Keith C. Perry on 16 Oct 2017 15:24:00 -0700 |
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
Re: [PLUG] Wpa2 oops |
Looks like Windows users are good as of the 10/10 update... https://www.windowscentral.com/microsoft-releases-statement-krack-wi-fi-vulnerability ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ Keith C. Perry, MS E.E. Managing Member, DAO Technologies LLC (O) +1.215.525.4165 x2033 (M) +1.215.432.5167 www.daotechnologies.com ----- Original Message ----- From: "brent saner" <brent.saner@gmail.com> To: plug@lists.phillylinux.org Sent: Monday, October 16, 2017 2:34:29 PM Subject: Re: [PLUG] Wpa2 oops On 10/16/2017 02:29 PM, Keith C. Perry wrote: > Brent, > > Its looking slightly less bad- clients appear to be more of the problem but the AP's still need to be patched. Everything, everywhere needs to be patched to be on the best footing so this going to be slow going. > > https://community.ubnt.com/t5/UniFi-Routing-Switching/Krack-exploit-and-wpa2/m-p/2099840#M61285 > > The longer term risk would be older devices that do not get patched. > yep! spoke to one of my infosec contacts and expected risk/severity factor is only about 6.5/10 in his projection. but just like with heartbleed, it could start out slow/not as serious in scope and then snowball into something even bigger. but yes, it mostly affects clients, but that's sort of worse in a way- you can control the patching of your routers/WAPs much more easily than that of the clients that will be connecting to you. but you're absolutely right- think of how many people don't update their phone firmware? and android 6.0 is especially vulnerable. ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug