Is this something that we should be worried about?

Phishfry

Son of Beastie

Thanks: 951
Messages: 2,903

#2
Define worried. I was worried about the last one. This one looks much more complex.
Crivens has a link on his profile page since Monday.

The last time it only took about 2 weeks for an updated hostapd to show up in ports.
That time we had dnsmasq issues too around the same time. Both got patched promptly.
 

Crivens

Moderator
Staff member
Moderator

Thanks: 563
Messages: 1,506

#3
It's in the standard, if I got that right. So yes, I think we are in this too. The comment from the source was that wpa2-psk was now considered dead. But then I only had time for a speed read of the paper.
 

Crivens

Moderator
Staff member
Moderator

Thanks: 563
Messages: 1,506

#4
Update: we are talking about two different things here. No idea if that wpa_supplicant bug will bite us, too. But I would not be surprised.
 

Crivens

Moderator
Staff member
Moderator

Thanks: 563
Messages: 1,506

#7
Yes, discovered while breaking wpa3. I for one would have preferred this had been discovered before wpa2 had been rolled out. So kudos for those guys hammering on wpa3 for love and fame, before it was widely deployed. Otherwise this might have reaped some top $€£ on some dark place.
 

Phishfry

Son of Beastie

Thanks: 951
Messages: 2,903

#9
For historical context I would like to add this commentary:

Starting around 1978 I was old enough for my Dad to take me the the computer swap meets in the Philadelphia area.
Back them it was truly the frontier of electronics.
Around 1980 I was allowed to touch my first computer, The Commodore PET.
This used a cassette tape for data storage. These first computers were very fragile machines.
Does anybody remember Winchester hard drives? They had horrible reliability. Just like many disk systems of the day.

Now fast forward to present time. We have very reliable hardware, very reliable software, but this phenomenon of people breaking things on purpose. This never happened in the old days. Computer were too fragile to deliberately crash for "fun".
Computers had very few fail safes so you could crash them easily.
So now we have reliable hardware, reliable software but this new phenomenon of people who think it is OK to deliberately break computers for FAME.

This is as pointless as beating your childern.
Sure, Anybody can do it but WHY?

Some of these recent Intel CPU bugs are so esoteric I don't worry about them much at all. They are out of my hands.
The upshot, Looks like FreeBSD 12 will get a better microcode updating mechanism instead of having to use a port.
 

nactusberrilli

Member

Thanks: 11
Messages: 61

#10
If someone comes to my house and jiggles my doorhandle I will shoot them right thought the door. I don't care what your doing.
:confused: ... I really hope you don't mean 1/2 of that stuff. Internet access is somewhat restrictive in prison.

You either make things or you break things
Sometimes you have to break things before you make things. reverse-engineering. Things aren't always so diametrically opposed. At times things tend to "overlap" quite a bit.

My understanding is that the Temporal Key Integrity Protocol has been deprecated since 2012. I believe AES based CCMP has been the default encryption method for a while now.
 

Phishfry

Son of Beastie

Thanks: 951
Messages: 2,903

#12
About two weeks ago I was at the ATM at 12:30am at night.
I see this guy running full blast at me from across the parking lot.
I leave my card in the machine retreat back to my vehicle and grab my gun.
With cover of my car door I scream this guy down "I WILL KILL YOU FIRST" and he runs off.

I chase him down but the cops can't find me. I lose him and he got away.
Should I have killed him at the ATM? Looking back probably, He had something in his pocket and I have no record.
I am model citizen these days.
Some other schmuck might get killed resisting this clown.

So that's my context on crime. I am ready to go to jail to fight back I guess...
It's getting crazy out there.
 

Phishfry

Son of Beastie

Thanks: 951
Messages: 2,903

#13
Back on topic:
My understanding is that the Temporal Key Integrity Protocol has been deprecated since 2012. I believe AES based CCMP has been the default encryption method for a while now.
Yes, That is the pitfalls of using older tutorial from the internet, isn't it.
Instead of learning the settings I cut and paste.
 

michael_hackson

Active Member

Thanks: 76
Messages: 141

#14
About two weeks ago I was at the ATM at 12:30am at night.
I see this guy running full blast at me from across the parking lot.
I leave my card in the machine retreat back to my vehicle and grab my gun.
With cover of my car door I scream this guy down "I WILL KILL YOU FIRST" and he runs off.

I chase him down but the cops can't find me. I lose him and he got away.
Should I have killed him at the ATM? Looking back probably, He had something in his pocket and I have no record.
I am model citizen these days.
Some other schmuck might get killed resisting this clown.

So that's my context on crime. I am ready to go to jail to fight back I guess...
It's getting crazy out there.

You have quite the 'interesting' neighbourhood? In my mind I thought, what if you coul turn the situation around storming him up front as soon as you see him running for you? Like unleash your inner as you take a faster pace at him than he has got to you. ;)

Though I can say you handled it well enough. My suggestion was more out of an anime or something.
 

Phishfry

Son of Beastie

Thanks: 951
Messages: 2,903

#15
Yes. My side of the main drag is all working class shipyard workers, cops, plumbers.
Other side is the hood. Public housing. It get pretty wild in the summers.
I feel victimized. Both physically and mentally. Having to pull my gun on someone was a first.
I am so lucky I parked my vehicle at an angle. It gave me perfect cover.
 

Phishfry

Son of Beastie

Thanks: 951
Messages: 2,903

#16
I really messed his plan up my having a swivel neck(navy) saw him coming. Was willing to leave my card.
They have all kind of cameras.
It would have been justifiable homicide.
 

Phishfry

Son of Beastie

Thanks: 951
Messages: 2,903

#17
Our local pizza joint was held up a while back.
They had under-cover next door waiting behind a dumpster as he ran off. (His third and LAST heist)
Killed him dead when he pulled his gun on the UC.

These crooks are savvy too. I live right next to another city border.
When I was chasing my criminal he was skirting between city jurisdictions, knowing their radio systems don't work together.
I didn't realize why his weird path at the time. No straight line back home like I was expecting.

Well THE END.
Its over and everyone is alive.
 
Top