Key Reinstallation Attacks Breaking WPA2 by forcing nonce reuse https://www.krackattacks.com/
> We discovered serious weaknesses in WPA2, a protocol that secures all modern > protected Wi-Fi networks. An attacker within range of a victim can exploit > these weaknesses using key reinstallation attacks (KRACKs). Concretely, > attackers can use this novel attack technique to read information that was > previously assumed to be safely encrypted. This can be abused to steal > sensitive information such as credit card numbers, passwords, chat messages, > emails, photos, and so on. The attack works against all modern protected > Wi-Fi networks. Depending on the network configuration, it is also possible > to inject and manipulate data. For example, an attacker might be able to > inject ransomware or other malware into websites. > > The weaknesses are in the Wi-Fi standard itself, and not in individual > products or implementations. Therefore, any correct implementation of WPA2 is > likely affected. To prevent the attack, users must update affected products > as soon as security updates become available. Note that if your device > supports Wi-Fi, it is most likely affected. During our initial research, we > discovered ourselves that Android, Linux, Apple, Windows, OpenBSD, MediaTek, > Linksys, and others, are all affected by some variant of the attacks. For > more information about specific products, consult the database of CERT/CC, or > contact your vendor. -- ␦glen? ============================================================ FRIAM Applied Complexity Group listserv Meets Fridays 9a-11:30 at cafe at St. John's College to unsubscribe http://redfish.com/mailman/listinfo/friam_redfish.com FRIAM-COMIC http://friam-comic.blogspot.com/ by Dr. Strangelove
