1 2 3 Previous Next

TM-AC1900 and KRACK WiFi vulnerability

alager12345

    Is there going to be a firmware update to protect against KRACK WiFi vulnerability attack vector?

     

    Here’s what you can do to protect yourself from the KRACK WiFi vulnerability | TechCrunch

     

    Thanks,

    Aaron

      All replies

      • someone@somewhere

        I am interested on when a fix will be provided for this and from who?  Part of the problem is that the firmware on the TM version of the AC68U router is usually behind anyway.  The most recent version for the ASUS regular model is 3.0.0.4.380.7743 which contains some very important fixes that the TM router at version 3.0.0.4.376_3181-g247286a doesn't even have.  Even if Asus was to provide a fix for their regular commercial version of the router, how long will it take to come to the TM version?

         

        On an unrelated topic can someone tell me who thought it was a good idea to have the default communication to the management console of the router to go over HTTP and not HTTPS?  Having my password going over the network in cleartext almost gave me a heart attack.

        • snn555

          Tmobile will contact Asus if tmobile wants an update. Tmobile states Asus is responsible and that tmobile is only responsible for the initial configuration for Wi-Fi calling.

           

          We need to talk to Asus about this. But this router is very old a d Asus rarely updates it. Its still a possibility though even if the waters are muddy as to actually whonis running this show.

           

          There are several threads about this router and @Tmo_Chris has weighed in on tmobiles stance.

          1 of 1 people found this helpful
          • snn555

            3. Re: TM-AC1900 and KRACK WiFi vulnerability

            1 of 1 people found this helpful
            • tmo_marissa

              4. Re: TM-AC1900 and KRACK WiFi vulnerability

              Hey, alager12345 and someone@somewhere! Welcome, and thank you for calling this out. Your WiFi security and privacy are super important! We've passed this up the chain and are working on getting some concrete information. We will share what we hear back as soon as possible! Thank you so much again.

               

              - Marissa

              • tmo_marissa

                5. Re: TM-AC1900 and KRACK WiFi vulnerability

                OK, folks. So the response was pretty swift!


                Device manufacturers are developing and rolling out patches for this WPA2 protocol vulnerability. While we don't have timelines to offer, we do want to stress that we take security seriously, and we have a few suggestions and details to bear in mind in the interim. It's important to note that this vulnerability only affects WiFi routers and connected devices through 802.11, and attackers would need to be within Wi-Fi range to take advantage of this vulnerability. If Wi-Fi is disabled on your device, there is no issue. While manufacturers are developing patches, here are some suggestions for avoiding the threat (many of which are outlined in the article linked in the original post, but for the benefit of those who haven't read):

                 

                • Don't use public Wi-Fi
                • Update devices with the latest software or turn on auto updates if optional. Since we can't say which equipment will receive updates first; it's important that all equipment be updated as soon as patches are available.
                • When possible, connect over encrypted channels such as HTTPS or VPN.
                • Use a wired connection if that's an option.

                 

                If we hear more, we'll continue updating here!

                 

                - Marissa

                • magenta2912235

                  Thanks for responding so quickly! Hopefully ASUS is on the ball and gets an update out soon -- I imagine there's a lot of customers out there running with this router.

                  • sohmageek3

                    7. Re: TM-AC1900 and KRACK WiFi vulnerability

                    Thanks Marissa,  I too am a little concerned that the firmware for the router is behind of the retail non-T-Mobile Branded version.  I'm hoping this can get patched pretty quickly, But I'm also worried that I may end up replacing it before the patch can be issued.  I'm realizing how many devices my family uses with Wifi.  Some only have wifi others can be used via a wired connection.

                     

                    Thanks again!

                    • tmo_marissa

                      8. Re: TM-AC1900 and KRACK WiFi vulnerability

                      I hear you! I honestly hadn't thought about exactly how many of our devices are connected via WiFi until this broke yesterday (whether that's naive or not, it's certainly the truth and I suppose a natural casualty of modern living). Streaming sticks, an Alexa device, a Roku TV, our family computer (nowhere near our router, of course), a tablet, laptops, and our phones. I don't know how normal this is for three generations under one roof, but it definitely doesn't seem abnormal in 2017 -- maybe I'm living in a tech industry bubble, but we are a very connected family.
                      All that said, our family's plan is to just keep updating all of our equipment as frequently as possible, since that's essentially the best plan of defense at this point. FWIW, if you're thinking of replacing your router *but* still in need of a coverage solution for in-home service, one of our internal teams could work to facilitate the return of the router and sending a 4G LTE CellSpot instead if your circumstances meet the technical requirements outlined on that page.

                      We don't have any new news about the ASUS router this morning, but as we hear of anything, we will definitely share.

                       

                      - Marissa

                      • eturk

                        9. Re: TM-AC1900 and KRACK WiFi vulnerability

                        most recent TM-AC1900 firmware is 3.0.0.4.376_3181-g247286a

                        seems that was from Jan 2015

                        many security vulnerabilities in almost 3 years have been patched by Asus but t-mo router stopped getting the patches

                         

                        we hope to see T-mo & Asus working together again & keeping this router updated

                        • doc2480

                          10. Re: TM-AC1900 and KRACK WiFi vulnerability

                          I don't have a router through T-mobile, but I am wondering if T-mobile will be patching Android phones on November 6th to coincide with Googles timeline on fixing the KRACK vulnerability for Android.

                           

                          Microsoft already has a fix for that severe WiFi security exploit (updated)

                          • theothernguyen

                            11. Re: TM-AC1900 and KRACK WiFi vulnerability

                            yeah. the equivalent to the TM-AC1900 is the Asus branded RT-AC68U which has Version 3.0.0.4.380.7743 last updated 2017/06/16... I don't think the rebranded TM-AC1900 has been getting any firmware updates at all seems like ever since release...

                             

                             

                            I am getting very tempted to just flash the firmware from TM-AC1900 to RT-AC68U or to a DD-WRT version so I can get the security firmware updates/patches..... hmmmm

                            • amc2002

                              12. Re: TM-AC1900 and KRACK WiFi vulnerability

                              I think that's what I'm going to do this weekend. I would imagine ASUS is much more apt to have an update soon.  I don't imagine it's a priority for T-Mobile.

                              • snn555

                                13. Re: TM-AC1900 and KRACK WiFi vulnerability

                                Flashing Merlin or DD WRT will void your warranty and remember.....Tmobile owns these routers.

                                 

                                That said I have FW 3.0.0.4.376_3181

                                • snn555

                                  14. Re: TM-AC1900 and KRACK WiFi vulnerability

                                  I don't even have FW as new as theothernhuyen

                                  1 2 3 Previous Next