[Mesh] KRACK attack
danarauz at gmail.com
danarauz at gmail.com
Sat Oct 21 13:55:53 PDT 2017
Vendor Response Matrix for KRACK WPA2 (Key Reinstallation Attack)
(Which Vendor has and has not patched this vulnerability):
*https://github.com/kristate/krackinfo
<https://github.com/kristate/krackinfo>*
(I am at Omni checking on our WiFi controller, and I learned that vendor
does NOT have the patch available at this time.
The only have a pdf with information regarding this issue, attached to this
email.)
On Wed, Oct 18, 2017 at 9:19 PM, Lesley Bell <lbx2045 at gmail.com> wrote:
> Debian issued an update to wpasupplicant
> <https://packages.debian.org/stretch/wpasupplicant> Monday, so people
> running a debian-based OS should update and then (should be?) safe to
> connect again.
>
>
> On Tue, Oct 17, 2017 at 5:54 PM danarauz at gmail.com <danarauz at gmail.com>
> wrote:
>
>> https://www.eff.org/https-everywhere
>>
>> https://mullvad.net/
>>
>>
>>
>>
>> On Tue, Oct 17, 2017 at 3:52 PM, Marc Juul <juul at labitat.dk> wrote:
>>
>>> You have all probably already heard about the wifi KRACK attack. If not,
>>> here is the lowdown:
>>>
>>> https://www.krackattacks.com/
>>>
>>> sudowrt is also affected. What this means is that your private wifi
>>> network is... potentially a lot less private.
>>>
>>> I started work on a fix here:
>>>
>>> https://github.com/sudomesh/sudowrt-firmware/issues/109
>>>
>>> but I ran into a build issue which maybe Grant knows how to fix?
>>>
>>> https://github.com/sudomesh/sudowrt-firmware/issues/110
>>>
>>> Hopefully we can sort this out over the next day or two.
>>>
>>> In the mean time node-operates may want to disconnect any sensitive
>>> devices from their private network. As always you should be using
>>> end-to-end encryption for all communications. Install the HTTPS
>>> Everywhere <https://www.eff.org/https-everywhere> browser extension if
>>> you haven't. For situations where end-to-end encryption is not viable,
>>> using a VPN like Mullvad <https://www.mullvad.net/> is a good idea.
>>>
>>> --
>>> marc/juul
>>>
>>> _______________________________________________
>>> mesh mailing list
>>> mesh at lists.sudoroom.org
>>> https://sudoroom.org/lists/listinfo/mesh
>>>
>>>
>>
>>
>> --
>> Daniel
>>
>> Signal: 415.336.9143 <https://whispersystems.org/>
>>
>> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
>> - - - - - - - - - - - - - -
>> Help open a people-powered common space in Oakland, California!
>> https://omnicommons.org/donate
>> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
>> - - - - - - - - - - - - - -
>>
>>
>> _______________________________________________
>> mesh mailing list
>> mesh at lists.sudoroom.org
>> https://sudoroom.org/lists/listinfo/mesh
>>
>
--
Daniel
Signal: 415.336.9143 <https://whispersystems.org/>
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - - - -
Help open a people-powered common space in Oakland, California!
https://omnicommons.org/donate
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - - - -
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://sudoroom.org/lists/private/mesh/attachments/20171021/bec65e04/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Ruckus WPA2 Vulnerability (KRACK) FAQ.pdf
Type: application/pdf
Size: 143151 bytes
Desc: not available
URL: <https://sudoroom.org/lists/private/mesh/attachments/20171021/bec65e04/attachment.pdf>
More information about the mesh
mailing list