[kwlug-disc] KRACK on WPA2
Khalid Baheyeldin
kb at 2bits.com
Tue Oct 17 21:02:26 EDT 2017
John,
The Linux side of things has been solved within hours of this
vulnerability being disclosed. Packages were available, and they
were installed via the normal channels.
The issue here is not Linux, the issue is embedded devices, and
various non-Google hardware phones and tablets running Android.
These are dependent on the vendor of the phone, who historically
did not care beyond a year or two (if that, varies from brand to
brand).
As well, OpenWRT seems to have been abandoned, and LEDE is
the replacement for it.
In reality, this vulnerability can be exploited to sniff traffic that
is not otherwise encrypted (e.g. regular non-SSL HTTP traffic
to/from web sites). These are fewer than what they used to be,
but they are still there.
I'd rather have everything patched.
On 10/17/17, jekerr at sdf.org <jekerr at sdf.org> wrote:
>> How much should the world be freaking out about this?
> This is a vulnerability discovered in the lab. It has not been found in
> the wild AFAWK.
>
> Like most Linux threats, they are discovered in the lab first, and the
> everything else is a long shot as in "this could affect you if you are
> using Kernel X on a Pentium 2 and your Great Grandfather is a native of
> the Orkney mainland"
>
> Cheers
>
> John
>
>> https://www.bleepingcomputer.com/news/security/new-krack-attack-breaks-wpa2-wifi-protocol/
>>
>> and
>>
>> https://en.wikipedia.org/wiki/KRACK
>>
>> and
>>
>> https://www.krackattacks.com/
>>
>> Proximity matters of course, so I suppose we all keep an eye out for
>> strangers lurking near our homes and workplaces?
>>
>> Probably everyone here is already quite aware of this news(I am usually
>> quite late to the party) but I thought I would mention it.
>>
>> Thanks,
>>
>> Ron Singh
>> _______________________________________________
>> kwlug-disc mailing list
>> kwlug-disc at kwlug.org
>> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
>>
>
>
>
> _______________________________________________
> kwlug-disc mailing list
> kwlug-disc at kwlug.org
> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
>
--
Khalid M. Baheyeldin
2bits.com, Inc.
http://2bits.com
Drupal optimization, development, customization and consulting.
Simplicity is prerequisite for reliability. -- Edsger W.Dijkstra
Simplicity is the ultimate sophistication. -- Leonardo da Vinci
More information about the kwlug-disc
mailing list