Comment on Wi-Fi 7 quietly took off while everyone was looking at AI
sighofannoyance@lemmy.world 5 months ago
Does anybody know if this will have actual security?
Comment on Wi-Fi 7 quietly took off while everyone was looking at AI
sighofannoyance@lemmy.world 5 months ago
Does anybody know if this will have actual security?
Smokeless7048@lemmy.world 5 months ago
What do you mean? Wifi is already secured.
sighofannoyance@lemmy.world 5 months ago
no both options are fundamentally insecure. the current standard 2 and the version 3 of wpa
Smokeless7048@lemmy.world 5 months ago
ahh, i see what you are saying.
sighofannoyance@lemmy.world 5 months ago
web.archive.org/web/…/WPA2-Hole196
"the group temporal key (GTK) that is shared among all authorized clients in a WPA2 network. In the standard behavior, only an AP is supposed to transmit group-addressed data traffic encrypted using the GTK and clients are supposed to decrypt that traffic using the GTK. However, nothing in the standard stops a malicious authorized client from injecting spoofed GTK-encrypted packets! Exploiting the vulnerability, an insider (authorized user) can sniff and decrypt data from other authorized users as well as scan their Wi-Fi devices for vulnerabilities, install malware and possibly compromise those devices.
In short, this vulnerability means that inter-user data privacy among authorized users is inherently absent over the air in a WPA2-secured network. "