Sponsors
Sponsor Products
WPA2 vulnerability.
posted by Greg Whynott  on Oct. 17, 2017, 12:55 p.m. (1 month, 6 days ago)
2 Responses     0 Plus One's     0 Comments  
https://www.wired.com/story/krack-wi-fi-wpa2-vulnerability/

Thread Tags:
  discuss-at-studiosysadmins 

Response from Michael Oliver @ Oct. 18, 2017, 4:55 p.m.
Actual technical whitepaper here:https://papers.mathyvanhoef.com/ccs2017.pdf
On Tue, Oct 17, 2017 at 10:10 AM, Mamading Ceesay <mamading@vision3.tv> wrote:
Some KRACK-related resources
Cisco Security Advisoryhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa

UniFi AP Firmware patch for KRACKhttps://community.ubnt.com/t5/UniFi-Updates-Blog/FIRMWARE-3-9-3-7537-for-UAP-USW-has-been-released/ba-p/2099365

Some analysis of how the f**k this happenedhttps://blog.cryptographyengineering.com/2017/10/16/falling-through-the-kracks/
tl;dr The IEEE's closed standards process meant that security researchers didn't get a look at this before implementation.
Also, failure to do integration testing of relevant crypto code.


Mamading Ceesay
Systems Administrator
VISION3 Ltd


On 17 October 2017 at 17:54, greg whynott <greg.whynott@gmail.com> wrote:
https://www.wired.com/story/krack-wi-fi-wpa2-vulnerability/

To unsubscribe from the list send a blank e-mail to mailto:studiosysadmins-discuss-request@studiosysadmins.com?subject=unsubscribe


To unsubscribe from the list send a blank e-mail to mailto:studiosysadmins-discuss-request@studiosysadmins.com?subject=unsubscribe



--
Michael Oliver
mcoliver@gmail.com
PGP Public Key: https://goo.gl/a2CnHF

0 Plus One's     0 Comments  
   

Response from Anonymous @ Oct. 17, 2017, 1:15 p.m.
Some KRACK-related resources
Cisco Security Advisoryhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa

UniFi AP Firmware patch for KRACKhttps://community.ubnt.com/t5/UniFi-Updates-Blog/FIRMWARE-3-9-3-7537-for-UAP-USW-has-been-released/ba-p/2099365

Some analysis of how the f**k this happenedhttps://blog.cryptographyengineering.com/2017/10/16/falling-through-the-kracks/
tl;dr The IEEE's closed standards process meant that security researchers didn't get a look at this before implementation.
Also, failure to do integration testing of relevant crypto code.


Mamading Ceesay
Systems Administrator
VISION3 Ltd


On 17 October 2017 at 17:54, greg whynott <greg.whynott@gmail.com> wrote:
https://www.wired.com/story/krack-wi-fi-wpa2-vulnerability/

To unsubscribe from the list send a blank e-mail to mailto:studiosysadmins-discuss-request@studiosysadmins.com?subject=unsubscribe


0 Plus One's     0 Comments