Jump to content
Search In
  • More options...
Find results that contain...
Find results in...
Linguica

RIP 802.11, 1997-2017

Recommended Posts

I am using ethernet anyway because my modem died and my ISP wasn't able to send me a free replacement.

Share this post


Link to post

I already use Ethernet cabling anyway mostly since it's faster and more secure, according to my Dad anyway. Hopefully nothing bad happens still, since the Internet as a whole is quite precious to me :/

Share this post


Link to post

Different hardware vendors are said to be expected to release patches soon. But the same source Linguica posted says it's a core protocol issue, so any patches at this point are workarounds at best, and that this may be a case of 'throw away your router and buy a new one.' Fucking great, that's just what I need.

 

WPA2 has been around for quite some time, has this vulnerability been there all along?

Share this post


Link to post

I primarily use ethernet for the same reasons as Cupcake -- ethernet isn't dependent upon your general area and cell reception.

Share this post


Link to post

This weakness is specifically in WPA2 security and not the broad 802.11 standard, so saying "RIP" to it is really premature and definitely not called for - as the authors of this paper have stated, this can be resolved with patches for wireless clients and may not even require new routers or access points, and many of those are patchable via firmware updates where and if required.

Share this post


Link to post

After having a night to think about this, what I'm more concerned about is not my own wifi (my wife and I hardly ever use it), but the wifi being used by people like my mom and in-laws who aren't as skilled with computer-related technology.  Essentially, the weakest of the weakest links.

Share this post


Link to post

Microsoft already released a patch. This is one time I regret not having automatic updates turned on, but at least I'm getting the patch now. From what I'm reading, Linux operating systems and Android devices (which I also have, unfortunately) are among the hardest hit by this. 

 

https://www.pcworld.com/article/3233255/windows/krack-wi-fi-attacks-shouldnt-harm-updated-windows-pcs.html

Share this post


Link to post
39 minutes ago, fraggle said:

Speak for yourself. I for one am dropping off the internet entirely and going back to copying things between computers manually using floppy disks until this is all sorted out. You can never be certain which lines the Illuminati have tapped, even in your own home. See you all in a few months, folks!

What, no IP over Avian Carrier?

Share this post


Link to post

I literally switched back to cable yesterday, because my connection started acting up when using wi-fi. And I only switched to wi-fi because my connection started acting up when using cable and I didn't care enough to investigate at the time.

 

I'm that lazy.

Share this post


Link to post
57 minutes ago, Jon said:

Debian GNU/Linux patch was out ages ago

I read that OpenBSD was apprised of the issue months ago and refused to sit on their patch and so the researchers have said that next time they just won't tell the OpenBSD people until the embargo is almost up, lol.

Share this post


Link to post
18 minutes ago, Linguica said:

I read that OpenBSD was apprised of the issue months ago and refused to sit on their patch and so the researchers have said that next time they just won't tell the OpenBSD people until the embargo is almost up, lol.

 

It's on the site in the FAQ:

 

Quote

 

Why did OpenBSD silently release a patch before the embargo?

OpenBSD was notified of the vulnerability on 15 July 2017, before CERT/CC was involved in the coordination. Quite quickly, Theo de Raadt replied and critiqued the tentative disclosure deadline: “In the open source world, if a person writes a diff and has to sit on it for a month, that is very discouraging”. Note that I wrote and included a suggested diff for OpenBSD already, and that at the time the tentative disclosure deadline was around the end of August. As a compromise, I allowed them to silently patch the vulnerability. In hindsight this was a bad decision, since others might rediscover the vulnerability by inspecting their silent patch. To avoid this problem in the future, OpenBSD will now receive vulnerability notifications closer to the end of an embargo.

 

 

Share this post


Link to post
8 minutes ago, Eric the Sandvich said:

I would use ethernet, but I don't own the router in my house! It's on the other side of the house, and I don't know any ethernet cable that extends to 15 meters.

... That's a pretty standard length for Ethernet cable. Most stores will sell that length in cat5e for like 20 bux.

Share this post


Link to post
3 hours ago, YukiRaven said:

but the wifi being used by people like my mom and in-laws who aren't as skilled with computer-related technology.  Essentially, the weakest of the weakest links.

That is the single greatest problem with technology ever since the inception of computers. Truly a terrifying circumstance.

Share this post


Link to post
59 minutes ago, Eric the Sandvich said:

I would use ethernet, but I don't own the router in my house! It's on the other side of the house, and I don't know any ethernet cable that extends to 15 meters.

Fortunately, I know how to make a proper cable and put the RJ45 connectors with the proper tools....but thing is, the location of the router and my laptop is not ideal to connect such a cable. Too much obstacles to deal between both things.

Share this post


Link to post
14 minutes ago, Nevander said:

That is the single greatest problem with technology ever since the inception of computers. Truly a terrifying circumstance.

Well, it just makes sense.  People tend to always be the weakest link in any security system ("system" in a more abstract sense here), and the people who don't have the expertise are the weakest of the weak links.

 

11 minutes ago, leodoom85 said:

Fortunately, I know how to make a proper cable and put the RJ45 connectors with the proper tools....but thing is, the location of the router and my laptop is not ideal to connect such a cable. Too much obstacles to deal between both things.

I ended up running a cable through the floor from the basement, then through two walls in my mom's house just to wire up my bedroom.  It was well worth it in the end.

Share this post


Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×