WPA2 Now Insecure

Kamilah Hauptmann · #1 10-16-2017, 11:27 AM

Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping | Ars Technica

JoeP · #2 10-16-2017, 12:47 PM

Gee thanks Kam. I really wanted to know that. Now I have to be paranoid.

ceptimus · #3 10-16-2017, 01:14 PM

It's not just "now" insecure - it's always been insecure, but it's only now that we're finding out about it.

JoeP · #4 10-16-2017, 02:14 PM

Exactly. I'd rather not know ...

But · #5 10-16-2017, 04:03 PM

Quote:

Originally Posted by ceptimus

It's not just "now" insecure - it's always been insecure, but it's only now that we're finding out about it.

It was very secure because no one in the world knew how to break it.

Kamilah Hauptmann · #6 10-16-2017, 08:09 PM

Ari · #7 10-16-2017, 08:15 PM

Why worry?
Thanks to lazy corporations someone already has your info without needing to be near you.

Kamilah Hauptmann · #8 10-16-2017, 08:35 PM

Basic enough info even I could follow:

New WPA2 Attack (KRaCKs) - How To Prevent It - YouTube

Corona688 · #9 10-16-2017, 10:20 PM

Quote:

Originally Posted by But

Quote:

Originally Posted by ceptimus

It's not just "now" insecure - it's always been insecure, but it's only now that we're finding out about it.

It was very secure because no one in the world knew how to break it.

Honestly, it's never been terrific. Any encryption you can accomplish with $5.00 of hardware is not going to be airtight by modern standards. Every improvement they made was broken in a few years at best. It was just never quite so trivial to do so as it is with this.

As access control, I'm not sure it's actually broken, either. This gives them the contents, but can they actually negotiate a connection and use the connection themselves?

JoeP · #10 10-17-2017, 04:38 PM

Quote:

Originally Posted by Corona688

Any encryption you can accomplish with $5.00 of hardware is not going to be airtight by modern standards.

That's so ... valueist ... monetarist ... costist ...

Corona688 · #11 10-17-2017, 06:03 PM

Quote:

Originally Posted by JoeP

Quote:

Originally Posted by Corona688

Any encryption you can accomplish with $5.00 of hardware is not going to be airtight by modern standards.

That's so ... valueist ... monetarist ... costist ...

In a way it is. Brute force attacks are so cheap these days that real encryption, something that takes a significant amount of time to break, takes a nontrivial amount of work to encode in the first place. If something cheap and stupid can do it, it didn't take that much work.