Cyber Security

GOT(IT) #15: Intel patches impact performance, the future of WPA3, plus cryptomining through Wi-Fi

The week after the chaos, patches keep rolling and trouble keeps coming with Spectre and Meltdown’s fallout damage to computers and OS.

intel-processor.pngThe week after the chaos, patches keep rolling and trouble keeps coming with Spectre and Meltdown’s fallout damage to computers and OS.

GOT(IT) #15 Has news on two of the most important “oh-noes” in the industry: WPA2’s Wi-Fi security protocol successor, and the collateral damage after the Spectre & Meltdown exploits were revealed. But wait, there’s more! Remember the browser-based cryptomining hijack? Well, it has a brother who hijacks Wi-Fi services to secretly mine.

Intel Patches Against Processor Exploits Slow Certain PC

meltdown-spectre-logos.jpgLast week we took the chance to theme-up GOT(IT) and make a special coverage of Spectre & Meltdown. Two aggressive exploits that tackled most manufacturer’s data processing architecture; and, well, also exposed major breaches in the Kernel memory.

A week has passed and it’s time to review the real damage: what patches could fix, and what they broke. Yes, broke. From BSOD, to bricked old AMD PCs, this sudden change caused major compatibility issues of all kinds.

However, let’s focus on what caused the most fear: major slowdowns. Window has patched their Operating Systems to fight Spectre and Meltdown and reviewed the impact in this week’s Microsoft Cloudblog post.

The Executive Vice-President of the company, Terry Myerson, detailed the following:

Windows 10 computers with 2016 era CPUs won’t feel the punch, as benchmarks showed the lowest percentage decreases in performance, single digit, between 6% and 8%. What about Windows 10 computers that have older processors? Those aren’t as lucky, but still will only see light to medium performance decreases.

The real problem comes for those who still use Windows 7 and 8. According to Myerson, this spectrum will feel the impact and notice a lower performance on their systems. This happens because this old Windows versions make extense use of kernel-user transitions, as the legacy standard gave the Kernel many now user-focused tasks.


We Might See WPA3 in 2018’s Devices

wifi-1200-80.jpgWe told you at the beginning that we’re bringing some topics back to the table, like October’s WPA2 protocol fall! The Wi-Fi security protocol showed it’s first flaws last year and worried the industry since the decade-lasting standard wasn’t expected to fall anytime soon.

But let’s think of it as an incentive push towards future new technologies. Luckily, we can say the industry worked fast and effectively, because WPA3 is coming, and it promises to make its first appearances later this year.

The Wi-Fi Alliance (formed by industry giants like Apple, Microsoft, Cisco, and more) announced its future features and improvements over the predecessor. We should expect things like weak-password protection, encryption for connections in open Wi-Fi (great plus for privacy!), and a 192-bit security option that complies with the U.S. Commercial National Security Algorithm.

We might not see a mass-deployment soon, but the Alliance is working towards that: they will make WPA3 support will be required as part of the “Wi-Fi certified” mark given by their certificate. What does this mean? That 2018’s latest gadgets might start supporting it! Eager to future-proof your fleet?


CoffeeMiner hijacks Wi-Fi to Mine Cryptocurrencies


We hate malware, exploits, and all that causes trouble, but why do they always have such great names? This time it’s CoffeeMiner, an attack that forces users using public Wi-Fi networks to mine Monero.

The cryptocurrency boom continues to catch the bad guy’s attention, who strive to generate revenue opportunities out of vulnerabilities. We had browser forced mining, hidden pop-ups that hijack your CPU power, and now this!screen-shot-2018-01-08-at-10-41-12.jpgThe miner discovered on a Starbucks’ WiFi, hence the name, was then explained and proved possible by the developer and researcher Arnau Code, who did a proof of concept that confirmed the exploit.

The attacker utilizes spoof Address Resolution Protocol (ARP) messages to intercept all traffic on the public network. He then injects JavaScript code in the pages users visit with Mitmproxy, in this case, a single line of code that uses the computer to call a miner.

Once again, the miner behind this is the software CoinHive, which holds the Monero currency. This miner is served using an HTTPS server, and compiled as a single script that can be deployed through the network.

It’s a “mine-as-you-browse” attack, limited only by the amount of time a user spends scrollin’ around in the network. According to the investigation, Arnau tested it in public coffee shops, and succeeded in his attacks.


Let’s hope WPA3 comes with anti-forced-mining tech, because public networks continue to be the go-to choice of shops.

Nicolas Poggi

Nicolas Poggi is the head of mobile research at Prey, Inc., provider of the open source Prey Anti-Theft software protecting eight million mobile devices. Nic’s work explores technology innovations within the mobile marketplace, and their impact upon security. Nic also serves as Prey’s communications manager, overseeing the company’s brand and content creation. Nic is a technology and contemporary culture journalist and author, and before joining Prey held positions as head of indie coverage at TheGameFanatics, and as FM radio host and interviewer at IndieAir.