Linguica Posted October 16, 2017 (edited) Whispers are going around that a bad WPA2 vulnerability is going to be revealed tomorrow morning that has the potential to make basically all wifi networks effectively unencrypted. So this thread is to remember the good times before we all had to revert to ethernet cables again. We had a good run ;_; Edited October 16, 2017 by Linguica 19 Share this post Link to post
Nevander Posted October 16, 2017 That feel when I'm still using ethernet cables because I am living in the 90s. 6 Share this post Link to post
Avoozl Posted October 16, 2017 I am using ethernet anyway because my modem died and my ISP wasn't able to send me a free replacement. 0 Share this post Link to post
Remilia Scarlet Posted October 16, 2017 I use ethernet anyway, wifi is too slow for my tastes. 5 Share this post Link to post
GarrettChan Posted October 16, 2017 Oh god, should I go out and buy cables now? 0 Share this post Link to post
SuperCupcakeTactics Posted October 16, 2017 (edited) I already use Ethernet cabling anyway mostly since it's faster and more secure, according to my Dad anyway. Hopefully nothing bad happens still, since the Internet as a whole is quite precious to me :/ 2 Share this post Link to post
Caffeine Freak Posted October 16, 2017 Different hardware vendors are said to be expected to release patches soon. But the same source Linguica posted says it's a core protocol issue, so any patches at this point are workarounds at best, and that this may be a case of 'throw away your router and buy a new one.' Fucking great, that's just what I need. WPA2 has been around for quite some time, has this vulnerability been there all along? 0 Share this post Link to post
Dravencour Posted October 16, 2017 I primarily use ethernet for the same reasons as Cupcake -- ethernet isn't dependent upon your general area and cell reception. 0 Share this post Link to post
Teivman Posted October 16, 2017 (edited) Is this everywhere or is it only in the U Edited October 16, 2017 by MrD!zone 0 Share this post Link to post
boris Posted October 16, 2017 It's been released. https://www.krackattacks.com/ 2 Share this post Link to post
UglyStru Posted October 16, 2017 52 minutes ago, boris said: It's been released. https://www.krackattacks.com/ I feel like this has been known for a while. Not sure if this is truly the downfall of WPA2. 1 Share this post Link to post
StevieWolfe Posted October 16, 2017 This is nothing new. Cracking into wifi has been simple as hell for ages. WPA was never a secure thing lol. 3 Share this post Link to post
Quasar Posted October 16, 2017 This weakness is specifically in WPA2 security and not the broad 802.11 standard, so saying "RIP" to it is really premature and definitely not called for - as the authors of this paper have stated, this can be resolved with patches for wireless clients and may not even require new routers or access points, and many of those are patchable via firmware updates where and if required. 1 Share this post Link to post
Remilia Scarlet Posted October 16, 2017 After having a night to think about this, what I'm more concerned about is not my own wifi (my wife and I hardly ever use it), but the wifi being used by people like my mom and in-laws who aren't as skilled with computer-related technology. Essentially, the weakest of the weakest links. 2 Share this post Link to post
fraggle Posted October 16, 2017 1 hour ago, Quasar said: This weakness is specifically in WPA2 security and not the broad 802.11 standard, so saying "RIP" to it is really premature and definitely not called for Speak for yourself. I for one am dropping off the internet entirely and going back to copying things between computers manually using floppy disks until this is all sorted out. You can never be certain which lines the Illuminati have tapped, even in your own home. See you all in a few months, folks! 24 Share this post Link to post
Caffeine Freak Posted October 16, 2017 Microsoft already released a patch. This is one time I regret not having automatic updates turned on, but at least I'm getting the patch now. From what I'm reading, Linux operating systems and Android devices (which I also have, unfortunately) are among the hardest hit by this. https://www.pcworld.com/article/3233255/windows/krack-wi-fi-attacks-shouldnt-harm-updated-windows-pcs.html 0 Share this post Link to post
Remilia Scarlet Posted October 16, 2017 39 minutes ago, fraggle said: Speak for yourself. I for one am dropping off the internet entirely and going back to copying things between computers manually using floppy disks until this is all sorted out. You can never be certain which lines the Illuminati have tapped, even in your own home. See you all in a few months, folks! What, no IP over Avian Carrier? 1 Share this post Link to post
