affected, other than the info that ASUS provided originally which was passed on to me by our director who works with their products.

          On the same page as their official statement, it looks like they have an email address to contact -- if there's a concern that the information they've released to us and to other folks isn't accurate, I would definitely recommend reaching out, because I can not imagine that they want vulnerable equipment out there. If anyone does opt to do so, I would definitely be interested in hearing about the response you receive!

          In the meantime, I've forwarded the link to this thread, and the other link kindly provided below to support the general concern and ask for an update, regardless of Krack vulnerability for this product. I will keep everyone posted on any responses I receive! Thanks for staying so engaged here.

           

          - Marissa

          • snn555

            33. Re: TM-AC1900 and KRACK WiFi vulnerability

            editedpost.jpgScreenshot_2017-10-22-11-17-57.png

             

            *edited by Marissa to make the screenshot Halloween-y (and PG)

            • tmo_marissa

              34. Re: TM-AC1900 and KRACK WiFi vulnerability

              Hey, snn555 -- I'm sorry you bumped into that error, but I think you found a word that was a little too high on our site's spice-o-meter, even though I know you didn't intend anything lewd in context. I edited your screenshot, I hope that you will enjoy both the seasonal aspect and the reference to TMO Batman lore. Thank you for your sentiment, I didn't want to remove it entirely! Hopefully you don't bump into any more trouble posting anything else, but please let me know if you do. <3

               

              - Marissa

              • snn555

                35. Re: TM-AC1900 and KRACK WiFi vulnerability

                Ugh. Vulnerability. Not (bat) ability.

                 

                Also you can see the amount of space for which I have so that I can actually edit a post and in portrait mode I can't see the left in the right end and beginning and end landscape mode I can't see anything.

                 

                Capture+_2017-10-22-12-24-36.png

                Capture+_2017-10-22-12-24-57.png

                • tmo_marissa

                  36. Re: TM-AC1900 and KRACK WiFi vulnerability

                  Whoo, golly, that's a tight fit. :/ Thank you for the screen shots! I know you switched recently, what device are you using at this point?

                  • snn555

                    37. Re: TM-AC1900 and KRACK WiFi vulnerability

                    Currently I'm using my LG Stylo 3 plus with a full HD screen and 5.7 inch screen at that. However even on my iPhone 7 plus with a 5.5 screen I still have very little room to edit.

                    1 of 1 people found this helpful
                    • amc2002

                      38. Re: TM-AC1900 and KRACK WiFi vulnerability

                      Marissa, the "wonder why" wasn't rhetorical at all. I believe eturk was wrong to say you were conned by your support staff. I was posting backup for you - that this was, indeed, Asus' response to this issue.

                       

                      My "wonder why" was in reference to the fact that Asus is claiming these particular routers ARE NOT affected by the KRACK isssue. I'm curious why, since it seems almost every other WiFi router on the face of the planet is? I would love an answer from Asus actually as to why this is so, and why they claim that the  RT-AC68U is not affected by this (and therefore, neither is the TM-AC1900). But I'm sure that answer would have to come from ASUS.

                       

                      Thanks for continuing to keep us up to date on this!

                      • tmo_marissa

                        39. Re: TM-AC1900 and KRACK WiFi vulnerability

                        amc2002, I though that might be the case, but I didn't want to assume!

                        • tidbits

                          40. Re: TM-AC1900 and KRACK WiFi vulnerability

                          Honestly it's 2017 all websites should be using https://  If they are not they are not worth using, and need to evaluate their online presence.  This exploit doesn't work on https:// traffic.

                          • eturk

                            41. Re: TM-AC1900 and KRACK WiFi vulnerability

                            I'm happy to be wrong!

                             

                            my dismay/concern with T-Mo not keeping out routers patched for vulnerabilities for over 2 years leaked out.

                             

                            hopefully an app will be created to test a router for the vulnerability so a user can avoid routers before connecting.

                            Only way to be sure.

                             

                            and, what specific version Asus firmware has this patch?

                            is TM-AC1900 updated with that patch level?

                            • tidbits

                              42. Re: TM-AC1900 and KRACK WiFi vulnerability

                              eturk wrote:

                               

                              I'm happy to be wrong!

                               

                              my dismay/concern with T-Mo not keeping out routers patched for vulnerabilities for over 2 years leaked out.

                               

                              hopefully an app will be created to test a router for the vulnerability so a user can avoid routers before connecting.

                              Only way to be sure.

                               

                              and, what specific version Asus firmware has this patch?

                              is TM-AC1900 updated with that patch level?

                              If your traffic is https then you got nothing to worry about at all.  This only affect http traffic, and being 2017 all sites should already be using https.  There is no fundamental reason not to use it.  If a site isn't using https then they are not worth using this time and age.

                              • amc2002

                                43. Re: TM-AC1900 and KRACK WiFi vulnerability

                                @eturk said: "and, what specific version Asus firmware has this patch? is TM-AC1900 updated with that patch level?"

                                 

                                That's the whole point - according to ASUS, it doesn't look like the Asus branded version of this router will be patched, since Asus is claiming it doesn't have a vulnerability.

                                 

                                That said, it would be nice if the other patches came to this version. If T-Mobile has this router out in the field with their customers, it would be great if they could take their customers' privacy seriously and keep their router up-to-date and not just offer us a cell spot.

                                 

                                Since T-Mobile's coverage has gotten so much better, many of us are just using this router for a *router* now.

                                 

                                So either T-Mobile should get the firmware updated, or release us from any liability in paying for it, so we can update it with the ASUS firmware as needed.

                                • snn555

                                  44. Re: TM-AC1900 and KRACK WiFi vulnerability

                                  My coverage at home is now 4-5 bars inside. I use it as a router no Wi-Fi calling. I don't have $200 to replace with a similar quality router right now.

                                   

                                  I moved from a 1-2 bar location that was small to a better coverage area but larger dwelling.

                                  1 2 3 4 5 Previous Next