Fwd: Basically every WiFi device just hacked?

classic Classic list List threaded Threaded
36 messages Options
12
Reply | Threaded
Open this post in threaded view
|

Fwd: Basically every WiFi device just hacked?

gregfreemyer
All,

Most WiFi routers have WEP, WPA, and WPA2.

WPA2 was the most secure and the recommendation.

No longer:

https://www.theregister.co.uk/AMP/2017/10/16/wpa2_krack_attack_security_wifi_wireless/

But WPA2 comes in a couple variants.  Does anyone know if any of them
are unaffected?

Thanks
Greg


--
--
Greg Freemyer
Advances are made by answering questions. Discoveries are made by
questioning answers.
— Bernard Haisch

--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Fwd: Basically every WiFi device just hacked?

Richard Brown
On 16 October 2017 at 15:36, Greg Freemyer <[hidden email]> wrote:

> All,
>
> Most WiFi routers have WEP, WPA, and WPA2.
>
> WPA2 was the most secure and the recommendation.
>
> No longer:
>
> https://www.theregister.co.uk/AMP/2017/10/16/wpa2_krack_attack_security_wifi_wireless/
>
> But WPA2 comes in a couple variants.  Does anyone know if any of them
> are unaffected?
>
> Thanks
> Greg

I don't know, but I do know that SUSE are working on providing us fast
updates for SLE (which Leap will get equally fast) and Tumbleweed

--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Fwd: Basically every WiFi device just hacked?

gregfreemyer
On Mon, Oct 16, 2017 at 9:43 AM, Richard Brown <[hidden email]> wrote:

> On 16 October 2017 at 15:36, Greg Freemyer <[hidden email]> wrote:
>> All,
>>
>> Most WiFi routers have WEP, WPA, and WPA2.
>>
>> WPA2 was the most secure and the recommendation.
>>
>> No longer:
>>
>> https://www.theregister.co.uk/AMP/2017/10/16/wpa2_krack_attack_security_wifi_wireless/
>>
>> But WPA2 comes in a couple variants.  Does anyone know if any of them
>> are unaffected?
>>
>> Thanks
>> Greg
>
> I don't know, but I do know that SUSE are working on providing us fast
> updates for SLE (which Leap will get equally fast) and Tumbleweed

So this may be addressable on the client end?  I hope so!

Greg

--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Fwd: Basically every WiFi device just hacked?

Andrei Borzenkov
16.10.2017 16:52, Greg Freemyer пишет:

> On Mon, Oct 16, 2017 at 9:43 AM, Richard Brown <[hidden email]> wrote:
>> On 16 October 2017 at 15:36, Greg Freemyer <[hidden email]> wrote:
>>> All,
>>>
>>> Most WiFi routers have WEP, WPA, and WPA2.
>>>
>>> WPA2 was the most secure and the recommendation.
>>>
>>> No longer:
>>>
>>> https://www.theregister.co.uk/AMP/2017/10/16/wpa2_krack_attack_security_wifi_wireless/
>>>
>>> But WPA2 comes in a couple variants.  Does anyone know if any of them
>>> are unaffected?
>>>

The weakness is in initial client-AP handshake, so I assume all variants
are affected.

>>> Thanks
>>> Greg
>>
>> I don't know, but I do know that SUSE are working on providing us fast
>> updates for SLE (which Leap will get equally fast) and Tumbleweed
>
> So this may be addressable on the client end?  I hope so!
>

If I read linked paper correctly, this *is* client vulnerability:

When a client joins a network, it executes
the 4-way handshake to negotiate a fresh session key. It will install
this key after receiving message 3 of the handshake. Once the key
is installed, it will be used to encrypt normal data frames using a
data-confidentiality protocol. However, because messages may be
lost or dropped, the Access Point (AP) will retransmit message 3 if
it did not receive an appropriate response as acknowledgment. As
a result, the client may receive message 3 multiple times. Each time
it receives this message, it will reinstall the same session key, and
thereby reset the incremental transmit packet number (nonce) and
receive replay counter used by the data-confidentiality protocol.
We show that an attacker can force these nonce resets by collecting
and replaying retransmissions of message 3. By forcing nonce reuse
in this manner, the data-confidentiality protocol can be attacked,
e.g., packets can be replayed, decrypted, and/or forged.

