{{
`${userDetail.user.displayName}${userDetail.user.cachedBungieGlobalDisplayNameCode ? `#${standardizeBungieGlobalCode(userDetail.user.cachedBungieGlobalDisplayNameCode)}` : ""}`}}
{{getUserClans()}}
10/16/2017 3:04:53 PM
13
Patch your machines ASAP: critical exploit found in Wi-Fi
https://arstechnica.com/information-technology/2017/10/severe-flaw-in-wpa2-protocol-leaves-wi-fi-traffic-open-to-eavesdropping/
https://www.theverge.com/2017/10/16/16481252/wi-fi-hack-attack-android-wpa-2-details
https://boingboing.net/2017/10/16/eschaton-immanentized.html
The WPA-2 protocol is the more secure of the 3 Wi-Fi types in use and probably your default setting for most devices less than 5 or so years old. this exploit is in the standard itself, not the device but individual devices can be patched so as to prevent the exploit.
the critical exploit lets evesdroppers remotely steal everything transmitted through your network. microsoft has stated that they will have a patch for this ready, google has stated that they will be working on patches for affected android devices in the next few weeks.
you'll need to manually patch your routers/modems to the latest firmware if possible.
apple hasn't released a statement on this yet(if it uses wifi, it is vulnerable).
for those one *nix systems, time for sudo apt-get update & time sudo apt-get dist-upgrade
-
Edited by mobius: 10/17/2017 7:10:34 PMWhat people fail to realize is that the attacker has to be in range of the victim router. I have nothing to worry about because my router is restricted to only transmit within my home. If an attacker wanted my stuff, he'd have to litterally be in my house. Also, I don't ever use wifi out in public. Another thing people don't understand is that this only affects *routers*, meaning your device must be connected to a compromised router for the attacker to have access to your stuff. This problem really only affects big corporations and public WiFi hotspots, and the general consumer that never uses wifi should not be too worried. That being said, it's still a good idea to upgrade everything as soon as possible, but this problem is, in my opinion, being over-hyped to an extent TL;DR, yes it's a problem, but the chances of someone actually doing this on your home network are low [spoiler]Edited to salute anyone who opens this {-}7[/spoiler]
