It's not a big deal because the Ars Technica summarisation is wrong. You can (and enterprise controllers do in fact) tie IPs and MACs to association IDs (8bit number per client+BSS) and thus prevent this kind of spoofing. I haven't had time to read the paper yet to check what it says on this.
Also client isolation is not considered "needed" in home/SOHO networks because this kind of attack is kinda assumed out of scope; it's not even tried to address this. "If you give people access to your wifi, they can fuck with your wifi devices." This should probably be communicated more clearly, but any claims on this attack re. home networks are junk.
you are definitely correct that it is potentially a big deal because it breaks expectation around network segmentation and isolation
however, most people will read "breaks wi-fi encryption" and assume that it means that someone can launch this attack while wardriving, which they cant.
In addition to equvinox (hey again):
In enterprise networks you should rely on 802.1x or what's also valid use case is the use of ipsec to ensure the local client connection is "safe".
I'm a co-author on the paper: I would personally not use the word break but instead bypass, to indeed clarify we can't just 'break' any network. We specifically target client isolation, which is nowadays often used, and that proved possible to bypass. If you don't rely on client/network isolation, you are safe.
iamnothere|3 days ago
eqvinox|3 days ago
Also client isolation is not considered "needed" in home/SOHO networks because this kind of attack is kinda assumed out of scope; it's not even tried to address this. "If you give people access to your wifi, they can fuck with your wifi devices." This should probably be communicated more clearly, but any claims on this attack re. home networks are junk.
john_strinlai|3 days ago
however, most people will read "breaks wi-fi encryption" and assume that it means that someone can launch this attack while wardriving, which they cant.
athrowaway3z|3 days ago
- must not be accessible because their services don't use authentication/encryption
- and share a wifi with potential attackers
is just not that large.
They exist, but the vast majority runs in places that don't care about security all that much.
This should be a signal to fix the two things I mention, not to improve their wifi/firewall security.
_bernd|3 days ago
jeffbee|3 days ago
vanhoefm|3 days ago