Da Werecat Posted October 16, 2017 I literally switched back to cable yesterday, because my connection started acting up when using wi-fi. And I only switched to wi-fi because my connection started acting up when using cable and I didn't care enough to investigate at the time. I'm that lazy. 0 Share this post Link to post
Linguica Posted October 16, 2017 57 minutes ago, Jon said: Debian GNU/Linux patch was out ages ago I read that OpenBSD was apprised of the issue months ago and refused to sit on their patch and so the researchers have said that next time they just won't tell the OpenBSD people until the embargo is almost up, lol. 1 Share this post Link to post
leodoom85 Posted October 16, 2017 Not pressing F yet for the encryption? 0 Share this post Link to post
boris Posted October 16, 2017 18 minutes ago, Linguica said: I read that OpenBSD was apprised of the issue months ago and refused to sit on their patch and so the researchers have said that next time they just won't tell the OpenBSD people until the embargo is almost up, lol. It's on the site in the FAQ: Quote Why did OpenBSD silently release a patch before the embargo? OpenBSD was notified of the vulnerability on 15 July 2017, before CERT/CC was involved in the coordination. Quite quickly, Theo de Raadt replied and critiqued the tentative disclosure deadline: “In the open source world, if a person writes a diff and has to sit on it for a month, that is very discouraging”. Note that I wrote and included a suggested diff for OpenBSD already, and that at the time the tentative disclosure deadline was around the end of August. As a compromise, I allowed them to silently patch the vulnerability. In hindsight this was a bad decision, since others might rediscover the vulnerability by inspecting their silent patch. To avoid this problem in the future, OpenBSD will now receive vulnerability notifications closer to the end of an embargo. 0 Share this post Link to post
fraggle Posted October 16, 2017 That's how security researchers call someone an asshole. 5 Share this post Link to post
Edward850 Posted October 16, 2017 8 minutes ago, Eric the Sandvich said: I would use ethernet, but I don't own the router in my house! It's on the other side of the house, and I don't know any ethernet cable that extends to 15 meters. ... That's a pretty standard length for Ethernet cable. Most stores will sell that length in cat5e for like 20 bux. 0 Share this post Link to post
Nevander Posted October 16, 2017 3 hours ago, YukiRaven said: but the wifi being used by people like my mom and in-laws who aren't as skilled with computer-related technology. Essentially, the weakest of the weakest links. That is the single greatest problem with technology ever since the inception of computers. Truly a terrifying circumstance. 1 Share this post Link to post
leodoom85 Posted October 16, 2017 59 minutes ago, Eric the Sandvich said: I would use ethernet, but I don't own the router in my house! It's on the other side of the house, and I don't know any ethernet cable that extends to 15 meters. Fortunately, I know how to make a proper cable and put the RJ45 connectors with the proper tools....but thing is, the location of the router and my laptop is not ideal to connect such a cable. Too much obstacles to deal between both things. 1 Share this post Link to post
Remilia Scarlet Posted October 16, 2017 14 minutes ago, Nevander said: That is the single greatest problem with technology ever since the inception of computers. Truly a terrifying circumstance. Well, it just makes sense. People tend to always be the weakest link in any security system ("system" in a more abstract sense here), and the people who don't have the expertise are the weakest of the weak links. 11 minutes ago, leodoom85 said: Fortunately, I know how to make a proper cable and put the RJ45 connectors with the proper tools....but thing is, the location of the router and my laptop is not ideal to connect such a cable. Too much obstacles to deal between both things. I ended up running a cable through the floor from the basement, then through two walls in my mom's house just to wire up my bedroom. It was well worth it in the end. 1 Share this post Link to post
leodoom85 Posted October 16, 2017 Just now, YukiRaven said: I ended up running a cable through the floor from the basement, then through two walls in my mom's house just to wire up my bedroom. It was well worth it in the end. :D Good job though. I guess that you had to use a drill to make those holes just to reach the destination. And yes, it has a satisfactory feeling for accomplishing that work. 1 Share this post Link to post