Re: [FRIAM] KRACK

2017-10-21 Thread Roger Critchlow
smartphones too. > > > Then there is another option which is to buy a big estate and put a moat > around it. That doesn't stop drones, though. A moat and a plexiglass > bubble, then. Oh, and watch out for boring machines too from > well-equipped people like Elon Musk and

Re: [FRIAM] KRACK

2017-10-21 Thread Marcus Daniels
A moat and a plexiglass bubble, then. Oh, and watch out for boring machines too from well-equipped people like Elon Musk and El Chapo. Marcus From: Friam <mailto:friam-boun...@redfish.com> on behalf of Nick Thompson <mailto:nickthomp...@earthlink.net> Sent: Saturday, October 21, 20

Re: [FRIAM] KRACK

2017-10-21 Thread gepr ⛧
Awesome contribution! On October 21, 2017 2:26:51 PM PDT, Steven A Smith wrote: >I recently heard from a friend who achieved a very transient and >unexpected contact with a US Antartica Science team member via a 1W >handheld DMR RX/TX device.   Anecdotally, they field about 10 such >contacts a

Re: [FRIAM] KRACK

2017-10-21 Thread Steven A Smith
.   A moat and a plexiglass bubble, then.   Oh, and watch out for boring machines too from well-equipped people like Elon Musk and El Chapo. Marcus *From:* Friam on behalf of Nick Thompson *Sent:* Saturday, October 21, 2017 9

Re: [FRIAM] KRACK

2017-10-21 Thread gepr ⛧
Ha! That reminds me of the fact that gmane no longer archives this list. (And even the mailman archives have been down for awhile.) So now's the time to speak freely because your words are less likely to be used against you later. 8^) I can't help but wonder how the notorious lack of security

Re: [FRIAM] KRACK

2017-10-21 Thread Marcus Daniels
pped people like Elon Musk and El Chapo. Marcus From: Friam on behalf of Nick Thompson Sent: Saturday, October 21, 2017 9:49:23 AM To: 'The Friday Morning Applied Complexity Coffee Group' Subject: Re: [FRIAM] KRACK Hi, Wizards, I hope at some point

Re: [FRIAM] KRACK

2017-10-21 Thread Nick Thompson
/ -Original Message- From: Friam [mailto:friam-boun...@redfish.com] On Behalf Of gepr ? Sent: Friday, October 20, 2017 7:11 PM To: The Friday Morning Applied Complexity Coffee Group Subject: Re: [FRIAM] KRACK Yeah. They've built with a patch for ddwrt, too. Supposedly here: http://s

Re: [FRIAM] KRACK

2017-10-20 Thread gepr ⛧
Yeah. They've built with a patch for ddwrt, too. Supposedly here: http://svn.dd-wrt.com/changeset/33525 But it's still fun to think about. On October 20, 2017 5:00:38 PM PDT, Roger Critchlow wrote: >The OpenWRT/LEDE open source images for compatible routers got updated >a >few days ago. Since t

Re: [FRIAM] KRACK

2017-10-20 Thread Roger Critchlow
The OpenWRT/LEDE open source images for compatible routers got updated a few days ago. Since the hack attacks the handshake protocol between client and access point, there are apparently several ways the access point can subvert the attack. Whether the update accomplishes that without introducing

Re: [FRIAM] KRACK

2017-10-20 Thread gⅼеɳ ☣
Ah! I see. So, the idea is that even if the router-managed network is compromised, if we always rely on device-to-device encryption/conflation, then it doesn't matter if the network is compromised. Hm. I'm not convinced. It seems like there should be meta-data and packet envelope data that w

Re: [FRIAM] KRACK

2017-10-20 Thread Marcus Daniels
Add extra (vpn/tor) encryption where it matters [by using this device]. Sent from my iPhone On Oct 20, 2017, at 5:02 PM, gⅼеɳ ☣ mailto:geprope...@gmail.com>> wrote: But if I understand correctly, my TV and printer will remain the weakest links, regardless. And as long as those are present, wh

Re: [FRIAM] KRACK

2017-10-20 Thread gⅼеɳ ☣
But if I understand correctly, my TV and printer will remain the weakest links, regardless. And as long as those are present, whatever credentials my router requires are compromisable. So, a possible solution is to use one subnet for the devices for which you don't have patches and a more trus

Re: [FRIAM] KRACK

2017-10-20 Thread Marcus Daniels
From: Flter: Privacy & Security Router via Indiegogo [mailto:nore...@indiegogo.com] Sent: Friday, October 20, 2017 4:34 PM To: Marcus Daniels Subject: 📢 Update #11 from Flter: Privacy & Security Router [Indiegogo]

Re: [FRIAM] KRACK

2017-10-17 Thread Russell Standish
It's big alright. Linux and Android are particularly badly affected. I tried upgrading my Linux WiFi client yesterday when the news first broke, but the fix only landed overnight, so I've managed to update this morning. Not too shabby - MS, Google and Apple all had about a month's head start on the

Re: [FRIAM] KRACK

2017-10-17 Thread Robert Wall
Thanks for the heads-up, Glen! On Tue, Oct 17, 2017 at 8:55 AM, ┣glen┫ wrote: > Key Reinstallation Attacks > Breaking WPA2 by forcing nonce reuse > https://www.krackattacks.com/ > > > We discovered serious weaknesses in WPA2, a protocol that secures all > modern protected Wi-Fi networks. An atta

Re: [FRIAM] KRACK

2017-10-17 Thread Nick Thompson
Subject: [FRIAM] KRACK Key Reinstallation Attacks Breaking WPA2 by forcing nonce reuse https://www.krackattacks.com/ > We discovered serious weaknesses in WPA2, a protocol that secures all modern > protected Wi-Fi networks. An attacker within range of a victim can exploit > these weaknes

[FRIAM] KRACK

2017-10-17 Thread ┣glen┫
Key Reinstallation Attacks Breaking WPA2 by forcing nonce reuse https://www.krackattacks.com/ > We discovered serious weaknesses in WPA2, a protocol that secures all modern > protected Wi-Fi networks. An attacker within range of a victim can exploit > these weaknesses using key reinstallation at