[kwlug-disc] KRACK on WPA2
CrankyOldBugger
crankyoldbugger at gmail.com
Wed Oct 18 14:03:36 EDT 2017
Or, in my case, which open source firmware packages support my Netgear
R7000? Seems not all of them do, which is a shame because I _really_ want
to get off of the stock firmware! And the documentation for openWRT,
Tomato, DD-WRT, etc., all seem a bit vague as to how well they support my
router...
On Wed, 18 Oct 2017 at 13:28 L.D. Paniak <ldpaniak at fourpisolutions.com>
wrote:
> Let's try again for the list...
>
> OpenWRT has patches for KRACK:
> https://github.com/openwrt/openwrt/issues/558
>
> https://github.com/openwrt/openwrt/commit/1576a0b7773a635149f48fc9efd7dea45e495a12
> OpenWRT generally does not support rolling changes to a named release.
> You need to run nightlies to get the latest bits eg.:
> https://downloads.openwrt.org/snapshots/trunk/
>
> That said, what is the best open-source supported router/access point
> these days?
>
>
> On 10/17/2017 09:02 PM, Khalid Baheyeldin wrote:
> > John,
> >
> > The Linux side of things has been solved within hours of this
> > vulnerability being disclosed. Packages were available, and they
> > were installed via the normal channels.
> >
> > The issue here is not Linux, the issue is embedded devices, and
> > various non-Google hardware phones and tablets running Android.
> > These are dependent on the vendor of the phone, who historically
> > did not care beyond a year or two (if that, varies from brand to
> > brand).
> >
> > As well, OpenWRT seems to have been abandoned, and LEDE is
> > the replacement for it.
> >
> > In reality, this vulnerability can be exploited to sniff traffic that
> > is not otherwise encrypted (e.g. regular non-SSL HTTP traffic
> > to/from web sites). These are fewer than what they used to be,
> > but they are still there.
> >
> > I'd rather have everything patched.
> >
> > On 10/17/17, jekerr at sdf.org <jekerr at sdf.org> wrote:
> >>> How much should the world be freaking out about this?
> >> This is a vulnerability discovered in the lab. It has not been found in
> >> the wild AFAWK.
> >>
> >> Like most Linux threats, they are discovered in the lab first, and the
> >> everything else is a long shot as in "this could affect you if you are
> >> using Kernel X on a Pentium 2 and your Great Grandfather is a native of
> >> the Orkney mainland"
> >>
> >> Cheers
> >>
> >> John
> >>
> >>>
> https://www.bleepingcomputer.com/news/security/new-krack-attack-breaks-wpa2-wifi-protocol/
> >>>
> >>> and
> >>>
> >>> https://en.wikipedia.org/wiki/KRACK
> >>>
> >>> and
> >>>
> >>> https://www.krackattacks.com/
> >>>
> >>> Proximity matters of course, so I suppose we all keep an eye out for
> >>> strangers lurking near our homes and workplaces?
> >>>
> >>> Probably everyone here is already quite aware of this news(I am usually
> >>> quite late to the party) but I thought I would mention it.
> >>>
> >>> Thanks,
> >>>
> >>> Ron Singh
> >>> _______________________________________________
> >>> kwlug-disc mailing list
> >>> kwlug-disc at kwlug.org
> >>> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
> >>>
> >>
> >>
> >> _______________________________________________
> >> kwlug-disc mailing list
> >> kwlug-disc at kwlug.org
> >> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
> >>
> >
>
>
> _______________________________________________
> kwlug-disc mailing list
> kwlug-disc at kwlug.org
> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20171018/7292512c/attachment.htm>
More information about the kwlug-disc
mailing list