|
 https://www.krackattacks.com quote:We discovered serious weaknesses in WPA2, a protocol that secures all modern protected Wi-Fi networks. An attacker within range of a victim can exploit these weaknesses using key reinstallation attacks (KRACKs). Concretely, attackers can use this novel attack technique to read information that was previously assumed to be safely encrypted. This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on. The attack works against all modern protected Wi-Fi networks. Depending on the network configuration, it is also possible to inject and manipulate data. For example, an attacker might be able to inject ransomware or other malware into websites. https://www.youtube.com/watch?v=Oh4WURZoR98 hope you didn't throw away all those old cat5 cables!!!! Linguica fucked around with this message at 21:56 on Oct 16, 2017 |
#
?
Oct 16, 2017 05:42
|
|
|
|
| # ? Apr 27, 2024 05:34 |
|
|
I hope hackers like listening to last podcast on the left and the black tapes and poo poo cause that's all I ever use wireless for
|
|
#
?
Oct 16, 2017 05:51
|
|
|
but my chromecast 
|
|
#
?
Oct 16, 2017 05:52
|
|
|
I was playing video poker on my ipad and got 5 of a kind one time, and nobody would believe me. where were the hackers then?!
|
|
#
?
Oct 16, 2017 05:56
|
|
|
my butt crack is very prepared right now. i have a soothing cream and everything. it's a little pricey but my quality of life has improved dramatically.
|
|
#
?
Oct 16, 2017 06:00
|
|
|
who gives a god damned gently caress
|
|
#
?
Oct 16, 2017 06:02
|
|
|
Cool.
|
|
#
?
Oct 16, 2017 06:03
|
|
|
Hopefully i will get a patch for my open soruce router software in good time OP
|
|
#
?
Oct 16, 2017 10:20
|
|
|
|
|
#
?
Oct 16, 2017 12:12
|
|
|
holly poo poo! piss!! anroid lol!!! https://www.youtube.com/watch?v=Oh4WURZoR98
|
|
#
?
Oct 16, 2017 17:01
|
|
|
duTrieux. posted:my butt crack is very prepared right now. i have a soothing cream and everything. it's a little pricey but my quality of life has improved dramatically. same
|
|
#
?
Oct 16, 2017 17:50
|
|
|
FAPPO!
|
|
#
?
Oct 16, 2017 18:22
|
|
|
lol that open source router software is getting patched quicker than *~enterprise~* kit
|
|
#
?
Oct 16, 2017 18:26
|
|
|
People thought I was crazy when I cabled 48 ports of gigabit ethernet in my home, but look who's laughing now!
|
|
#
?
Oct 16, 2017 18:39
|
|
|
I don't think my polish tomato usb fork is being patched anytime soon
|
|
#
?
Oct 16, 2017 18:45
|
|
|
r u ready to WALK posted:People thought I was crazy when I cabled 48 ports of gigabit ethernet in my home, but look who's laughing now! lol 1g nice future proofing idiot
|
|
#
?
Oct 16, 2017 18:48
|
|
|
Linguica posted:holly poo poo! piss!! anroid lol!!! welp time to stop using WiFi for sensitive poo poo again they really need to break http and make everything go through https, it looks like the only thing that didn’t break in that demo was the sites certification and the secure notice from the browser
|
|
#
?
Oct 16, 2017 19:07
|
|
|
honestly at this point i wouldnt mind giving up on wi-fi and going to lte tethering 24/7. i have a nice unlimited plan
|
|
#
?
Oct 16, 2017 19:14
|
|
|
luckily i use wep
|
|
#
?
Oct 16, 2017 19:22
|
|
|
My Linux Rig posted:welp time to stop using WiFi for sensitive poo poo again apparently if you're using a VPN this isn't very serious, and you should be using a vpn when you're attaching yourself to dirty coffeeshop wifi
|
|
#
?
Oct 16, 2017 19:23
|
|
|
My Linux Rig posted:welp time to stop using WiFi for sensitive poo poo again as long as you aren't using Linux you're ok
|
|
#
?
Oct 16, 2017 19:27
|
|
|
maskenfreiheit posted:luckily i use wep same only WAP. man, if ever there was a technology trying to do too much before its time... 
|
|
#
?
Oct 16, 2017 20:25
|
|
|
Shaggar posted:as long as you aren't using Linux you're ok what this seriously only affects linux based os’s? I thought this was a core issue in wpa2
|
|
#
?
Oct 16, 2017 20:30
|
|
|
the authors say they have more serious exploits they have since developed that can pwn macs at least
|
|
#
?
Oct 16, 2017 20:44
|
|
|
Shaggar posted:as long as you aren't using Linux you're ok shaggar was wrong the wpa2 protocol has a venerability to replay attacks
|
|
#
?
Oct 16, 2017 20:56
|
|
|
HoboMan posted:shaggar was wrong that’s what I thought. though it sounds like microsoft already sent out a patch but if your driver isn’t updated you still hosed potentially
|
|
#
?
Oct 16, 2017 21:11
|
|
|
My Linux Rig posted:what the most critical attacks only affect Linux because windows devs didn't implement the flawed parts of the spec except when it relates to broadcast/multicast and who really cares about that
|
|
#
?
Oct 16, 2017 21:18
|
|
|
HoboMan posted:shaggar was wrong the spec has significant design flaws, but most aren't implemented in windows
|
|
#
?
Oct 16, 2017 21:19
|
|
|
i use a wifi i got at the compusa am i ok?
|
|
#
?
Oct 16, 2017 21:25
|
|
|
this is a good thread title
|
|
#
?
Oct 16, 2017 21:28
|
|
|
Shaggar posted:the most critical attacks only affect Linux because windows devs didn't implement the flawed parts of the spec except when it relates to broadcast/multicast and who really cares about that lol yeah except they did; the article points out that they had to release a patch for this vulnerability
|
|
#
?
Oct 16, 2017 21:47
|
|
|
not for the most critical stuff. the parts that affected windows were relatively minor.
|
|
#
?
Oct 17, 2017 01:45
|
|
|
Shaggar posted:not for the most critical stuff. the parts that affected windows were relatively minor. 
|
|
#
?
Oct 17, 2017 18:55
|
|
|
like, who cares? wpa2 has always been a joke and like 99%+ of all routers in the real world are still vulnerable to deauth attacks(or are running important industrial machinery and are forced to be wep for some legacy hardware lol), and once you're on the network you can do basically whatever nefarious thing you want, esp if you do an evil twin idk, i guess this is a little more efficient than brute forcing but in terms of real security against a determined adversary i guess i don't see a difference. i suppose for your neighborhood teen who wants to steal your wifi this is a lower barrier to entry
|
|
#
?
Oct 17, 2017 22:51
|
|
|
pretend i posted a picture of the unchangeable WPS key stamped on the bottom of my actiontec modem/router/WAP that I got in space year 2016 it's 12345678 and you can't turn off WPS
|
|
#
?
Oct 17, 2017 23:32
|
|
|
angry_keebler posted:like, who cares? does deauth actually let you get in or is it just denial-of-service?
|
|
#
?
Oct 18, 2017 00:27
|
|
|
Farmer Crack-rear end posted:does deauth actually let you get in or is it just denial-of-service? deauth forces a new handshake, which you can capture and then brute force the key once you have the key, then you can do whatever, or use that information to do an evil twin and then really do whatever
|
|
#
?
Oct 18, 2017 00:49
|
|
|
|
| # ? Apr 27, 2024 05:34 |
|
|
the worst case scenario for windows is someone might crack your group key eventually if they can keep it from changing long enough or if you have someone on your network that you kick off they could keep the key alive. either way they best they can do is get multicast + broadcast traffic. w/ Linux they just own all your traffic immediately.
|
|
#
?
Oct 18, 2017 00:55
|
|