Troubleshooting Kindle PW vulnerable to wpa2 krack vulnerability?

Eagle Reader · 10-17-2017, 10:48 AM

Hi everyone,

I have a Kindle PW2 (wifi only) purchased in mid 2014, not jail broken. firmware 5.8.10.

Yesterday I was reading about the WPA2 "krack" vulnerability that is supposed to affect any device that uses wifi, see for example:

https://www.krackattacks.com/

https://arstechnica.com/information-...eavesdropping/

Perhaps too soon for an answer, but I thought I'd throw it out here as you are a kindle forum. I think that Kindle PW's are akin to a usb flash drive and probably are not susceptible to most malware. However, having read that this wi-fi WPA2 "krack" vulnerability is supposed to affect any device with wifi, including kindles, I am somewhat concerned. My questions is does anyone here know if Kindle Paper Whites are affected by the WPA2 krack vulnerability? And if so, is Amazon likely to provide a patch in a later firmware update (perhaps not the 5.8.11).

I mostly use my PW for reading. I do use the experimental browser to connect to some National Weather Service sites, a forum, and perhaps other non-graphic sites.

No patches yet for my ISP supplied router, not sure if it will be patched. But know how to reach out to my internet provider on that one.

Thanks!

knc1 · 10-17-2017, 11:44 AM

Amazon was notified Aug 28th, 2017
https://www.kb.cert.org/vuls/byvendo...&SearchOrder=4

You will need to contact Amazon about what they are doing and/or what you should do about it.

Kindles where never intended to be a secure platform.
There should not be anything worth having on one of them.
If you do have sensitive material on your Kindle or use your Kindle to communicate sensitive material - The solution is very simple:
Don't do that, just go read a (non-classified) book.

Eagle Reader · 10-17-2017, 12:43 PM

knc1, thanks for the link saying that Amazon was notified on Aug 28th, and thanks for the reminder that kindles where never intended to be a secure platform. No sensitive material and I don't use my kindle to communicate sensitive material. Non-classified books only. <LOL>. Might contact Amazon later.

ottdmk · 10-17-2017, 12:55 PM

Where I would be nervous about krack and an e-reader is this: account information. If an attacker could force (in this case) kindle<->Amazon authentication information into the clear, I would be unhappy about that.

knc1 · 10-17-2017, 01:18 PM

Quote:

Originally Posted by ottdmk

Where I would be nervous about krack and an e-reader is this: account information. If an attacker could force (in this case) kindle<->Amazon authentication information into the clear, I would be unhappy about that.

They will have to break TLS first.
The connection is https before it gets on the air.

haertig · 10-17-2017, 02:09 PM

For a device where you don't have much control, like a Kindle eReader, you're kind of stuck until a firmware update is released to fix the issue. But there should not be much of value that they'll be able to get off a Kindle. Unless you created an unencrypted file with all your family SSN's, passwords, etc. and put that on your Kindle and routinely upload/download it over a WiFi hotspot (why?!)

Of more concern would be a tablet or laptop. But it's pretty standard practice for folks who are security-aware, when they connect to a WiFi hotspot, they immediately establish a VPN or SSH tunnel to their home router to secure and encrypt everything (can also be used to tunnel through firewall restrictions). A WPA2 encryption flaw or other WiFi hack is not going to compromise the security of that tunneling. I'm posting to this thread through one such tunnel right now.

knc1 · 10-17-2017, 04:15 PM

Quote:

Originally Posted by haertig

For a device where you don't have much control, like a Kindle eReader, you're kind of stuck until a firmware update is released to fix the issue. But there should not be much of value that they'll be able to get off a Kindle. Unless you created an unencrypted file with all your family SSN's, passwords, etc. and put that on your Kindle and routinely upload/download it over a WiFi hotspot (why?!)

Of more concern would be a tablet or laptop. But it's pretty standard practice for folks who are security-aware, when they connect to a WiFi hotspot, they immediately establish a VPN or SSH tunnel to their home router to secure and encrypt everything (can also be used to tunnel through firewall restrictions). A WPA2 encryption flaw or other WiFi hack is not going to compromise the security of that tunneling. I'm posting to this thread through one such tunnel right now.

Do you have a VPN client for the Kindles?
are you willing to share?

