Boston Linux & UNIX was originally founded in 1994 as part of The Boston Computer Society. We meet on the third Wednesday of each month, online, via Jitsi Meet.

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Discuss] Boston Linux Meeting reminder, Tomorrow, Wednesday, October 18, 2017 - Current issues in SSL and TLS



On Tue, Oct 17, 2017 at 6:12 AM, Jerry Feldman <gaf at blu.org> wrote:
> When:  October 18, 2017 8PM (7:30PM for Q&A)
> Topic: Current issues in SSL and TLS
> Moderators: Rajiv Manglani
> Location: MIT Building E-51, Room 315
> *** Note new Time ****
> As a result of the new MIT parking regulations, we will be holding our
> meetings later than usual. There should be plenty of metered parking
> available. In Cambridge the meters are free after 8PM. See parking note
> below.
>
> Summary:
>
> SSL and TLS are the protocols which provide the foundation for securing
> Internet traffic.

Which, as we were reminded yesterday, WPA2 is NOT.

Upstream patches for the 9 of 10 CVEs touching Linux filtered through
both Debian and Ubuntu to me already.
Your distro or commercial OS should likewise be updating ASAP.
(If not ask WTF and switch to one that takes it seriously.)

AFAIK WPA2 KRACK is client only, not WAP side, so unless a WiFi Router
is working in reverse or as a wifi repeater/bridge, they're not the
patching problem.

Problem of course is the IoT (Internet of Sh.. Insecure Things)
devices and prior-release phones/tablets that won't get vendor
updates.
(And older stuck laptops/desktops that can't upgrade to latest
Windows/MacOSX. Those need to go onto wired only or spaces secure from
wifi snooping.)



BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org