[Nottingham] WPA2 is falling
John
me at johnwhitehead.co.uk
Tue Oct 17 12:05:58 UTC 2017
'Smart' TVs ? They'll just expect you to buy a new one. And that will still have a shed load of other vulnerabilities ..
Can someone get onto Virgin (other shit ISP's are available) ? Good luck with getting them to roll out a firmware update. Mind you, my ASUS AP has not been patched yet.
See y'all Thursday.
John
On 17 Oct 2017, 11:06, at 11:06, Jason Irwin via Nottingham <nottingham at mailman.lug.org.uk> wrote:
>On 16/10/17 14:44, Martin via Nottingham wrote:
>> On 16/10/17 11:00, Jason Irwin via Nottingham wrote:
>>> Or so it seems:
>>>
> https://arstechnica.com/information-technology/2017/10/severe-flaw-in-wpa2-protocol-leaves-wi-fi-traffic-open-to-eavesdropping/
>>> https://www.alexhudson.com/2017/10/15/wpa2-broken-krack-now/
>>> https://www.krackattacks.com/
>> Wi-fi security flaw 'puts devices at risk of hacks'
>> http://www.bbc.co.uk/news/technology-41635516
>>
>> Looks like a game of handshake replay to weaken or zero the WiFi
>session
>> key.
>
>Updates to wpasupplicant are flowing, Lede is issuing 17.1.4 with the
>fix, OpenWRT has backported it to 15.05. So F/OSS seems to have its act
>together. MicroTik has a fix out and Ubiquiti has things in-hand too it
>seems.
>
>When will Google, MS, Apple etc issue patches? They've had 4 months to
>get ready, more than enough time.
>
>Further down the criticality scale; Smart TVs etc will need patches
>too,
>I hope the major OEMs (Samsung, Panasonic etc) are on the ball.
>
>And what about all the IoT devices? Will the no-name OEMs release
>fixes?
>(I think we all know the answers). Hmm...a wireless IoT lightbulb with
>it's own DHCP server and network bridging - what could possibly go
>wrong? https://mjg59.dreamwidth.org/40397.html
>
>--
>╔═════════════╦═════════════════════════════════════════════╗
>║ Jason Irwin ║ OpenPGP (GPG/PGP) Public Key: 0xD0C592B1 ║
>║ ║ Import from hkp://pgp.mit.edu ║
>║ ║ Follow me https://social.irrwitz.com/@jason ║
>╚═════════════╩═════════════════════════════════════════════╝
>
>--
>Nottingham mailing list
>Nottingham at mailman.lug.org.uk
>https://mailman.lug.org.uk/mailman/listinfo/nottingham
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.lug.org.uk/pipermail/nottingham/attachments/20171017/a194987a/attachment.html>
More information about the Nottingham
mailing list