Announcement

**gigi** · 12 May 2021, 09:13 AM

within radio range of a victim can abuse these vulnerabilities to steal user information or attack devices.

all most all government law enforcement agencies and private sector happily "steal user information". i suspect very few who had grudge adopted "attack devices"

caused by widespread programming mistakes in Wi-Fi products.

its a norm now....

**jo-erlend** · 12 May 2021, 09:38 AM

Well, that's a little scary.

**jntesteves** · 12 May 2021, 09:59 AM

Originally posted by gigi View Post

all most all government law enforcement agencies and private sector happily "steal user information". i suspect very few who had grudge adopted "attack devices"

You know it's not called "stealing" when you consent.

**Dr.N0** · 12 May 2021, 10:04 AM

Originally posted by jntesteves View Post

You know it's not called "stealing" when you consent.

I agree, but can you really consent in those cases with the lack or obfuscation of information and the power dynamics at play?

**loganj** · 12 May 2021, 10:06 AM

why does it feels like its more like a normal spam mail attack than a wireless attack?

**birdie** · 12 May 2021, 10:39 AM

Nothing that can affect me even if I disable WPA2 on my WiFi router completely and turn it into an open access point.

For DNS I've been using DOT/DOH for many years now.
I barely visit any HTTP websites - In fact I don't remember the last time I visited an HTTP website.

I don't use any plain text Internet protocols either. And this attack doesn't allow you to guess a WiFi password though if the user accesses their WiFi router via HTTP, you can potentially hack the device - only most users rarely if ever do that.

**alcalde** · 12 May 2021, 01:13 PM

Originally posted by gigi View Post

all most all government law enforcement agencies and private sector happily "steal user information".

1. Biden won the election.
2. The Earth is not flat.
3. Non-dictatorships don't "steal user information".

If you have evidence of information being stolen, please forward it to your attorney general immediately for investigation and prosecution.

**kozman** · 12 May 2021, 01:51 PM

Joy. Another thing to worry about. And how many billion WiFi devices are out there with EOL long in the rear view mirror and no Merlin or other homebrew alternative to fix it? Even if they fix it, this is the new Spectre. Everyone and their mom is now going to be digging even deeper to find / fix the vulns not yet discovered / disclosed. But do you hear that? That's the sound of thousands of cash registers ringing with users panic upgrading in *hope* that the vendor can fix this. =\

**extremesquared** · 12 May 2021, 02:01 PM

Originally posted by alcalde View Post

...forward it to your attorney general immediately for investigation and prosecution.

In the US, most AGs are elected by the same voting pool that elects mayors. Expectation of corruption for these two positions is so high that our society has transitioned from being angry about it to lampooning the consistency of it.

Announcement

FragAttacks: New Security Vulnerabilities Affecting WiFi Devices, 12 CVEs Issued

FragAttacks: New Security Vulnerabilities Affecting WiFi Devices, 12 CVEs Issued

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment