brent timothy saner on 16 Oct 2017 11:34:44 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Wpa2 oops

On 10/16/2017 02:29 PM, Keith C. Perry wrote:
> Brent,
> Its looking slightly less bad- clients appear to be more of the problem but the AP's still need to be patched.  Everything, everywhere needs to be patched to be on the best footing so this going to be slow going.
> The longer term risk would be older devices that do not get patched.

yep! spoke to one of my infosec contacts and expected risk/severity
factor is only about 6.5/10 in his projection.

but just like with heartbleed, it could start out slow/not as serious in
scope and then snowball into something even bigger.

but yes, it mostly affects clients, but that's sort of worse in a way-
you can control the patching of your routers/WAPs much more easily than
that of the clients that will be connecting to you.

but you're absolutely right- think of how many people don't update their
phone firmware? and android 6.0 is especially vulnerable.

Attachment: signature.asc
Description: OpenPGP digital signature

Philadelphia Linux Users Group         --
Announcements -
General Discussion  --