Tag Archives: flaw

WPA2 安全漏洞

話說 WPA2 也撐了十三年了: WPA2 became available in 2004 and is a common shorthand for the full IEEE 802.11i (or IEEE 802.11i-2004) standard. 這次的漏洞可以參考「Severe flaw in WPA2 protocol leaves Wi-Fi traffic open to eavesdropping」這邊。 PoC 稱作 KRACK (Key Reinstallation Attacks),漏洞將會在十一月正式發表,從會議的標題名稱大概可以知道方向,是對 Nonce … Continue reading

Posted in Computer, Murmuring, Network, Privacy, Security, VPN | Tagged , , , , , , , , , , , , , , | Leave a comment

關於 Juniper ScreenOS 防火牆被放後門的研究

一樣是從 Bruce Schneier 那邊看到的:「Details about Juniper's Firewall Backdoor」,原始的研究連結在「Cryptology ePrint Archive: Report 2016/376」這邊。 ScreenOS 被放了兩個後門,一個是 SSH 的後門: Reverse engineering of ScreenOS binaries revealed that the first of these vulnerabilities was a conventional back door in the SSH password checker. 另外一個是「Dual EC … Continue reading

Posted in Computer, Hardware, Murmuring, Network, OS, Security, Software, VPN | Tagged , , , , , , , , , , , | 1 Comment