Am I missing something, or is the Android/wpa_supplicant "all zero key" KRACK bug mostly FUD? Surely wrong key = traffic can't flow.
Show this thread
-
Watch the video, all there https://m.youtube.com/watch?v=Oh4WURZoR98&time_continue=3 …
He's not MITMing the AP in that video, only the association. He routes all the data out the side. Doesn't work for private network resources
-
-
Basically the real KRACK impact is for private LANs and this attack doesn't let you properly MITM those, so the impact is *way* lower.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
True, but it lets you MITM public resources. Which is itself a big deal.
-
But there are a bazillion other ways of MITMing public resources. Which is why we have HTTPS. Threat is no different from using public WiFi.
- Show replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.