1. jevinzac's Avatar
    Posted via CB10
    10-18-17 01:52 AM
  2. spARTacus's Avatar
    From what I understand the issue is with wpa WiFi, not with apps that might use WiFi. That said, if I understand things correctly the issue can be exploited to the extent that WiFi communications that would otherwise have been expected to be "secure" could be accessed, read, intercepted, disrupted, etc..., as if they were "not secure" in the first place. Whether or not communications related to an app's use of WiFi are impacted depends I think on how the app uses WiFi. In reading some of the articles, web browser traffic to (for example) bank web sites is described as largelly not impacted, because of use of things like https and ssl, etc... (that is, a separate encrypted tunnel within the WiFi communications). I am not entirely sure, but I assume BBM traffic between BBM clients and BBM servers is not just plain old out in the open (that is, something like ssl is also used). So I would assume BBM is generally not impacted. Some of the more educated folks on CB should be able to chime in and confirm.

    However, if WiFi is generally wide open now as a result of the issues, then in theory your device could be impacted in other ways beyond just impacting app communications (that is, a possible additional channel for trying to get at your device and the things (and apps) on it).

    Since one should have already been assuming that public and free WiFi hotspots in general are not fully trustworthy and any of them could already have been posing a certain level of risk, the issue really only (in my opinion) impacts WiFi that was previously trying to actually be trusted (that is, where wpa access control was actually trying to control access, like at home or at a workplace or an institution where the WiFi wasn't being served freely to the public in the first place). For hotspots that are servings up signals to the general public for free, I am not actually sure if the hotspot operators will conclude that they need to do anything about the issue, since in general they were already providing a channel that hackers could potentially use to exploit the hotspot users and I am not sure if any risk has increased (for those situations only).
    Last edited by spARTacus; 10-19-17 at 08:34 PM.
    1122334455667788 likes this.
    10-19-17 08:22 PM

Similar Threads

  1. Text date is Feb 19 1970?
    By Charles Boswell in forum Ask a Question
    Replies: 10
    Last Post: 10-27-17, 08:13 PM