--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Fwd: Basically every WiFi device just hacked?

Richard Brown
In reply to this post by gregfreemyer
On 16 October 2017 at 15:52, Greg Freemyer <[hidden email]> wrote:

> On Mon, Oct 16, 2017 at 9:43 AM, Richard Brown <[hidden email]> wrote:
>> On 16 October 2017 at 15:36, Greg Freemyer <[hidden email]> wrote:
>>> All,
>>>
>>> Most WiFi routers have WEP, WPA, and WPA2.
>>>
>>> WPA2 was the most secure and the recommendation.
>>>
>>> No longer:
>>>
>>> https://www.theregister.co.uk/AMP/2017/10/16/wpa2_krack_attack_security_wifi_wireless/
>>>
>>> But WPA2 comes in a couple variants.  Does anyone know if any of them
>>> are unaffected?
>>>
>>> Thanks
>>> Greg
>>
>> I don't know, but I do know that SUSE are working on providing us fast
>> updates for SLE (which Leap will get equally fast) and Tumbleweed
>
> So this may be addressable on the client end?  I hope so!
>
> Greg

I believe for absolute safety it needs to be addressed at every end -
which is pretty scary given how many Wi-Fi devices are out there (I
just bought a new Mi-Fi at the weekend..&sigh&)

For us I know we have hostapd (for people using openSUSE as a wifi AP)
and wpa_supplicant (for clients) patches in the works

--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Fwd: Basically every WiFi device just hacked?

James Knott
In reply to this post by gregfreemyer
On 10/16/2017 09:36 AM, Greg Freemyer wrote:

> All,
>
> Most WiFi routers have WEP, WPA, and WPA2.
>
> WPA2 was the most secure and the recommendation.
>
> No longer:
>
> https://www.theregister.co.uk/AMP/2017/10/16/wpa2_krack_attack_security_wifi_wireless/
>
> But WPA2 comes in a couple variants.  Does anyone know if any of them
> are unaffected?
>
>

I don't know if this would affect Enterprise WPA2, which uses a key
server. Regardless, requiring re-entering a key should be a flag that
something's wrong.  If a key worked before, it should keep on working.

--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Fwd: Basically every WiFi device just hacked?

James Knott
In reply to this post by Richard Brown
On 10/16/2017 09:43 AM, Richard Brown wrote:
>> But WPA2 comes in a couple variants.  Does anyone know if any of them
>> > are unaffected?
>> >
>> > Thanks
>> > Greg
> I don't know, but I do know that SUSE are working on providing us fast
> updates for SLE (which Leap will get equally fast) and Tumbleweed

Would SUSE being up to date affect this?  Or is it an attack on the
access point?

--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Fwd: Basically every WiFi device just hacked?

Marcus Meissner
In reply to this post by Richard Brown
On Mon, Oct 16, 2017 at 04:05:57PM +0200, Richard Brown wrote:

> On 16 October 2017 at 15:52, Greg Freemyer <[hidden email]> wrote:
> > On Mon, Oct 16, 2017 at 9:43 AM, Richard Brown <[hidden email]> wrote:
> >> On 16 October 2017 at 15:36, Greg Freemyer <[hidden email]> wrote:
> >>> All,
> >>>
> >>> Most WiFi routers have WEP, WPA, and WPA2.
> >>>
> >>> WPA2 was the most secure and the recommendation.
> >>>
> >>> No longer:
> >>>
> >>> https://www.theregister.co.uk/AMP/2017/10/16/wpa2_krack_attack_security_wifi_wireless/
> >>>
> >>> But WPA2 comes in a couple variants.  Does anyone know if any of them
> >>> are unaffected?
> >>>
> >>> Thanks
> >>> Greg
> >>
> >> I don't know, but I do know that SUSE are working on providing us fast
> >> updates for SLE (which Leap will get equally fast) and Tumbleweed
> >
> > So this may be addressable on the client end?  I hope so!
> >
> > Greg
>
> I believe for absolute safety it needs to be addressed at every end -
> which is pretty scary given how many Wi-Fi devices are out there (I
> just bought a new Mi-Fi at the weekend..&sigh&)
>
> For us I know we have hostapd (for people using openSUSE as a wifi AP)
> and wpa_supplicant (for clients) patches in the works

As Richard writes, we will be releasing updates.

