Thanks for this good advice, Marc!
Meanwhile I will be out for a few weeks, sick this week & running
weirdfilmfest next Tuesday, and possibly/probably in Unsafe Networks, where
the advice will come in handy.
On Wed, Oct 18, 2017 at 12:00 PM, <mesh-request(a)lists.sudoroom.org> wrote:
Send mesh mailing list submissions to
mesh(a)lists.sudoroom.org
To subscribe or unsubscribe via the World Wide Web, visit
https://sudoroom.org/lists/listinfo/mesh
or, via email, send a message with subject or body 'help' to
mesh-request(a)lists.sudoroom.org
You can reach the person managing the list at
mesh-owner(a)lists.sudoroom.org
When replying, please edit your Subject line so it is more specific
than "Re: Contents of mesh digest..."
Today's Topics:
1. KRACK attack (Marc Juul)
2. Re: KRACK attack (danarauz(a)gmail.com)
----------------------------------------------------------------------
Message: 1
Date: Tue, 17 Oct 2017 15:52:57 -0700
From: Marc Juul <juul(a)labitat.dk>
To: "mesh(a)lists.sudoroom.org" <mesh(a)lists.sudoroom.org>
Subject: [Mesh] KRACK attack
Message-ID:
<CAL4ejvQ4hPDyuMGDWwKd4wL-c0ZTLtP28+mde7dqo2b2=RQ01A@
mail.gmail.com>
Content-Type: text/plain; charset="utf-8"
You have all probably already heard about the wifi KRACK attack. If not,
here is the lowdown:
https://www.krackattacks.com/
sudowrt is also affected. What this means is that your private wifi network
is... potentially a lot less private.
I started work on a fix here:
https://github.com/sudomesh/sudowrt-firmware/issues/109
but I ran into a build issue which maybe Grant knows how to fix?
https://github.com/sudomesh/sudowrt-firmware/issues/110
Hopefully we can sort this out over the next day or two.
In the mean time node-operates may want to disconnect any sensitive devices
from their private network. As always you should be using end-to-end
encryption for all communications. Install the HTTPS Everywhere
<https://www.eff.org/https-everywhere> browser extension if you haven't.
For situations where end-to-end encryption is not viable, using a VPN like
Mullvad <https://www.mullvad.net/> is a good idea.
--
marc/juul