"Wifi clients advertise which APs it wants to connect" - isn't that a massive privacy leak also? ... #broadpwn
This is not a new issue. Hardened systems (including modern Android, I think) should have mitigations already.
-
-
Also EAP-TLS (needed for strong mutual authN) shows client certs too; an ID leak. Unfortunately EAP-TLS inside EAP-TTLS not widely supported
-
Even 802.11w is optional & rarely enforced. Always turn WiFi off when not in use & delete all 'Saved Networks' that aren't EAP-TLS.
-
Check FreeRadius is up to date too. There's been RCEs & TLS session caching issues lately.
-
Probably good to keep BSSID & SSID values on high rotation too. (Plus use high entropy SSIDs if using PSK, to avoid rainbows precomputes).
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.