> Have people looked in to this: > > https://apnews.com/743db922a4d2473a8745ce54c134c33a/Researchers-discover-vulnerability-affecting-Wi-Fi-security > > If so, how have you handled it?
Step 1. Get actual useful information on the vulnerability that provides some degree of understanding and assessing the risk. That AP article is a prime example of standard mainstream fear mongering of the latest vulnerability discovered by a security researcher in a lab. Please help us all by not sharing info from AP in the future. Better and more useful info here: Mostly layman but thorough - https://techcrunch.com/2017/10/16/wpa2-shown-to-be-vulnerable-to-key-reinstallation-attacks/ More technical - https://www.krackattacks.com/ Step 2. Realize that cracking into a WiFi network isn't easy and takes time and effort. Not too mention trying to capture actual sensitive personal data. Step 3 Have some coffee, tea or beer. Re-read step 2 and contemplate the following: "He further writes that while some of the attacks detailed in the paper may seem hard to pull off, follow-up work has shown that attacks against — for example — macOS and OpenBSD are “significantly more general and easier to execute”, adding: “So although we agree that some of the attack scenarios in the paper are rather impractical, do not let this fool you into believing key reinstallation attacks cannot be abused in practice.” Pizza Hut was recently hacked. 60,000 customers billing information compromised in 28 hrs. Equifax hack, etc, etc. Step 4. Have some more of my fav beverage and wait patiently for security updates while using the Internet over a wired connection. Step 5. Realize that when I need to use WiFi, I'll just use it and probably not concern myself with security risks as like most people, I got stuff to do, places to go and people to see. Step 6. Due to step 5, I put my faith and trust that there are good people who will release security patches and other good people who will file a class action law suits and polices / laws that protect consumers from identity theft, fraud and abuse. Sleep well! =) _______________________________________________ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
