[Nottingham] WPA2 is falling

John me at johnwhitehead.co.uk
Tue Oct 17 12:05:58 UTC 2017

'Smart' TVs ? They'll just expect you to buy a new one. And that will still have a shed load of other vulnerabilities ..

Can someone get onto Virgin (other shit ISP's are available) ? Good luck with getting them to roll out a firmware update. Mind you, my ASUS AP has not been patched yet.

See y'all Thursday.


On 17 Oct 2017, 11:06, at 11:06, Jason Irwin via Nottingham <nottingham at mailman.lug.org.uk> wrote:
>On 16/10/17 14:44, Martin via Nottingham wrote:
>> On 16/10/17 11:00, Jason Irwin via Nottingham wrote:
>>> Or so it seems:
>	https://arstechnica.com/information-technology/2017/10/severe-flaw-in-wpa2-protocol-leaves-wi-fi-traffic-open-to-eavesdropping/
>>> 	https://www.alexhudson.com/2017/10/15/wpa2-broken-krack-now/
>>> 	https://www.krackattacks.com/
>> Wi-fi security flaw 'puts devices at risk of hacks'
>> http://www.bbc.co.uk/news/technology-41635516
>> Looks like a game of handshake replay to weaken or zero the WiFi
>> key.
>Updates to wpasupplicant are flowing, Lede is issuing 17.1.4 with the
>fix, OpenWRT has backported it to 15.05. So F/OSS seems to have its act
>together. MicroTik has a fix out and Ubiquiti has things in-hand too it
>When will Google, MS, Apple etc issue patches? They've had 4 months to
>get ready, more than enough time.
>Further down the criticality scale; Smart TVs etc will need patches
>I hope the major OEMs (Samsung, Panasonic etc) are on the ball.
>And what about all the IoT devices? Will the no-name OEMs release
>(I think we all know the answers). Hmm...a wireless IoT lightbulb with
>it's own DHCP server and network bridging - what could possibly go
>wrong? https://mjg59.dreamwidth.org/40397.html
>║ Jason Irwin ║ OpenPGP (GPG/PGP) Public Key: 0xD0C592B1    ║
>║             ║ Import from hkp://pgp.mit.edu>║             ║ Follow me https://social.irrwitz.com/@jason>╚═════════════╩═════════════════════════════════════════════╝
>Nottingham mailing list
>Nottingham at mailman.lug.org.uk
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.lug.org.uk/pipermail/nottingham/attachments/20171017/a194987a/attachment.html>

More information about the Nottingham mailing list