Re: [OT] Breaking WPA2 by forcing nonce reuse

To: debian-user@lists.debian.org
Subject: Re: [OT] Breaking WPA2 by forcing nonce reuse
From: Brian <ad44@cityscape.co.uk>
Date: Thu, 19 Oct 2017 12:05:23 +0100
Message-id: <[🔎] 19102017100229.d6ca0e8c0b74@desktop.copernicus.org.uk>
In-reply-to: <[🔎] 20171018213048.6e1bed0f5192e55e75d9f633@gmail.com>
References: <[🔎] slrnou9kqp.48k.curty@einstein.electron.org> <[🔎] 1b6d0e14-20e7-0ef3-7f64-974758f78eb3@googlemail.com> <[🔎] 20171016151906.00a26195581b774880c07430@gmail.com> <[🔎] c47ba314-5118-697f-7189-eacbd5d2d13b@googlemail.com> <[🔎] 20171017105715.87134337517be7c2b77ba6ec@gmail.com> <[🔎] 17102017184955.cbe671b90b6e@desktop.copernicus.org.uk> <[🔎] 20171018213048.6e1bed0f5192e55e75d9f633@gmail.com>

On Wed 18 Oct 2017 at 21:30:48 -0400, Celejar wrote:

> On Tue, 17 Oct 2017 19:20:08 +0100
> Brian <ad44@cityscape.co.uk> wrote:
> 
> > On Tue 17 Oct 2017 at 10:57:15 -0400, Celejar wrote:
> > 
> > > On Tue, 17 Oct 2017 08:43:00 +0530
> > > "tv.debian@googlemail.com" <tv.debian@googlemail.com> wrote:
> > > 
> > > > So using https or better for communications on the local network is a 
> > > > good idea, but is it the norm? Many router firmwares or built-in 
> > > > webservers from cameras to printers default to http, sometime don't even 
> > > > offer https as an option.
> > > 
> > > Yes, after I sent my mail I realized that my wirelessly networked
> > > printer is going to be a problem. Some printers apparently support
> > > access via SSL/TLS (IPPS), but it looks like mine (Brother
> > > HL-2280DW) does not. And what are the odds that Brother will do a
> > > firmware update to patch WPA for this some 6 years old model ;)
> > 
> > I, and you, probably, are not dealing with printing confidential
> > documents. Those entities which are should be more concerned.
> 
> I'm not? What happens when I need to print out some sort of financial
> statement?

Ok.

> > > > It's patched in most distributions, and in router firmwares like LEDE 
> > > > already, was patched in some BSD even before publication, but how long 
> > > > before we see a patches for all affected devices?
> > > 
> > > Never - for many / most Android devices, my printer (probably), etc.
> > 
> > A timely fix arrives in Debian. Users who update are once again safe.
> > What more could you ask for? What can you say apart from "thanks"?
> 
> ? Yes, my Debian installations are now safe, and I'm duly thankful to
> the Debian maintainers, the wpa_supplicant developers, the LEDE
> developers, etc., but why should I not be worried and upset about the
> situation with my phone, printer, etc.?

Depends on the level of your concern. There are USB and ethernet
connections to the printer. This might require physical relocation
of the printer but it could be worth it to be worry-free. Or use a 
Debian-based, wireless-enabled print server in close proximity to
the printer.

-- 
Brian.

Reply to:

Follow-Ups:
- Re: [OT] Breaking WPA2 by forcing nonce reuse
  - From: Celejar <celejar@gmail.com>

References:
- [OT] Breaking WPA2 by forcing nonce reuse
  - From: Curt <curty@free.fr>
- Re: [OT] Breaking WPA2 by forcing nonce reuse
  - From: "tv.debian@googlemail.com" <tv.debian@googlemail.com>
- Re: [OT] Breaking WPA2 by forcing nonce reuse
  - From: Celejar <celejar@gmail.com>
- Re: [OT] Breaking WPA2 by forcing nonce reuse
  - From: "tv.debian@googlemail.com" <tv.debian@googlemail.com>
- Re: [OT] Breaking WPA2 by forcing nonce reuse
  - From: Celejar <celejar@gmail.com>
- Re: [OT] Breaking WPA2 by forcing nonce reuse
  - From: Brian <ad44@cityscape.co.uk>
- Re: [OT] Breaking WPA2 by forcing nonce reuse
  - From: Celejar <celejar@gmail.com>

Prev by Date: Firefox_entries
Next by Date: Re: Firefox_entries
Previous by thread: Re: [OT] Breaking WPA2 by forcing nonce reuse
Next by thread: Re: [OT] Breaking WPA2 by forcing nonce reuse
Index(es):
- Date
- Thread