Well the VPN ecosystem has an enormous long tail - the paper you cite tested 283 (!) apps. It's unfortunate but somewhat expected that a significant number, especially the ones that haven't been around for long, would…
Yeah I've had 'Silence on the Wire' for awhile - brilliant book, although I confess I haven't ever been able to sit down and really read it end to end. But I'd say I'm familiar with the topics he talks about. I'm not…
"is there any mitigation for this other than ditching my handset and switching to an iPhone or waiting (hopelessly) for a patch from my vendor." Using a VPN is the best way to mitigate this until your device is patched,…
That's not the attack at all. And there's nothing standard about it. The attack is the fact that someone couldn't do this you're describing on any WPA-2 protected Wi-Fi network before, and now they can.
Well I did mention it's "an end-of-the-world type vulnerability, at least as far as Wi-Fi goes". I don't think it's a lot of consolation saying something along the lines of "Wi-Fi security is broken, but it's not so bad…
I do think it's an end-of-the-world type vulnerability, at least as far as Wi-Fi goes. 1) The paper claims confidentiality compromise allows the attacker to hijack a tcp connection: "allow an adversary to decrypt a TCP…
Well the VPN ecosystem has an enormous long tail - the paper you cite tested 283 (!) apps. It's unfortunate but somewhat expected that a significant number, especially the ones that haven't been around for long, would…
Yeah I've had 'Silence on the Wire' for awhile - brilliant book, although I confess I haven't ever been able to sit down and really read it end to end. But I'd say I'm familiar with the topics he talks about. I'm not…
"is there any mitigation for this other than ditching my handset and switching to an iPhone or waiting (hopelessly) for a patch from my vendor." Using a VPN is the best way to mitigate this until your device is patched,…
That's not the attack at all. And there's nothing standard about it. The attack is the fact that someone couldn't do this you're describing on any WPA-2 protected Wi-Fi network before, and now they can.
Well I did mention it's "an end-of-the-world type vulnerability, at least as far as Wi-Fi goes". I don't think it's a lot of consolation saying something along the lines of "Wi-Fi security is broken, but it's not so bad…
I do think it's an end-of-the-world type vulnerability, at least as far as Wi-Fi goes. 1) The paper claims confidentiality compromise allows the attacker to hijack a tcp connection: "allow an adversary to decrypt a TCP…