Re: [OT] Question on the WIFI security issue Key Reinstallation Attack ("krack" attack)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, 2017-10-16 at 08:54 -0700, Jonathan Ryshpan wrote:
> I am about 97% ignorant about encryption.  However...
> 
> It seems that these attacks are directed at clients rather than
> servers.  Is this correct?  

No.

> If so, it's a good thing for me, since I use an old Belkin wireless
> router whose firmware will surely never be upgraded.

The attack is against *anything* using WPA2 encryption. The severity of
the vulnerability depends on implementation details. wpa_supplicant
(used in Linux and Android) is particularly bad. Ironically, recent
versions of Windows and IOS are less vulnerable because they implement
WPA2 incorrectly. Note that in all cases the problem is limited to
nodes sharing the same wireless access point, i.e. it's not going to
bite you over the Internet.

That said, a cursory reading of the actual paper (rather than the
rather sensational press release) shows that although there is a
problem with the protocol handshake allowing certain kinds of relay
attack, the potential issues depend on what actual (local) encryption
protocol is used after establishing the connection.

And of course using a higher-level secure protocol such as HTTPS or
OpenVPN makes all this irrelevant.

poc
_______________________________________________
users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx



[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux