Re: [FRIAM] KRACK

2017-10-20 Thread gepr ⛧ 
Yeah. They've built with a patch for ddwrt, too. Supposedly here:
http://svn.dd-wrt.com/changeset/33525
But it's still fun to think about.


On October 20, 2017 5:00:38 PM PDT, Roger Critchlow  wrote:
>The OpenWRT/LEDE open source images for compatible routers got updated
>a
>few days ago.  Since the hack attacks the handshake protocol between
>client
>and access point, there are apparently several ways the access point
>can
>subvert the attack.  Whether the update accomplishes that without
>introducing new vulnerabilities remains to be seen.


-- 
⛧glen⛧


FRIAM Applied Complexity Group listserv
Meets Fridays 9a-11:30 at cafe at St. John's College
to unsubscribe http://redfish.com/mailman/listinfo/friam_redfish.com
FRIAM-COMIC http://friam-comic.blogspot.com/ by Dr. Strangelove

Re: [FRIAM] KRACK

2017-10-20 Thread Roger Critchlow 
The OpenWRT/LEDE open source images for compatible routers got updated a
few days ago.  Since the hack attacks the handshake protocol between client
and access point, there are apparently several ways the access point can
subvert the attack.  Whether the update accomplishes that without
introducing new vulnerabilities remains to be seen.

-- rec --


On Fri, Oct 20, 2017 at 7:26 PM, gⅼеɳ ☣  wrote:

> Ah!  I see. So, the idea is that even if the router-managed network is
> compromised, if we always rely on device-to-device encryption/conflation,
> then it doesn't matter if the network is compromised.  Hm.  I'm not
> convinced.  It seems like there should be meta-data and packet envelope
> data that would still be useful to the red team.  Plus, I have no idea how
> my roku or playstation, both of which provide access to my credit card,
> authenticate.  I'd like to think they use end-to-end encryption.  But ...
> And then there are things like my DLNA server.  I'd like to think that I've
> done everything correctly and a black hat couldn't hack my server from my
> playstation.  But ...  And, of course, I've configured Renee's Windows 10
> machine so that it doesn't use the firewall while on the home network.  I
> suppose I should change that, too.  [sigh]
>
> If it weren't for that serial-killer-style van with the fake looking logo
> on the side, parked outside my house every month or so, I wouldn't worry so
> much. 8^)
>
> On 10/20/2017 04:11 PM, Marcus Daniels wrote:
> > Add extra (vpn/tor) encryption where it matters [by using this device].
>
> --
> ☣ gⅼеɳ
>
> 
> FRIAM Applied Complexity Group listserv
> Meets Fridays 9a-11:30 at cafe at St. John's College
> to unsubscribe http://redfish.com/mailman/listinfo/friam_redfish.com
> FRIAM-COMIC http://friam-comic.blogspot.com/ by Dr. Strangelove
>

FRIAM Applied Complexity Group listserv
Meets Fridays 9a-11:30 at cafe at St. John's College
to unsubscribe http://redfish.com/mailman/listinfo/friam_redfish.com
FRIAM-COMIC http://friam-comic.blogspot.com/ by Dr. Strangelove

Re: [FRIAM] KRACK

2017-10-20 Thread gⅼеɳ ☣ 
Ah!  I see. So, the idea is that even if the router-managed network is 
compromised, if we always rely on device-to-device encryption/conflation, then 
it doesn't matter if the network is compromised.  Hm.  I'm not convinced.  It 
seems like there should be meta-data and packet envelope data that would still 
be useful to the red team.  Plus, I have no idea how my roku or playstation, 
both of which provide access to my credit card, authenticate.  I'd like to 
think they use end-to-end encryption.  But ...  And then there are things like 
my DLNA server.  I'd like to think that I've done everything correctly and a 
black hat couldn't hack my server from my playstation.  But ...  And, of 
course, I've configured Renee's Windows 10 machine so that it doesn't use the 
firewall while on the home network.  I suppose I should change that, too.  
[sigh]

If it weren't for that serial-killer-style van with the fake looking logo on 
the side, parked outside my house every month or so, I wouldn't worry so much. 
8^)

On 10/20/2017 04:11 PM, Marcus Daniels wrote:
> Add extra (vpn/tor) encryption where it matters [by using this device].

-- 
☣ gⅼеɳ


FRIAM Applied Complexity Group listserv
Meets Fridays 9a-11:30 at cafe at St. John's College
to unsubscribe http://redfish.com/mailman/listinfo/friam_redfish.com
FRIAM-COMIC http://friam-comic.blogspot.com/ by Dr. Strangelove

Re: [FRIAM] KRACK

2017-10-20 Thread Marcus Daniels 
Add extra (vpn/tor) encryption where it matters [by using this device].

Sent from my iPhone

On Oct 20, 2017, at 5:02 PM, gⅼеɳ ☣ 
> wrote:

But if I understand correctly, my TV and printer will remain the weakest links, 
regardless.  And as long as those are present, whatever credentials my router 
requires are compromisable.  So, a possible solution is to use one subnet for 
the devices for which you don't have patches and a more trusted subnet for 
those that are patched.  ... perhaps even different routers.

On 10/20/2017 03:52 PM, Marcus Daniels wrote:
The recently discovered WPA2 weakness allows attackers to decrypt information 
sent over WiFi that would otherwise be encrypted by your WiFi password.

Being that WPA2 is the most widely adopted wireless encryption protocol in the 
world right now, the scope of this issue is enormous. This vulnerability 
affects almost every device that has WiFi capability. Whether it’s a Smart TV, 
IP camera, phone or computer, it’s safe to assume that it’s data can be 
intercepted and/or altered by an attacker.

We’re currently preparing a software update for Flter that will eliminate any 
risk of data intercept while being used as an access point or client 
(repeater). Flter will automatically update when it’s connected to power and 
internet.

Just keep in mind that even though Flter will be updated your other devices 
might still be vulnerable to attack. You will want to make sure that you update 
them as soon as a patch is released by their manufacturers.

While you’re waiting for software updates for your mobile devices and computers 
we recommend using our VPN client while connected to WiFi. The encrypted tunnel 
that the VPN creates when you connect prevents Man-in-the-middle attacks. This 
is the sort of attack that the WPA2 vulnerability puts you at risk for.

--
☣ gⅼеɳ


FRIAM Applied Complexity Group listserv
Meets Fridays 9a-11:30 at cafe at St. John's College
to unsubscribe http://redfish.com/mailman/listinfo/friam_redfish.com
FRIAM-COMIC http://friam-comic.blogspot.com/ by Dr. Strangelove

FRIAM Applied Complexity Group listserv
Meets Fridays 9a-11:30 at cafe at St. John's College
to unsubscribe http://redfish.com/mailman/listinfo/friam_redfish.com
FRIAM-COMIC http://friam-comic.blogspot.com/ by Dr. Strangelove

Re: [FRIAM] KRACK

2017-10-20 Thread gⅼеɳ ☣ 
But if I understand correctly, my TV and printer will remain the weakest links, 
regardless.  And as long as those are present, whatever credentials my router 
requires are compromisable.  So, a possible solution is to use one subnet for 
the devices for which you don't have patches and a more trusted subnet for 
those that are patched.  ... perhaps even different routers.

On 10/20/2017 03:52 PM, Marcus Daniels wrote:
> The recently discovered WPA2 weakness allows attackers to decrypt information 
> sent over WiFi that would otherwise be encrypted by your WiFi password.
> 
> Being that WPA2 is the most widely adopted wireless encryption protocol in 
> the world right now, the scope of this issue is enormous. This vulnerability 
> affects almost every device that has WiFi capability. Whether it’s a Smart 
> TV, IP camera, phone or computer, it’s safe to assume that it’s data can be 
> intercepted and/or altered by an attacker.
> 
> We’re currently preparing a software update for Flter that will eliminate any 
> risk of data intercept while being used as an access point or client 
> (repeater). Flter will automatically update when it’s connected to power and 
> internet.
> 
> Just keep in mind that even though Flter will be updated your other devices 
> might still be vulnerable to attack. You will want to make sure that you 
> update them as soon as a patch is released by their manufacturers.
> 
> While you’re waiting for software updates for your mobile devices and 
> computers we recommend using our VPN client while connected to WiFi. The 
> encrypted tunnel that the VPN creates when you connect prevents 
> Man-in-the-middle attacks. This is the sort of attack that the WPA2 
> vulnerability puts you at risk for.

-- 
☣ gⅼеɳ


FRIAM Applied Complexity Group listserv
Meets Fridays 9a-11:30 at cafe at St. John's College
to unsubscribe http://redfish.com/mailman/listinfo/friam_redfish.com
FRIAM-COMIC http://friam-comic.blogspot.com/ by Dr. Strangelove

Re: [FRIAM] KRACK

2017-10-20 Thread Marcus Daniels 


From: Flter: Privacy & Security Router via Indiegogo 
[mailto:nore...@indiegogo.com]
Sent: Friday, October 20, 2017 4:34 PM
To: Marcus Daniels 
Subject:  Update #11 from Flter: Privacy & Security Router

[Indiegogo]

MY 
ORDERS









New Campaign Update!

The Flter: Privacy & Security 
Router
 team just posted.

SEE PAST UPDATES 

 ASK A QUESTION 

 VIEW ORDER STATUS 






[https://c1.iggcdn.com/indiegogo-media-prod-cld/image/upload/c_fill,f_auto,h_40,r_20,w_40/v1494721324/fbozzintgrlfudmwsbws.jpg]


posted by Peter DiPreta

Oct 20, 2017 • 3:27PM PDT

KRACK Attack


The recently discovered WPA2 weakness allows attackers to decrypt information 
sent over WiFi that would otherwise be encrypted by your WiFi password.

Being that WPA2 is the most widely adopted wireless encryption protocol in the 
world right now, the scope of this issue is enormous. This vulnerability 
affects almost every device that has WiFi capability. Whether it’s a Smart TV, 
IP camera, phone or computer, it’s safe to assume that it’s data can be 
intercepted and/or altered by an attacker.

We’re currently preparing a software update for Flter that will eliminate any 
risk of data intercept while being used as an access point or client 
(repeater). Flter will automatically update when it’s connected to power and 
internet.

Just keep in mind that even though Flter will be updated your other devices 
might still be vulnerable to attack. You will want to make sure that you update 
them as soon as a patch is released by their manufacturers.

While you’re waiting for software updates for your mobile devices and computers 
we recommend using our VPN client while connected to WiFi. The encrypted tunnel 
that the VPN creates when you connect prevents Man-in-the-middle attacks. This 
is the sort of attack that the WPA2 vulnerability puts you at risk for.

The release of our Android and iOS VPN app along with our new desktop client is 
right around the corner and we’ll be posting another update as soon as they are 
ready for release.

You can find more information about this over at

[FRIAM] Resume helper?

2017-10-20 Thread Gillian Densmore 
I don't suppose anyone knows someone that can recomend help with a a resume
and Lindyn profile?

FRIAM Applied Complexity Group listserv
Meets Fridays 9a-11:30 at cafe at St. John's College
to unsubscribe http://redfish.com/mailman/listinfo/friam_redfish.com
FRIAM-COMIC http://friam-comic.blogspot.com/ by Dr. Strangelove

Re: [FRIAM] Truthiness <==> Entrainment

2017-10-20 Thread Marcus Daniels 
Steve writes:

< This type of "Strange Sympathy" is suggestive to me of the "Contrarian" 
nature of many of the discussions on this list. >

Prefer the term 
Divergent…

Marcus

FRIAM Applied Complexity Group listserv
Meets Fridays 9a-11:30 at cafe at St. John's College
to unsubscribe http://redfish.com/mailman/listinfo/friam_redfish.com
FRIAM-COMIC http://friam-comic.blogspot.com/ by Dr. Strangelove