SoylentNews is people
SoylentNews
Billions of devices—many of them already patched—are affected by a Wi-Fi vulnerability that allows nearby attackers to decrypt sensitive data sent over the air, researchers said on Wednesday at the RSA security conference.
[...]Eset researchers wrote in a research paper published on Wednesday. "The attack surface is greatly increased, since an adversary can decrypt data that was transmitted by a vulnerable access point to a specific client (which may or may not be vulnerable itself)."
[...]Kr00k exploits a weakness that occurs when wireless devices disassociate from a wireless access point. If either the end-user device or the access point is vulnerable, it will put any unsent data frames into a transmit buffer and then send them over the air. Rather than encrypt this data with the session key negotiated earlier and used during the normal connection, vulnerable devices use a key consisting of all zeros, a move that makes decryption trivial.
[...]Eset researchers determined that a variety of devices are vulnerable, including:
- Amazon Echo 2nd gen
- Amazon Kindle 8th gen
- Apple iPad mini 2
- Apple iPhone 6, 6S, 8, XR
- Apple MacBook Air Retina 13-inch 2018
- Google Nexus 5
- Google Nexus 6
- Google Nexus 6S
- Raspberry Pi 3
- Samsung Galaxy S4 GT-I9505
- Samsung Galaxy S8
- Xiaomi Redmi 3S
The researchers also found that the following wireless routers are vulnerable:
- Asus RT-N12
- Huawei B612S-25d
- Huawei EchoLife HG8245H
- Huawei E5577Cs-321
An Apple spokesman said the vulnerabilities were patched last October with details for macOS here and for iOS and iPadOS here.
[...]While the vulnerability is interesting and users should make sure their devices are patched quickly—if they aren't already—there are a few things that minimize the real-world threat posed.
[...]Despite the limited threat posed, readers should ensure their devices have received updates issued by the manufacturers. This advice is most important for users of vulnerable Wi-Fi routers, since routers are often hard to patch and because vulnerable routers leave communications open to interception even when client devices are unaffected or are already patched.
(Score: 4, Interesting) by NotSanguine on Friday February 28 2020, @04:12PM (1 child)
The link was just to a fanless PC with 4Gb ports.
There are numerous options for router/firewall. Pretty much anything you can do with Linux/BSD.
I was going to post a few links here, but the options are far too numerous (searches for 'linux router', 'linux firewall', 'BSD router', 'BSD firewall' will give you many choices).
What's more, you can use (locked down, presumably) whatever distro you're currently using, or go with BSD if you like. Or use one of the many, many open source router/firewall distros/packages.
The point is that features and functionality are almost limitless. And if you decide you want a different piece of hardware for your router/firewall, you can still use something like I linked for other purposes, rather than having a Netgear brick.
Besides, Tomato uses the standard linux tools (iproute2/IPTables) anyway, but has limited hardware (ARM/MIPS and Broadcom) support.
No, no, you're not thinking; you're just being logical. --Niels Bohr
(Score: 2) by NotSanguine on Friday February 28 2020, @04:13PM
Oops. That should read 4 1gb ports.
No, no, you're not thinking; you're just being logical. --Niels Bohr