[Discuss] WPA2 crypto Schwachstelle

Mo Okt 16 23:06:40 CEST 2017

On October 16, 2017 5:28:00 PM GMT+01:00, Adrian Dabrowski <(spam-protected)> wrote:

>Noch schlimmer: so wie es aussieht muss man in erster Linie die
>Clients,
>nicht die Router updaten.

Richtig. Zusammenfassung des Autors: "Our main attack is against the 4-way handshake, and does not exploit access points, but instead targets clients. So it might be that your router does not require security updates. We strongly advise you to contact your vendor for more details. In general though, you can try to mitigate attacks against routers and access points by disabling client functionality (which is for example used in repeater modes) and disabling 802.11r (fast roaming). For ordinary home users, your priority should be updating clients such as laptops and smartphones."

David