https://arstechnica.com/information...l-leaves-wi-fi-traffic-open-to-eavesdropping/
Going to be interesting to see the details of this if it’s true.
WPA2 security possibly comprised - disclosure soon.
- Thread starter antijoke
- Start date
https://arstechnica.com/information...l-leaves-wi-fi-traffic-open-to-eavesdropping/
Going to be interesting to see the details of this if it’s true.
Soldato
****+fan if true.
Why has this been moved?
Why has this been moved?
Huge indeed! holy ****
I remember when you could crack WEP in a matter of seconds with Aircrack but we had WPA/WPA2 to protect us. Now this.. there is no other alternative right now.
Obviously you will need to be in the vicinity of the connection so it's not like you are vulnerable to everyone on the net.
I remember when you could crack WEP in a matter of seconds with Aircrack but we had WPA/WPA2 to protect us. Now this.. there is no other alternative right now.
Obviously you will need to be in the vicinity of the connection so it's not like you are vulnerable to everyone on the net.
Soldato
A bit misleading but also quite worrying for gov/business. Wpa2 hasn't been cracked in the sense of wep so no getting access to your neighbours WiFi. And tbf most of the traffic between router / device is encrypted by other means on top of WPA. Ie https.
Soldato
Article.
It seems today's security is tomorrows vulnerability.
If this does prove to be true it pretty much invalidates every single WiFi router in existence! (That uses WPA2, which as far as I know is the highest level of encryption in home WiFi routers and most business WiFi as well)
It seems today's security is tomorrows vulnerability.
If this does prove to be true it pretty much invalidates every single WiFi router in existence! (That uses WPA2, which as far as I know is the highest level of encryption in home WiFi routers and most business WiFi as well)
Don
Ubiquiti have patched it in their latest 3.9.3 firmware. (Beta only right now)
Soldato
Oops! Seems you beat me to it. Just created a similar thread.
Soldato
Asus should patch it they tend to be good.
Don
Don
Makes me really happy - forced to change all of our Unifi access points for Aerohive ones by our head office, and no firmware update in sight from Aerohive.Edit:
Full disclosure site now live
https://www.krackattacks.com/
Last edited:
I already use my own VPN when connecting to insecure WiFi networks but the problem is going to be at home - I can no longer trust my own WiFi network is secure. TP-Link haven't yet responded regarding software updates, and the fact that their website and forum don't even use HTTPS doesn't give me much hope.
Soldato
- Joined
- 1 Oct 2006
- Posts
- 13,900
Not being picked up in the UniFi controller as an available upgrade at the moment, but just pushed the updates manually to my UAPs at home. The GUI then tells me there's an "upgrade" to the old FW version.
Soldato
MikroTik have announced that they are not affected by this at all.
Lots more "real" info here;
https://forum.mikrotik.com/viewtopic.php?f=21&t=126695
Lots more "real" info here;
https://forum.mikrotik.com/viewtopic.php?f=21&t=126695
Soldato
Looks like WEP's back on the menu boys!
Oh wait...
Oh wait...
Associate
Yes I checked that today but updated my Mikrotik anyway. They one of the few not effected.