[FRIAM] KRACK

Roger Critchlow rec at elf.org
Fri Oct 20 20:00:38 EDT 2017 

The OpenWRT/LEDE open source images for compatible routers got updated a
few days ago.  Since the hack attacks the handshake protocol between client
and access point, there are apparently several ways the access point can
subvert the attack.  Whether the update accomplishes that without
introducing new vulnerabilities remains to be seen.

-- rec --


On Fri, Oct 20, 2017 at 7:26 PM, gⅼеɳ ☣ <gepropella at gmail.com> wrote:

> Ah!  I see. So, the idea is that even if the router-managed network is
> compromised, if we always rely on device-to-device encryption/conflation,
> then it doesn't matter if the network is compromised.  Hm.  I'm not
> convinced.  It seems like there should be meta-data and packet envelope
> data that would still be useful to the red team.  Plus, I have no idea how
> my roku or playstation, both of which provide access to my credit card,
> authenticate.  I'd like to think they use end-to-end encryption.  But ...
> And then there are things like my DLNA server.  I'd like to think that I've
> done everything correctly and a black hat couldn't hack my server from my
> playstation.  But ...  And, of course, I've configured Renee's Windows 10
> machine so that it doesn't use the firewall while on the home network.  I
> suppose I should change that, too.  [sigh]
>
> If it weren't for that serial-killer-style van with the fake looking logo
> on the side, parked outside my house every month or so, I wouldn't worry so
> much. 8^)
>
> On 10/20/2017 04:11 PM, Marcus Daniels wrote:
> > Add extra (vpn/tor) encryption where it matters [by using this device].
>
> --
> ☣ gⅼеɳ
>
> ============================================================
> FRIAM Applied Complexity Group listserv
> Meets Fridays 9a-11:30 at cafe at St. John's College
> to unsubscribe http://redfish.com/mailman/listinfo/friam_redfish.com
> FRIAM-COMIC http://friam-comic.blogspot.com/ by Dr. Strangelove
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://redfish.com/pipermail/friam_redfish.com/attachments/20171020/896c8f7d/attachment.html>

More information about the Friam mailing list