All Posts by Date or last 15, 30, 90 or 180 days.
also by Lloyd: diglloyd.com photography and WindInMyFace.com
Thank you for purchasing through links and ads on this site.
OWC / MacSales.com...
diglloyd B&H Deal Finder...
Buy other stuff at Amazon.com...
Upgrade the memory of your 2020 iMac up to 128GB
877-865-7002
Today’s Deal Zone Items... Handpicked deals...
$280 $250
SAVE $30

$74 $74
SAVE $click

$4499 $3499
SAVE $1000

$1398 $898
SAVE $500

$649 $449
SAVE $200

$7595 $5995
SAVE $1600

$799 $499
SAVE $300

$2598 $2398
SAVE $200

$1498 $1398
SAVE $100

$249 $219
SAVE $30

$1699 $1299
SAVE $400

$21999 $19999
SAVE $2000

$8399 $7599
SAVE $800

$1149 $799
SAVE $350

$260 $180
SAVE $80

$4998 $3998
SAVE $1000

$569 $519
SAVE $50

$899 $799
SAVE $100

$2347 $1997
SAVE $350

$883 $633
SAVE $250

$1299 $949
SAVE $350

$1636 $1036
SAVE $600

$1699 $1299
SAVE $400

$1082 $929
SAVE $153

$1199 $1099
SAVE $100

All your WIFI are belong to us: Major vulnerability in WPA2 to be released

MPG has long advised wired internet for performance reasons, as well as advising against public WiFi locations.

WiFi is apparently vulnerable to a complete loss of security.

For the techie, emphasis added:

Key Reinstallation A acks: Forcing Nonce Reuse in WPA2

We introduce the key reinstallation attack. This attack abuses design or implementation aws in cryptographic protocols to reinstall an already-in-use key. This resets the key’s associated parameters such as transmit nonces and receive replay counters. Several types of cryptographic Wi-Fi handshakes are a ected by the attack.

...

Finally, we confirmed our findings in practice, and found that every Wi-Fi device is vulnerable to some variant of our attacks. Notably, our attack is exceptionally devastating against Android 6.0: it forces the client into using a predictable all-zero encryption key.

...

All Wi-Fi clients we tested were vulnerable to our attack against the group key handshake. This enables an adversary to replay broadcast and multicast frames. When the 4-way or fast BSS tran- sition handshake is attacked, the precise impact depends on the data-confidentiality protocol being used. In all cases though, it is possible to decrypt frames and thus hijack TCP connections. This enables the injection of data into unencrypted HTTP connections. Moreover, against Android 6.0 our attack triggered the installation of an all-zero key, completely voiding any security guarantees.

Rather worryingly, our key reinstallation attack even occurs spontaneously if certain handshake messages are lost due to back- ground noise. This means that under certain conditions, implementations are reusing nonces without an adversary being present.

Less technical, from an email I received from EasyDNS.com:

WPA2, the encryption algorithm in use today on nearly all WIFI access points has been discovered to have a major security flaw which renders them hackable.

The upshot is that attackers will be able to read all data traversing the WIFI access point (another reason to use VPN sessions to further encrypt your data before it flows over the air). Security researchers will release their findings at Computer and Communications Security (CCS) on November 1, 2017. My understanding of this so far is that once the paper drops and the inevitable exploits follow, both the access point and the clients will need vendor patching to be secure. Think “heart bleed” to the exponent “shell shock”.

Security researchers will release their findings at Computer and Communications Security (CCS) on November 1, 2017. My understanding of this so far is that once the paper drops and the inevitable exploits follow, both the access point and the clients will need vendor patching to be secure. Think “heart bleed” to the exponent “shell shock”.

MPG: every iPhone and iPad and laptop and similar user relying on WiFi should take pause, particularly at public WiFi access points that might not get patched (remember Equifax screw-up? No need to remember, it is now at present a worse screwup).

Don H writes that Apple already has a patch, albeit only in beta versions of macOS and iOS. The claims in that link are that once the iPhone/iPad/Mac are patched that they will be safe to use anywhere. Kudos to Apple for rolling this out quickly (assuming that happens).

This site and diglloyd.com use https which and as far as I understand it protects user data, but that is not a statement of fact, only what I believe is correct, having worked with encryption as an engineer for some years.

It might be a discard your WiFi routers and get secure ones, if they cannot be updated to address the flaw.

More:

WPA2: Broken with KRACK. What now?

Falling through the KRACKs

Reddit.com list of patches

GitHub list of vendor patches

OWC Envoy Pro EX SSD
Blazingly fast Thunderbolt 3 SSD!

Up to 4TB capacity, USB-C compatible.

USB-C model also available


Great for travel or for desktop!
OWC Accelsior 4M2 PCIe SSD
6000 MB/sec!
Mac or PC.


Ideal for Lightroom, Photoshop, video.
Capacity up to 16TB!
OWC Envoy Express

World’s first Thunderbolt 3 M.2 NVME SSD enclosure.

Super fast, bus-powered, 3.3 oz, DIY easy, rugged and compact!


See also OWC Express 4M2
√ No more slow and noisy hard drives!
OWC Thunderblade Thunderbolt 3 SSD

Blazing fast, up to 16TB.

YEE HAH!



√ No more slow and noisy hard drives!
View all handpicked deals...

SanDisk 256GB Extreme PRO UHS-I SDXC Memory Card
$74 $74
SAVE $click

diglloyd.com | Terms of Use | PRIVACY POLICY
Contact | About Lloyd Chambers | Consulting | Photo Tours
Mailing Lists | RSS Feeds | Twitter
Copyright © 2020 diglloyd Inc, all rights reserved.
Display info: __RETINA_INFO_STATUS__