Remove ads, unlock a dark mode theme, and get other perks by upgrading your account. Experience the website the way it's meant to be.

Serious Flaw in WPA2 Protocol

Discussion in 'Article Discussion' started by Melody Bot, Oct 16, 2017.

  1. Melody Bot

    Your friendly little forum bot. Staff Member

    This article has been imported from chorus.fm for discussion. All of the forum rules still apply.

    Dan Goodin, writing for Ars Technica:


    Researchers have disclosed a serious weakness in the WPA2 protocol that allows attackers within range of vulnerable device or access point to intercept passwords, e-mails, and other data presumed to be encrypted, and in some cases, to inject ransomware or other malicious content into a website a client is visiting.

    The proof-of-concept exploit is called KRACK, short for Key Reinstallation Attacks.

    This is bad.

    Rene Ritchie, writing for iMore:


    Apple has confirmed to me that the KRACK exploit has already been patched in iOS, tvOS, watchOS, and macOS betas. As soon as the updates leave beta, they’ll be pushed out to everyone. We’ll have to wait and see how fast other manufacturers are to respond, and how many of our connected devices receive updates.

     
  2. lightning

    *

    Uhhhhh
     
  3. CyberInferno

    Line below my username Supporter

    This makes for a really shitty day when you're a Systems Administrator.

    Upgrade all our wireless AP's.
    Deploy upgrades to all of our laptops with a deadline of Friday (since we need to deploy last week's updates from Microsoft—we normally give people two weeks to install)
    If you're on iOS, you should have an update soon. Install that.
    If you're on Android, you're fucked. Turn off wifi discovery and pray.
    Send email trying to explain all this crap to everyone.
     
    Jason Tate likes this.
  4. I feel for you.
     
    CyberInferno likes this.
  5. Shrek

    can't be made fun of Prestigious

    here's the key: be an overcharged spectrum customer where the internet never works anyways

    [​IMG]
     
  6. CyberInferno

    Line below my username Supporter

    Hmm...you might be onto something there. Your devices might be susceptible to snooping via KRACK, but if your internet doesn't work, they're not picking up any of your traffic anyway! So no internet use = safe! Let's shut down the internet!
     
    electro haikus likes this.