@radioctiveeucom @SwiftOnSecurity That doesn't cover the protocol flaw that makes it possible, though. That's what I was interested in.
@khaxan @SwiftOnSecurity @radioctiveeucom See 1.1p4: ..."WPA-PSK". EAP-PSK is distinct from these protocols & should not be confused w/them
-
-
@RichFelker@SwiftOnSecurity @radioctiveeucom you're correct, but wpa2 uses same method to derive the key -
@khaxan@SwiftOnSecurity @radioctiveeucom OK so apparently there's a lack of DH too. Lovely. -
@RichFelker@SwiftOnSecurity @radioctiveeucom indeed, only way around this is a mix of certificates and a external auth source AFAIK -
@khaxan@SwiftOnSecurity @radioctiveeucom All this makes me think the designers of WPA did not understand the threat model. :( -
@khaxan@SwiftOnSecurity @radioctiveeucom Active attacks are much more detectable, so precluding passive attacks is valuable in itself. -
@khaxan@SwiftOnSecurity @radioctiveeucom And "poster on the wall with AP key fingerprint" makes an easy external auth source.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.