FWIW, if you behave the same with your laptop and cellphone in your own wireless networks
with WPA compared to Wireless internet cafes / hotels / trains that have unprotected wifi,
then you don't need to panic anyway.

SSL and VPN is usually to our rescue here.

Ciao, Marcus

--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Fwd: Basically every WiFi device just hacked?

Richard Brown
In reply to this post by James Knott
On 16 October 2017 at 18:18, James Knott <[hidden email]> wrote:

> On 10/16/2017 09:43 AM, Richard Brown wrote:
>>> But WPA2 comes in a couple variants.  Does anyone know if any of them
>>> > are unaffected?
>>> >
>>> > Thanks
>>> > Greg
>> I don't know, but I do know that SUSE are working on providing us fast
>> updates for SLE (which Leap will get equally fast) and Tumbleweed
>
> Would SUSE being up to date affect this?  Or is it an attack on the
> access point?

Now I've been able to read and understand the latest information

The attack is on the clients

The fixes therefore need to be delivered and applied to all client
devices. That isn't just linux machines, but any phones, IoT devices,
anything that connects to Wi-Fi and authenticates using WPA.

For example, I'm now harrassing Huawei to figure out when they'll
patch their Mobile-WiFi device I just got, because it can work as a
WiFi extender (and therefore a client to a WiFi network) in addition
to being a mobile hotspot.

So every openSUSE machine you have using wifi is vulnerable until we
get patches out. like Marcus said, treating WPA like it's insecure and
relying on SSL and VPN and such in the meanwhile is recommended

--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Fwd: Basically every WiFi device just hacked?

Tony Su
In reply to this post by James Knott
From the general description (I haven't been able to inspect a
detailed demo), it looks like a cousin to the Diffie Hellman flaw
described last year.

If so,
- All encrypted traffic including SSL/TLS, SSH, VPNs, etc should be
protected despite the researchers' suggestion that <might> also be
vulnerable. And, all User activity that involves exchanging passwords
on websites, Financial/Banking, email and other activity are covered
here.

- The other stuff about capturing, replaying and injecting content or
even false network settings is a different consideration, but if this
is not much different than what has always been possible using
aircrack-ng against WEP or WPA1, then there are practical
considerations which can make this kind of attack difficult although
possible... like...

The attacker might have to capture gigabytes of data to obtain the few
packets which contain a WPA handshake. Low activity APs might be more
vulnerable than heavily used.

Once captured, the attacker has to crack the keys. Depending on
strength and available machine resources plus method of crack (are
rainbow tables available and used?), this might take awhile

Once cracked, the keys are usable for only as long as the original
User has not yet closed his wireless session. Once the User has
disconnected, then a new session and handshake has to be cracked.

So,
Unless you're supporting a high security wireless network, I don't
think that anyone should be pressing any emergency buttons, and if you
were supporting a high security network then I'd be questioning why
you even have Wifi or not deploying WiFi that automatically rotates
new keys every few minutes.

Tony

On Mon, Oct 16, 2017 at 9:18 AM, James Knott <[hidden email]> wrote:

> On 10/16/2017 09:43 AM, Richard Brown wrote:
>>> But WPA2 comes in a couple variants.  Does anyone know if any of them
>>> > are unaffected?
>>> >
>>> > Thanks
>>> > Greg
>> I don't know, but I do know that SUSE are working on providing us fast
>> updates for SLE (which Leap will get equally fast) and Tumbleweed
>
> Would SUSE being up to date affect this?  Or is it an attack on the
> access point?
>
> --
> To unsubscribe, e-mail: [hidden email]
> To contact the owner, e-mail: [hidden email]
>

--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Fwd: Basically every WiFi device just hacked?

Tony Su
Regarding stuff like key servers,
That's not going to be affected.
Servers hold the keys for providing authentication for services, but
those keys are not generally used directly in WiFi (or at least not
the systems I know about).
Normally those keys are used to generate ephemeral (single use) keys
which are then used for handshakes.

