On 16/10/2017 21:12, Curt wrote:
https://www.krackattacks.com/
Our attack is especially catastrophic against version 2.4 and above of
wpa_supplicant, a Wi-Fi client commonly used on Linux. Here, the client will
install an all-zero encryption key instead of reinstalling the real key.
Uh-oh.
It was addressed in Debian by DSA-3999-1 I think, but will probably
linger for a long time on routers, phones, appliances and IoT all over
the world. After Bluetooth a few weeks ago, now wpa2 wifi, most of the
wireless consumer electronic have it's base covered and ripe for cracking...