Or
If using an ssh tunnel *, are you willing to write it up for the Developer's sub-forum here?

(*) The touchscreen Kindles already have the required software pre-installed.

haertig · 10-18-2017, 09:58 PM

Quote:

Originally Posted by knc1

Do you have a VPN client for the Kindles?
are you willing to share?

I have a client for the Kindle Fire tablet, but not for the Kindle eReader. If I did have one for the eReader, I'd be happy to share. I do have a workaround though (read about that below).

You can get the client (free) for a Kindle Fire from Google Play:

https://play.google.com/store/apps/d...penvpn.openvpn

OpenVPN client is also available from the Kindle Store, but you have to pay for it there (cheap, but still, free on Google is better!)

And I connect to an OpenVPN server that runs on my router, an ASUS RT-N66U running third party firmware, specific firmware: Tomato Firmware 1.28.0000 MIPSR2-124 K26AC USB AIO-64K This is not the newest version of Tomato Shibby, but I only upgrade firmware if it fixes a bug that affects me, or adds new features that I want. Otherwise, "stable, and meets my needs" keeps me running my existing firmware, no need to upgrade and risk instability or problems.

Workaround:
---
When I am away from home, in a hotel or something, I use my Linux laptop (which also has OpenVPN client installed) to connect to the hotel WiFi and establish a VPN to my home router. Then I use a USB dongle to add a second WiFi to my laptop, this second one operating as an access point, not a client. Then all my other devices connect to this second WiFi hotspot provided by my laptop, which then bridges this second hotspot's network to the VPN. So all my devices end up connected to my home network.

I do this for (1) Security, (2) Convenience of being able to access all my stuff at home, and (3) To overcome certain hotel's restrictions that only allow one device per customer to connect to their WiFi at a time. One of my "other devices" happens to be a Roku streaming device that I plug into the hotels TV via HDMI, then the Roku connects to my laptop hotspot and streams movies from my home Plex Media Server over the VPN. I can access Plex without needing a VPN, but this requires me to go through one of the Plex (the company) servers. I don't like bouncing through third party servers, so I prefer using my VPN so everything acts as if it's local to my home network. This will include my Kindle in the future, but it's so new that I haven't been out of town with it yet. However, I know it will work connected to my laptop hotspot.

I also run a second VPN on my home router. This second one is a routed VPN, rather than the bridged VPN I personally use. The routed one allows me to easily use the routers iptables to control access to services. So I distribute certificates to my kids and other family members and set up very specific firewall rules (based on each certificate - the rules can be different for different VPN client certs). So I can, for example, let my kids in over the second VPN and ONLY give them access to Plex, and shortly, to the Calibre content server. But keep them from being able to SSH into my other computers, access the router, send something to the printers, etc.

Eagle Reader · 10-19-2017, 08:36 AM

Haertig, thanks for the info on the VPN clients, much appreciated!

FYI, for those who are interested, in an article on bleeping computer, an amazon spokesperson is quoted as follows:

An Amazon Spokesperson responded to our inquiry with "We are in the process of reviewing which of our devices may contain this vulnerability and will be issuing patches where needed.".

knc1 · 10-19-2017, 10:42 AM

Your "second" Wifi on the laptop is still vulnerable between the device and the dongle on the laptop.
You had better wrap your entire hotel room in tin foil.
OR
Just don't have any sensitive material on your Kindle.

It is a simple case of:
Patent: Doctor, doctor, it hurts when I do this!
Doctor: So don't do that.

haertig · 10-19-2017, 11:32 AM

Quote:

Originally Posted by knc1

Your "second" Wifi on the laptop is still vulnerable between the device and the dongle on the laptop.

You're right. As I understand this vulnerability, it is eavesdropping only. Not a way to gain unauthorized access (login) to a WiFi network.

All my sensitive stuff is on the laptop itself, and that would be protected by the VPN. The devices that connect to the second WiFi hotspot are things like my Roku, Kindle eReader, etc., that don't contain sensitive stuff. The Kindle Fire could potentially have sensitive info on it, but that device can initiate it's own VPN if needed, thus protected. If someone eavesdrops on an eBook being downloaded to my eReader or a movie being streamed to my Roku, that doesn't bother me. Although, part of the Kindle eReader connection process might include transmitting a login/password or some other sensitive credentials. I would guess that the Kindle might transmit this "in the clear", although it shouldn't. If these credentials are not encrypted on the Kindle itself, then there is your security hole again - front and center.

