Stefan Sperling is a user on You can follow them or interact with them if you have an account anywhere in the fediverse. If you don't, you can sign up here.

Stefan Sperling

So is getting flak for early patch, yet a silent patch a week before release from Mikrotik is OK?

@gonzalo when will you get here? you're not attending p2k17 are you?

Boost if you want @staticsafe to make a diss track about WPA.

@ninjatrappeur @ckeen I didn't sign any document.

I got a bug report in my inbox with a diff attached. Just like how this should work.

@pierre The basic idea is that vendors hold fixes back, and cooperate to release their fixes concurrently.

On the surface, this looks reasonable.

But end-user security falls apart when information leaks, or when government agencies get involved which happens if someone requests a CVE. So in this WPA case, US gov agencies knew about the bug for at least as of the second embargo.

Does such an embargo serve your interests? Not really. As an end user, you are interested in getting a patch ASAP.

looks like fixed the attack in 6.1 Errata 027. This is also fixed in 6.2-release.

@eal We released a patch after the first embargo. And we were already rather unhappy with that 2 months delay...

@Thib @wxcafe Yes the problem in a nutshell is that replayed key messages caused nonces to be reset (as it happens when a new key gets installed).

This means parts of the keystream will be reused, and that allows for further attacks on the crypto.

@wxcafe Unless for vendors who oatch WPA1 instead of just disabling it.

@wxcafe It's over for WPA1, indeed. About time.

@wxcafe Fair points.

I use an "always-on" VPN on my android. I see no reason to trust wifi or telko comoanies to do more than relay oackets for it.

The android connects to my public wifi only. It's not allowed on the private one.

@wxcafe I should clarify that this new thing is nowhere near as bad as WEP was.

@wxcafe Yes, agreed. Move sensitive and vulnerable things to ethernet. Wifi has always had such problems (remember WEP)?

@wxcafe Better rely on end-to-end crypto.

@wxcafe Sure. Nobody should assume otherwise. Crypto cannot replace the physical security of cables.