In the case of Network Security like LDAP/AD,
Both the Server and Client have been joined to the Domain beforehand,
so each contains a "secret" that is commonly known to the two that
doesn't have to be exchanged over the network.

Tony

On Mon, Oct 16, 2017 at 9:35 AM, Tony Su <[hidden email]> wrote:

> From the general description (I haven't been able to inspect a
> detailed demo), it looks like a cousin to the Diffie Hellman flaw
> described last year.
>
> If so,
> - All encrypted traffic including SSL/TLS, SSH, VPNs, etc should be
> protected despite the researchers' suggestion that <might> also be
> vulnerable. And, all User activity that involves exchanging passwords
> on websites, Financial/Banking, email and other activity are covered
> here.
>
> - The other stuff about capturing, replaying and injecting content or
> even false network settings is a different consideration, but if this
> is not much different than what has always been possible using
> aircrack-ng against WEP or WPA1, then there are practical
> considerations which can make this kind of attack difficult although
> possible... like...
>
> The attacker might have to capture gigabytes of data to obtain the few
> packets which contain a WPA handshake. Low activity APs might be more
> vulnerable than heavily used.
>
> Once captured, the attacker has to crack the keys. Depending on
> strength and available machine resources plus method of crack (are
> rainbow tables available and used?), this might take awhile
>
> Once cracked, the keys are usable for only as long as the original
> User has not yet closed his wireless session. Once the User has
> disconnected, then a new session and handshake has to be cracked.
>
> So,
> Unless you're supporting a high security wireless network, I don't
> think that anyone should be pressing any emergency buttons, and if you
> were supporting a high security network then I'd be questioning why
> you even have Wifi or not deploying WiFi that automatically rotates
> new keys every few minutes.
>
> Tony
>
> On Mon, Oct 16, 2017 at 9:18 AM, James Knott <[hidden email]> wrote:
>> On 10/16/2017 09:43 AM, Richard Brown wrote:
>>>> But WPA2 comes in a couple variants.  Does anyone know if any of them
>>>> > are unaffected?
>>>> >
>>>> > Thanks
>>>> > Greg
>>> I don't know, but I do know that SUSE are working on providing us fast
>>> updates for SLE (which Leap will get equally fast) and Tumbleweed
>>
>> Would SUSE being up to date affect this?  Or is it an attack on the
>> access point?
>>
>> --
>> To unsubscribe, e-mail: [hidden email]
>> To contact the owner, e-mail: [hidden email]
>>

--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Fwd: Basically every WiFi device just hacked?

Tony Su
Based on the non-detailed descriptions I've read, although the
specific handshake step might be on the client side, it's not likely a
client only flaw.

It's the whole handshake, which likely means that both AP and client
need to be patched.

Tony

On Mon, Oct 16, 2017 at 9:41 AM, Tony Su <[hidden email]> wrote:

> Regarding stuff like key servers,
> That's not going to be affected.
> Servers hold the keys for providing authentication for services, but
> those keys are not generally used directly in WiFi (or at least not
> the systems I know about).
> Normally those keys are used to generate ephemeral (single use) keys
> which are then used for handshakes.
>
> In the case of Network Security like LDAP/AD,
> Both the Server and Client have been joined to the Domain beforehand,
> so each contains a "secret" that is commonly known to the two that
> doesn't have to be exchanged over the network.
>
> Tony
>
> On Mon, Oct 16, 2017 at 9:35 AM, Tony Su <[hidden email]> wrote:
>> From the general description (I haven't been able to inspect a
>> detailed demo), it looks like a cousin to the Diffie Hellman flaw
>> described last year.
>>
>> If so,
>> - All encrypted traffic including SSL/TLS, SSH, VPNs, etc should be
>> protected despite the researchers' suggestion that <might> also be
>> vulnerable. And, all User activity that involves exchanging passwords
>> on websites, Financial/Banking, email and other activity are covered
>> here.
>>
>> - The other stuff about capturing, replaying and injecting content or
>> even false network settings is a different consideration, but if this
>> is not much different than what has always been possible using
>> aircrack-ng against WEP or WPA1, then there are practical
>> considerations which can make this kind of attack difficult although
>> possible... like...
>>
>> The attacker might have to capture gigabytes of data to obtain the few
>> packets which contain a WPA handshake. Low activity APs might be more
>> vulnerable than heavily used.
>>
>> Once captured, the attacker has to crack the keys. Depending on
>> strength and available machine resources plus method of crack (are
>> rainbow tables available and used?), this might take awhile
>>
>> Once cracked, the keys are usable for only as long as the original
>> User has not yet closed his wireless session. Once the User has
>> disconnected, then a new session and handshake has to be cracked.
>>
>> So,
>> Unless you're supporting a high security wireless network, I don't
>> think that anyone should be pressing any emergency buttons, and if you
>> were supporting a high security network then I'd be questioning why
>> you even have Wifi or not deploying WiFi that automatically rotates
>> new keys every few minutes.
>>
>> Tony
>>
>> On Mon, Oct 16, 2017 at 9:18 AM, James Knott <[hidden email]> wrote:
>>> On 10/16/2017 09:43 AM, Richard Brown wrote:
>>>>> But WPA2 comes in a couple variants.  Does anyone know if any of them
>>>>> > are unaffected?
>>>>> >
>>>>> > Thanks
>>>>> > Greg
>>>> I don't know, but I do know that SUSE are working on providing us fast
>>>> updates for SLE (which Leap will get equally fast) and Tumbleweed
>>>
>>> Would SUSE being up to date affect this?  Or is it an attack on the
>>> access point?
>>>
>>> --
>>> To unsubscribe, e-mail: [hidden email]
>>> To contact the owner, e-mail: [hidden email]
>>>

--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Fwd: Basically every WiFi device just hacked?

Carlos E. R.-2
In reply to this post by Richard Brown
On 2017-10-16 18:22, Richard Brown wrote:
> On 16 October 2017 at 18:18, James Knott <> wrote:
>> On 10/16/2017 09:43 AM, Richard Brown wrote:

>
> The attack is on the clients

...

> So every openSUSE machine you have using wifi is vulnerable until we
> get patches out. like Marcus said, treating WPA like it's insecure and
> relying on SSL and VPN and such in the meanwhile is recommended

I understand that every openSUSE machine is vulnerable till every
machine in the same network is patched. Once a single one is
successfully attacked, they are in. In the network, that is.

Besides, any communication protocol that uses encryption is safe, even
if they get entry to our WiFi: ssh, https... but not, I think, smb, nfs,
most email...

--
Cheers / Saludos,

                Carlos E. R.
                (from 42.2 x86_64 "Malachite" at Telcontar)


signature.asc (188 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Fwd: Basically every WiFi device just hacked?

James Knott
On 10/16/2017 01:51 PM, Carlos E. R. wrote:
> Besides, any communication protocol that uses encryption is safe, even
> if they get entry to our WiFi: ssh, https... but not, I think, smb, nfs,
> most email...

Many email providers are moving to SSL/TLS for POP, IMAP and SMTP.


--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Fwd: Basically every WiFi device just hacked?

Carlos E. R.-2
On 2017-10-16 20:11, James Knott wrote:
> On 10/16/2017 01:51 PM, Carlos E. R. wrote:
>> Besides, any communication protocol that uses encryption is safe, even
>> if they get entry to our WiFi: ssh, https... but not, I think, smb, nfs,
>> most email...
>
> Many email providers are moving to SSL/TLS for POP, IMAP and SMTP.

Not mine.

--
Cheers / Saludos,

                Carlos E. R.
                (from 42.2 x86_64 "Malachite" at Telcontar)


signature.asc (188 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Fwd: Basically every WiFi device just hacked?

James Knott
On 10/16/2017 04:02 PM, Carlos E. R. wrote:
> On 2017-10-16 20:11, James Knott wrote:
>> On 10/16/2017 01:51 PM, Carlos E. R. wrote:
>>> Besides, any communication protocol that uses encryption is safe, even
>>> if they get entry to our WiFi: ssh, https... but not, I think, smb, nfs,
>>> most email...
>> Many email providers are moving to SSL/TLS for POP, IMAP and SMTP.
> Not mine.
>

Geez...  Spain is really behind the times.  Can you not even configure
it with your email apps?  Also, email web interfaces now use https.
Also, Google tries to favour https web sites, to encourage encryption on
the web.

