This discussion topic is read only This discussion topic has been answered Discussion topic: Sky Q Hub security update

This message was authored by: MrBaconMaker · ‎12 May 2021

Hi

With the recent disclosure of new wi fi vulnerabilities, do we know when/if the sky q hub will be updated to receive this security patch?

Vulnerability here - https://www.fragattacks.com/

This message was authored by: mae-3 · ‎12 May 2021

@MrBaconMaker

The Linux kernel is primarily in the whole OS type of system when it involves client-side/AP wifi vulnerabilities, not server or router and it's with certain wifi adapters. Also, the Sky router has a transparent DNS, so you cannot hijack DNS. I could go on but have read the whole advisory and it doesn't apply to Sky's routers that get firmware patched often.

-------

Zen internet on FTTP (900Mbps down, 100Mbps up). SAT> IP (Apple 4K 2nd gen TV to LG C1 OLED UHD TV/Dolby Atmos Denon AVR, DacMagic Plus for Hi-Res audio), hosting own blog/forum (cluster), OPNsense & Zenarmor L4/L7 NGFW & DPI IDS/IPS, Asus ET12 Pro Tri-Band wifi, Linux, Gamer: Xbox Series X/i7 laptop, round-robin DNS over HTTPS, non-proprietary VoIP HD AMR-WB (G.722.2) and more... Beta tester Apple iOS/watchOS/tvOS/iPadOS/macOS.

View this Answer within the discussion

This message was authored by: mae-3 · ‎12 May 2021

@MrBaconMaker

The security vulnerabilities primarily impact client devices and most of these have been patched now, Linux systems which the Sky router is written around are not impacted.

-------

Zen internet on FTTP (900Mbps down, 100Mbps up). SAT> IP (Apple 4K 2nd gen TV to LG C1 OLED UHD TV/Dolby Atmos Denon AVR, DacMagic Plus for Hi-Res audio), hosting own blog/forum (cluster), OPNsense & Zenarmor L4/L7 NGFW & DPI IDS/IPS, Asus ET12 Pro Tri-Band wifi, Linux, Gamer: Xbox Series X/i7 laptop, round-robin DNS over HTTPS, non-proprietary VoIP HD AMR-WB (G.722.2) and more... Beta tester Apple iOS/watchOS/tvOS/iPadOS/macOS.

This message was authored by: mae-3 · ‎12 May 2021

https://www.theregister.com/2021/05/12/krack_hack_wifi/

-------

Zen internet on FTTP (900Mbps down, 100Mbps up). SAT> IP (Apple 4K 2nd gen TV to LG C1 OLED UHD TV/Dolby Atmos Denon AVR, DacMagic Plus for Hi-Res audio), hosting own blog/forum (cluster), OPNsense & Zenarmor L4/L7 NGFW & DPI IDS/IPS, Asus ET12 Pro Tri-Band wifi, Linux, Gamer: Xbox Series X/i7 laptop, round-robin DNS over HTTPS, non-proprietary VoIP HD AMR-WB (G.722.2) and more... Beta tester Apple iOS/watchOS/tvOS/iPadOS/macOS.

This message was authored by: MrBaconMaker · ‎12 May 2021

Thanks, I hadn't seen that, I was wondering if they would have been applied to the ISP provided router yet as they tend to be notoriously slow at patching (if at all!)

This message was authored by: MrBaconMaker · ‎12 May 2021

Just reading in more detail, it looks like those were patches to the Linux kernel but that doesn't mean they have yet made it downstream to routers

This message was authored by: mae-3 · ‎12 May 2021

@MrBaconMaker

The Linux kernel is primarily in the whole OS type of system when it involves client-side/AP wifi vulnerabilities, not server or router and it's with certain wifi adapters. Also, the Sky router has a transparent DNS, so you cannot hijack DNS. I could go on but have read the whole advisory and it doesn't apply to Sky's routers that get firmware patched often.

-------

Zen internet on FTTP (900Mbps down, 100Mbps up). SAT> IP (Apple 4K 2nd gen TV to LG C1 OLED UHD TV/Dolby Atmos Denon AVR, DacMagic Plus for Hi-Res audio), hosting own blog/forum (cluster), OPNsense & Zenarmor L4/L7 NGFW & DPI IDS/IPS, Asus ET12 Pro Tri-Band wifi, Linux, Gamer: Xbox Series X/i7 laptop, round-robin DNS over HTTPS, non-proprietary VoIP HD AMR-WB (G.722.2) and more... Beta tester Apple iOS/watchOS/tvOS/iPadOS/macOS.

This message was authored by: MrBaconMaker · ‎12 May 2021

Thanks, as long as the hubs get frequent updates I'm happy as I'm sure they will get any patches soon.

This message was authored by: mae-3 · ‎12 May 2021

https://www.fragattacks.com/#details

Because Sky routers use a DNS transparent proxy DNS cannot be poisoned, so it does not impact Sky routers drastically or more accurately it's mitigated!

-------

Zen internet on FTTP (900Mbps down, 100Mbps up). SAT> IP (Apple 4K 2nd gen TV to LG C1 OLED UHD TV/Dolby Atmos Denon AVR, DacMagic Plus for Hi-Res audio), hosting own blog/forum (cluster), OPNsense & Zenarmor L4/L7 NGFW & DPI IDS/IPS, Asus ET12 Pro Tri-Band wifi, Linux, Gamer: Xbox Series X/i7 laptop, round-robin DNS over HTTPS, non-proprietary VoIP HD AMR-WB (G.722.2) and more... Beta tester Apple iOS/watchOS/tvOS/iPadOS/macOS.

This page has been archived

This discussion topic is read only This discussion topic has been answered Discussion topic: Sky Q Hub security update

Sky Q Hub security update

Re: Sky Q Hub security update

All Replies

Re: Sky Q Hub security update

Re: Sky Q Hub security update

Re: Sky Q Hub security update

Re: Sky Q Hub security update

Re: Sky Q Hub security update

Re: Sky Q Hub security update

Re: Sky Q Hub security update

Was this discussion not helpful?

Search Sky Community

Start a new discussion