MobileRead Forums - View Single Post - Troubleshooting Kindle PW vulnerable to wpa2 krack vulnerability?

haertig · 10-17-2017, 02:09 PM

For a device where you don't have much control, like a Kindle eReader, you're kind of stuck until a firmware update is released to fix the issue. But there should not be much of value that they'll be able to get off a Kindle. Unless you created an unencrypted file with all your family SSN's, passwords, etc. and put that on your Kindle and routinely upload/download it over a WiFi hotspot (why?!)

Of more concern would be a tablet or laptop. But it's pretty standard practice for folks who are security-aware, when they connect to a WiFi hotspot, they immediately establish a VPN or SSH tunnel to their home router to secure and encrypt everything (can also be used to tunnel through firewall restrictions). A WPA2 encryption flaw or other WiFi hack is not going to compromise the security of that tunneling. I'm posting to this thread through one such tunnel right now.

10-17-2017, 02:09 PM	#6
haertig Wizard Posts: 1,899 Karma: 31522252 Join Date: Sep 2017 Device: PW3, Fire HD8 Gen7, Moto G7, Sansa Clip v2, Ruizu X26	For a device where you don't have much control, like a Kindle eReader, you're kind of stuck until a firmware update is released to fix the issue. But there should not be much of value that they'll be able to get off a Kindle. Unless you created an unencrypted file with all your family SSN's, passwords, etc. and put that on your Kindle and routinely upload/download it over a WiFi hotspot (why?!) Of more concern would be a tablet or laptop. But it's pretty standard practice for folks who are security-aware, when they connect to a WiFi hotspot, they immediately establish a VPN or SSH tunnel to their home router to secure and encrypt everything (can also be used to tunnel through firewall restrictions). A WPA2 encryption flaw or other WiFi hack is not going to compromise the security of that tunneling. I'm posting to this thread through one such tunnel right now.