I just verified my email connections on the 2 accounts I have.  Both use
SSL/TLS for IMAP and SMTP.  I also have OpenVPN configured between my
notebook computer and firewall, so I can encrypt everything .  With
this, all traffic is sent through the VPN to my home network.


--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Fwd: Basically every WiFi device just hacked?

James Knott
On 10/16/2017 04:37 PM, James Knott wrote:

>>> Many email providers are moving to SSL/TLS for POP, IMAP and SMTP.
>> > Not mine.
>> >
> Geez...  Spain is really behind the times.  Can you not even configure
> it with your email apps?  Also, email web interfaces now use https.
> Also, Google tries to favour https web sites, to encourage encryption on
> the web.
>
> I just verified my email connections on the 2 accounts I have.  Both use
> SSL/TLS for IMAP and SMTP.  I also have OpenVPN configured between my
> notebook computer and firewall, so I can encrypt everything .  With
> this, all traffic is sent through the VPN to my home network.

I just received this article:
http://www.techrepublic.com/article/dhs-orders-federal-agencies-to-bolster-cybersecurity-with-https-email-authentication/?ftag=TRE684d531&bhid=12825460

"Some 85% of consumer email inboxes in the US support DMARC, including
Gmail, Yahoo, and Microsoft accounts. But DMARC adoption rates among
government and enterprises remains low, according to the Global Cyber
Alliance."

Notice that "85% of consumer email inboxes"?  That looks like most to me.

--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Fwd: Basically every WiFi device just hacked?

gregfreemyer
In reply to this post by Marcus Meissner
Without HTML this time:

On Mon, Oct 16, 2017 at 12:18 PM, Marcus Meissner <[hidden email]> wrote:
<snip>
> As Richard writes, we will be releasing updates.
>
> FWIW, if you behave the same with your laptop and cellphone in your own wireless networks
> with WPA compared to Wireless internet cafes / hotels / trains that have unprotected wifi,
> then you don't need to panic anyway.
>
> SSL and VPN is usually to our rescue here.
>
> Ciao, Marcus

Marcus,

I think this crack is more serious than most.

If I use an open WiFi or WEP and someone performs enough packet
capture they can indeed figure out how to decrypt and monitor my
communications.  SSL and VPN indeed keep them from figuring anything
out.

But this is a full-fledged man-in-the-middle crack.  That includes
packet manipulation and injection.  Maybe not immediately, but in
short order bad actors will surely figure out how to short circuit SSL
and SSH type protections.

I imagine in a few days, we'll start to see client OS patched.
Routers seem to always take longer.

Greg

--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Fwd: Basically every WiFi device just hacked?

Carlos E. R.-2
In reply to this post by James Knott
On 2017-10-16 22:37, James Knott wrote:
> On 10/16/2017 04:02 PM, Carlos E. R. wrote:
>> On 2017-10-16 20:11, James Knott wrote:
>>> On 10/16/2017 01:51 PM, Carlos E. R. wrote:
>>>> Besides, any communication protocol that uses encryption is safe, even
>>>> if they get entry to our WiFi: ssh, https... but not, I think, smb, nfs,
>>>> most email...

(I should have said: "some email")

>>> Many email providers are moving to SSL/TLS for POP, IMAP and SMTP.
>> Not mine.
>>
>
> Geez...

I'll answer on a new thread :-)


--
Cheers / Saludos,

                Carlos E. R.
                (from 42.2 x86_64 "Malachite" at Telcontar)


signature.asc (188 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Fwd: Basically every WiFi device just hacked?

Carlos E. R.-2
In reply to this post by gregfreemyer
On 2017-10-16 23:07, Greg Freemyer wrote:
> I imagine in a few days, we'll start to see client OS patched.
> Routers seem to always take longer.

Or never, on homes. :-/

--
Cheers / Saludos,

                Carlos E. R.
                (from 42.2 x86_64 "Malachite" at Telcontar)


signature.asc (188 bytes) Download Attachment
12