[HUGE loving NEWS] Major security flaw discovered in WPA2 protocol

Off Topic > Off Topic

<< < (7/15) > >>

ultimamax:

--- Quote from: Juncoph on October 16, 2017, 02:24:58 PM ---outside of stuff like open wifi places e.g. a hotel or office, isn't this basically not a big deal? the weak point is the wi-fi specifically, i.e. to exploit the flaw you'd need to install a bug that records everything sent upstream by connected devices, right? that is, low-traffic/personal/home LANetworks probably wouldn't be targeted, no?

--- End quote ---
you also need special hardware to abuse this flaw (i.e. you cant just exploit this with your own wifi-enabled device)

its definitely unlikely that your home wifi will be targeted or affected. i would imagine the places to worry about are public wifi (i imagine you could grab a forgetton of valuable information if you did this at a starbucks or mcdonalds or something) and businesses

also do we have any word on whether this is being patched on android?

Steve5451²:

--- Quote from: Juncoph on October 16, 2017, 02:24:58 PM ---outside of stuff like open wifi places e.g. a hotel or office, isn't this basically not a big deal? the weak point is the wi-fi specifically, i.e. to exploit the flaw you'd need to install a bug that records everything sent upstream by connected devices, right? that is, low-traffic/personal/home LANetworks probably wouldn't be targeted, no?

--- End quote ---

it's a huge security risk but there's a low chance it's going to happen to you unless you use public wifi.

RedGajin:

--- Quote from: Juncoph on October 16, 2017, 02:24:58 PM ---outside of stuff like open wifi places e.g. a hotel or office, isn't this basically not a big deal? the weak point is the wi-fi specifically, i.e. to exploit the flaw you'd need to install a bug that records everything sent upstream by connected devices, right? that is, low-traffic/personal/home LANetworks probably wouldn't be targeted, no?

--- End quote ---
no, places with open wifi networks are already open to attackers and allow them to freely sniff your traffic if theyre connected to the same network. this exploit works in the same way, if an attacker is within range of the wifi, they can bypass all WPA2 encryption. you don't need to install anything on the host device to read someones traffic, you use packet brown townyzers like wireshark that read the traffic as it goes to whatever website the victim tries to access. anyone can be targeted by this, the reason this is such a big deal is the ease in which this can be done, seeing as WPA2 is the standard protocol used by essentially everyone

would suggest reading up on things like man in the middle attacks: https://www.veracode.com/security/man-middle-attack
as well as watching the video demo the research team put up for a quick 4 minute tl;dr: https://youtu.be/Oh4WURZoR98

--- Quote from: Steve5451² on October 16, 2017, 02:29:50 PM ---it's a huge security risk but there's a low chance it's going to happen to you unless you use public wifi.

--- End quote ---
this is also true, if you're not in a well populated area, people likely aren't going to be rolling up to your house to sniff your traffic. this is bigger for those that live in cities, and for business/govt (although they probably already know about this)

--- Quote from: ultimamax on October 16, 2017, 02:28:49 PM ---also do we have any word on whether this is being patched on android?

--- End quote ---
to my knowledge, samsung is the only one that has come out and announced theyre actively working on a patch that should be available soon. google has also said theyre releasing an update sometime in the near future. would def encourage you to email them and ask for an update, theyll probably respond

carolcat:
won't you have to wait until your wireless carrier customizes the samsung patch for their customers tho?

TableSalt:
gosh i hate mondays

Navigation

 Message Index

Go to full version