Maybe I should build myself a Faraday cage to crawl into so I can cloak myself when reading eBooks!

knc1 · 10-19-2017, 11:51 AM

Quote:

Originally Posted by haertig

You're right. As I understand this vulnerability, it is eavesdropping only. Not a way to gain unauthorized access (login) to a WiFi network.

All my sensitive stuff is on the laptop itself, and that would be protected by the VPN. The devices that connect to the second WiFi hotspot are things like my Roku, Kindle eReader, etc., that don't contain sensitive stuff. The Kindle Fire could potentially have sensitive info on it, but that device can initiate it's own VPN if needed, thus protected. If someone eavesdrops on an eBook being downloaded to my eReader or a movie being streamed to my Roku, that doesn't bother me. Although, part of the Kindle eReader connection process might include transmitting a login/password or some other sensitive credentials. I would guess that the Kindle might transmit this "in the clear", although it shouldn't. If these credentials are not encrypted on the Kindle itself, then there is your security hole again - front and center.

Maybe I should build myself a Faraday cage to crawl into so I can cloak myself when reading eBooks!

The Kindle (what you call an e-reader) uses encryption independent of the transmission media.

Run WireShark on your laptop, and while displaying the connections from the Kindle, press "store" to go shopping.
Or search ...
or ...

Its only 2048 bit RSA, so let me know when you break that and we can put up more specific directions than:
"Don't worry about it."

haertig · 10-19-2017, 11:59 AM

Quote:

Originally Posted by knc1

The Kindle (what you call an e-reader) uses encryption independent of the transmission media.

If that's the case, why is there any worry about this WPA2 vulnerability? Or is this encryption only used during login, and not routine transmission (downloading books)? But the DRM on eBooks would serve as effective encryption.

Or is this WPA2 vulnerability more than just the simple eavesdropping case that I'm assuming?

I've been saying "eReader" to distinguish my Kindle PaperWhite from my Kindle Fire. But I guess on these forums, it must be understood that "Kindle" means "eReader" and "Fire" means "tablet". I'll try to remember to use only "Kindle" from now on.

ElspethB · 10-19-2017, 01:19 PM

Quote:

I've been saying "eReader" to distinguish my Kindle PaperWhite from my Kindle Fire. But I guess on these forums, it must be understood that "Kindle" means "eReader" and "Fire" means "tablet". I'll try to remember to use only "Kindle" from now on.

Not only on these forums. Amazon dropped the "Kindle" from the name of the Fire tablet several years ago.

haertig · 10-19-2017, 04:21 PM

Quote:

Originally Posted by ElspethB

Not only on these forums. Amazon dropped the "Kindle" from the name of the Fire tablet several years ago.

I've only had my Fire for three months, and my Kindle for one week. So now I know. Thanks!

10-17-2017, 10:48 AM	#1
Eagle Reader Connoisseur Posts: 53 Karma: 10000 Join Date: Apr 2016 Location: Mid-Atlantic USA Device: Kindle PW2	Kindle PW vulnerable to wpa2 krack vulnerability? Hi everyone, I have a Kindle PW2 (wifi only) purchased in mid 2014, not jail broken. firmware 5.8.10. Yesterday I was reading about the WPA2 "krack" vulnerability that is supposed to affect any device that uses wifi, see for example: https://www.krackattacks.com/ https://arstechnica.com/information-...eavesdropping/ Perhaps too soon for an answer, but I thought I'd throw it out here as you are a kindle forum. I think that Kindle PW's are akin to a usb flash drive and probably are not susceptible to most malware. However, having read that this wi-fi WPA2 "krack" vulnerability is supposed to affect any device with wifi, including kindles, I am somewhat concerned. My questions is does anyone here know if Kindle Paper Whites are affected by the WPA2 krack vulnerability? And if so, is Amazon likely to provide a patch in a later firmware update (perhaps not the 5.8.11). I mostly use my PW for reading. I do use the experimental browser to connect to some National Weather Service sites, a forum, and perhaps other non-graphic sites. No patches yet for my ISP supplied router, not sure if it will be patched. But know how to reach out to my internet provider on that one. Thanks!

