On 16 October 2017 at 18:18, James Knott <james.knott@rogers.com> wrote:
On 10/16/2017 09:43 AM, Richard Brown wrote:
But WPA2 comes in a couple variants. Does anyone know if any of them
are unaffected?
Thanks Greg I don't know, but I do know that SUSE are working on providing us fast updates for SLE (which Leap will get equally fast) and Tumbleweed
Would SUSE being up to date affect this? Or is it an attack on the access point?
Now I've been able to read and understand the latest information The attack is on the clients The fixes therefore need to be delivered and applied to all client devices. That isn't just linux machines, but any phones, IoT devices, anything that connects to Wi-Fi and authenticates using WPA. For example, I'm now harrassing Huawei to figure out when they'll patch their Mobile-WiFi device I just got, because it can work as a WiFi extender (and therefore a client to a WiFi network) in addition to being a mobile hotspot. So every openSUSE machine you have using wifi is vulnerable until we get patches out. like Marcus said, treating WPA like it's insecure and relying on SSL and VPN and such in the meanwhile is recommended -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org