[–] sohkamyung 8y ago ↗ Paper appears to be out [1][1] "Predicting, Decrypting, and Abusing WPA2/802.11 Group Keys" (PDF) [ https://kryptera.se/assets/uploads/2017/10/usenix2016-wifi.p... ]
[–] gregmac 8y ago ↗ WPA2 has been around since 2004 -- it's really surprising that there's not a newer alternative developed and deployed in the last 13 years.What is around as a potential next standard?In the meantime, do we just revert to open wifi and use a VPN tunnel overtop? [–] Piskvorrr 8y ago ↗ We could. What do the remaining 99.999% of wifi users do? [–] zimpenfish 8y ago ↗ Tell them to use SSLEverywhere (or equivalent) and/or get them onto VPNs, I think. [–] Piskvorrr 8y ago ↗ Good point - given a sane set of trusted CAs (sic!), the need for a trusted last hop mostly goes away. [–] zimpenfish 8y ago ↗ I think if you're using a VPN tunnel or SSL or SSH already, then this doesn't really affect you (based on an article I read earlier today.)
[–] Piskvorrr 8y ago ↗ We could. What do the remaining 99.999% of wifi users do? [–] zimpenfish 8y ago ↗ Tell them to use SSLEverywhere (or equivalent) and/or get them onto VPNs, I think. [–] Piskvorrr 8y ago ↗ Good point - given a sane set of trusted CAs (sic!), the need for a trusted last hop mostly goes away.
[–] zimpenfish 8y ago ↗ Tell them to use SSLEverywhere (or equivalent) and/or get them onto VPNs, I think. [–] Piskvorrr 8y ago ↗ Good point - given a sane set of trusted CAs (sic!), the need for a trusted last hop mostly goes away.
[–] Piskvorrr 8y ago ↗ Good point - given a sane set of trusted CAs (sic!), the need for a trusted last hop mostly goes away.
[–] zimpenfish 8y ago ↗ I think if you're using a VPN tunnel or SSL or SSH already, then this doesn't really affect you (based on an article I read earlier today.)
[–] kristianp 8y ago ↗ Already discussed at https://news.ycombinator.com/item?id=15478750 [–] gok 8y ago ↗ No, that article is a less significant problem from over a year ago. This is a new issue.
[–] gok 8y ago ↗ No, that article is a less significant problem from over a year ago. This is a new issue.
[–] anti-thought 8y ago ↗ Looks like it will be another pretty branded CVE: https://www.reddit.com/r/PFSENSE/comments/76ksdi/core_protoc...They mention it will be at https://krackattacks.com
9 comments
[ 3.3 ms ] story [ 13.5 ms ] thread[1] "Predicting, Decrypting, and Abusing WPA2/802.11 Group Keys" (PDF) [ https://kryptera.se/assets/uploads/2017/10/usenix2016-wifi.p... ]
What is around as a potential next standard?
In the meantime, do we just revert to open wifi and use a VPN tunnel overtop?
They mention it will be at https://krackattacks.com