0 Members and 1 Guest are viewing this topic.
We discovered serious weaknesses in WPA2, a protocol that secures all modern protected Wi-Fi networks. An attacker within range of a victim can exploit these weaknesses using key reinstallation attacks (KRACKs). Concretely, attackers can use this novel attack technique to read information that was previously assumed to be safely encrypted. This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on. The attack works against all modern protected Wi-Fi networks. Depending on the network configuration, it is also possible to inject and manipulate data. For example, an attacker might be able to inject ransomware or other malware into websites.
Something else to worry about!
It doesn't look as if the WPA2 stack on Windows is vulnerable. Anything based on wpa_supplicant/hostapd will be. This includes Linux and Android. Patches started trickling out yesterday. I don't know about Apple, but it's likely their products are vulnerable.
Shame this site does not have https <sigh>
It's something I've been looking at for a while. It may well be implemented after the next still in development SMF upgrade becomes available.
I find in general Microsoft are far more forthcoming about security issues AND seem to patch them quicker than Apple,even though the general consensus is the opposite,maybe Apple play on users belief that their products are more or less immune from malware/hackers etc?
I wouldn't says that they don't always patch faster both are as bad as each other at times. I mean in 2014 Microsoft patched a 19 year old critical bug that's hardly fast and Apple had a vulnerability in the release on High Sierra this year. Apple users are more immune to some malware but its on the rise and they know that too. Nobody believes they are immune these days and if they do they are idiots.
malware writers play a numbers game,only reason macs were more immune was there was hardly any written/released to attack them it wasn't worth targeting a relatively low number of users when they could target millions more through pc's,if it's the 19yr old bug I think you mean it was only discovered when it was 19yrs old,microsoft patched quickly after then,also where did rootkits first rear their heads:-was unix/Linux not windows
I think now more than ever it needs it, Zap.
Any information and links published in the forum are posted in good faith, but the forum staff andowners cannot and do not accept responsibility for the content and accuracy of external websites.