10-17-2017, 12:43 PM	#3
Eagle Reader Connoisseur Posts: 53 Karma: 10000 Join Date: Apr 2016 Location: Mid-Atlantic USA Device: Kindle PW2	knc1, thanks for the link saying that Amazon was notified on Aug 28th, and thanks for the reminder that kindles where never intended to be a secure platform. No sensitive material and I don't use my kindle to communicate sensitive material. Non-classified books only. <LOL>. Might contact Amazon later. Last edited by Eagle Reader; 10-17-2017 at 03:03 PM.

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
Free (Kindle/Kobo/DRM-free) Vulnerable by Amy Lane [LGBT Urban Fantasy w/Romance]	ATDrake	Deals and Resources (No Self-Promotion or Affiliate Links)	0	06-09-2017 07:04 AM
Kindle 3 doesn't support WPA2?	WilliamG	Amazon Kindle	47	12-17-2011 11:29 PM
Free (Kindle) WHEN THE EAGLE SCREAMS - America's Vulnerability to Terrorism	arcadata	Deals and Resources (No Self-Promotion or Affiliate Links)	0	09-01-2011 11:23 PM

10-17-2017, 11:44 AM	#2
knc1 Going Viral Posts: 17,212 Karma: 18210809 Join Date: Feb 2012 Location: Central Texas Device: No K1, PW2, KV, KOA	Amazon was notified Aug 28th, 2017 https://www.kb.cert.org/vuls/byvendo...&SearchOrder=4 You will need to contact Amazon about what they are doing and/or what you should do about it. Kindles where never intended to be a secure platform. There should not be anything worth having on one of them. If you do have sensitive material on your Kindle or use your Kindle to communicate sensitive material - The solution is very simple: Don't do that, just go read a (non-classified) book.

10-17-2017, 12:55 PM	#4
ottdmk Wizard Posts: 1,220 Karma: 3804496 Join Date: Feb 2012 Location: Ottawa, Ontario, Canada Device: Kobo Libra 2, Lenovo Tab M10 FHD Plus, Lenovo Tab M9	Where I would be nervous about krack and an e-reader is this: account information. If an attacker could force (in this case) kindle<->Amazon authentication information into the clear, I would be unhappy about that.

10-17-2017, 02:09 PM	#6
haertig Wizard Posts: 1,893 Karma: 31522252 Join Date: Sep 2017 Device: PW3, Fire HD8 Gen7, Moto G7, Sansa Clip v2, Ruizu X26	For a device where you don't have much control, like a Kindle eReader, you're kind of stuck until a firmware update is released to fix the issue. But there should not be much of value that they'll be able to get off a Kindle. Unless you created an unencrypted file with all your family SSN's, passwords, etc. and put that on your Kindle and routinely upload/download it over a WiFi hotspot (why?!) Of more concern would be a tablet or laptop. But it's pretty standard practice for folks who are security-aware, when they connect to a WiFi hotspot, they immediately establish a VPN or SSH tunnel to their home router to secure and encrypt everything (can also be used to tunnel through firewall restrictions). A WPA2 encryption flaw or other WiFi hack is not going to compromise the security of that tunneling. I'm posting to this thread through one such tunnel right now.

10-19-2017, 08:36 AM	#9
Eagle Reader Connoisseur Posts: 53 Karma: 10000 Join Date: Apr 2016 Location: Mid-Atlantic USA Device: Kindle PW2	Haertig, thanks for the info on the VPN clients, much appreciated! FYI, for those who are interested, in an article on bleeping computer, an amazon spokesperson is quoted as follows: An Amazon Spokesperson responded to our inquiry with "We are in the process of reviewing which of our devices may contain this vulnerability and will be issuing patches where needed.".

10-19-2017, 10:42 AM	#10
knc1 Going Viral Posts: 17,212 Karma: 18210809 Join Date: Feb 2012 Location: Central Texas Device: No K1, PW2, KV, KOA	Your "second" Wifi on the laptop is still vulnerable between the device and the dongle on the laptop. You had better wrap your entire hotel room in tin foil. OR Just don't have any sensitive material on your Kindle. It is a simple case of: Patent: Doctor, doctor, it hurts when I do this! Doctor: So don't do that.

Advert

Advert