Page 2 of 4 FirstFirst 1234 LastLast
Results 11 to 20 of 33

Thread: WPA2 situation

  1. #11
    Join Date
    Jun 2017
    Location
    Australia
    Posts
    582

    Default Re: WPA2 situation

    Ugh, there's still soooo much stuff i don't know.

    Not having had a clue about how to do that myself, i've now simply mimicked what you showed me:
    Code:
    gooeygirl@linux-Tower:~> cat /etc/os-release |grep VERSION_ID
    VERSION_ID="20171007"
    
    
    gooeygirl@linux-Tower:~> rpm -q --changelog wpa_supplicant | head -n 5
    * Fri Apr 21 2017 obs@botter.cc
    - fix wpa_supplicant-sigusr1-changes-debuglevel.patch to match
      eloop_signal_handler type (needed to build eapol_test via config)
    
    
    * Fri Dec 23 2016 dwaas@suse.com
    
    
    gooeygirl@linux-Tower:~>
    Am i correct to infer that currently i am not patched, but that when i dup to 20171017 i will be? Oh, no, that can't be right either, coz you said
    Nope,
    Hmmmm.
    Last edited by malcolmlewis; 18-Oct-2017 at 19:55.

  2. #12
    Join Date
    Jun 2008
    Location
    East of Podunk
    Posts
    33,257
    Blog Entries
    15

    Default Re: WPA2 situation

    Quote Originally Posted by GooeyGirl View Post
    Ugh, there's still soooo much stuff i don't know.

    Not having had a clue about how to do that myself, i've now simply mimicked what you showed me:
    Code:
    gooeygirl@linux-Tower:~> cat /etc/os-release |grep VERSION_ID
    VERSION_ID="20171007"
    
    
    gooeygirl@linux-Tower:~> rpm -q --changelog wpa_supplicant | head -n 5
    * Fri Apr 21 2017 obs@botter.cc
    - fix wpa_supplicant-sigusr1-changes-debuglevel.patch to match
      eloop_signal_handler type (needed to build eapol_test via config)
    
    
    * Fri Dec 23 2016 dwaas@suse.com
    
    
    gooeygirl@linux-Tower:~>
    Am i correct to infer that currently i am not patched, but that when i dup to 20171017 i will be? Oh, no, that can't be right either, coz you said Hmmmm.
    Hi
    The Nope was for not to assume anything

    So my Tumbleweed is patched, yours isn't yet...

    Your 3 or 4 snapshots behind....
    Last edited by malcolmlewis; 18-Oct-2017 at 19:56.
    Cheers Malcolm °¿° SUSE Knowledge Partner (Linux Counter #276890)
    SUSE SLE, openSUSE Leap/Tumbleweed (x86_64) | GNOME DE
    If you find this post helpful and are logged into the web interface,
    please show your appreciation and click on the star below... Thanks!

  3. #13
    Join Date
    Jun 2008
    Location
    East of Podunk
    Posts
    33,257
    Blog Entries
    15

    Default Re: WPA2 situation

    Quote Originally Posted by GooeyGirl View Post
    Am i correct to infer that currently i am not patched, but that when i dup to 20171017 i will be? Oh, no, that can't be right either, coz you said Hmmmm.
    Hi
    So you have missed 20171009, 20171010, 20171013 and the latest 20171017.....
    Cheers Malcolm °¿° SUSE Knowledge Partner (Linux Counter #276890)
    SUSE SLE, openSUSE Leap/Tumbleweed (x86_64) | GNOME DE
    If you find this post helpful and are logged into the web interface,
    please show your appreciation and click on the star below... Thanks!

  4. #14
    Join Date
    Jun 2017
    Location
    Australia
    Posts
    582

    Default Re: WPA2 situation

    Not so much missed per se, as rather declined to bother doing my usual weekly dup. Why? Coz last week someone [might have been you, might have been someone else] mentioned something like "Plasma 5.11.1 will be out on Tuesday", & as i found stuff that does not work correctly in one of my test TW VMs that i had already upgraded to P5.11.0 as soon as it came available, i thought i'd just wait for 5.11.1 to arrive before duping my real TWs. Tues' been & gone. I read the MLs each morning looking for news of it, but still have not seen it. If not here by Sat i shall have to dup anyway i suppose, just to not be too far behind.

  5. #15
    Join Date
    Jun 2017
    Location
    Australia
    Posts
    582

    Default Re: WPA2 situation

    This is totally OT. Not wanting to make you blush or anything, but... how the %^$@ do you know all this stuff? It's amazing & i am constantly agog. You seem to know everything, & i feel constantly floundering. Thank goodness for your & the others' generosity !!

  6. #16
    Join Date
    May 2012
    Location
    Finland
    Posts
    2,226

    Default Re: WPA2 situation

    Experience.
    .: miuku @ #opensuse @ irc.libera.chat

  7. #17
    Join Date
    Aug 2010
    Location
    Chicago suburbs
    Posts
    16,016
    Blog Entries
    3

    Default Re: WPA2 situation

    Quote Originally Posted by GooeyGirl View Post
    Not so much missed per se, as rather declined to bother doing my usual weekly dup. Why?
    There's nothing wrong with delaying updates. But when there is a fix for a known security issue, maybe it is time to bring your system up to date.
    openSUSE Leap 15.4; KDE Plasma 5.24.4;
    testing Tumbleweed.

  8. #18
    Join Date
    Jun 2017
    Location
    Australia
    Posts
    582

    Default Re: WPA2 situation

    Quote Originally Posted by nrickert View Post
    There's nothing wrong with delaying updates. But when there is a fix for a known security issue, maybe it is time to bring your system up to date.
    As a general principle i completely agree with you. In the present specific case, additional to what i already posted, my thinking was as follows.

    1. My primary pc is my Tower, & is in use all day every day, & often also long into many nights. This pc does not have WiFi; it connects to my modem exclusively via Ethernet cable. Hence, i presumed that this important patch will not actually do anything useful on this pc.
    2. My secondary pc is my Laptop. There are exceptions, but generally speaking this pc is left Suspended during daylight hours, & i only wake it at nights when i want to stream Netflix. It of course does have WiFi, & that's how i connect it to my modem. Hence it would appear that this pc should be prioritised for the dup to get the patch. Yet i still have not done it. I was intending to do it yesterday, but then i had the following, completely fatalistic pessimistic realisation. Even if/when my Lappy is patched, my WiFi modem remains unpatched, & unpatchable [by me, at least]. Hence, patching my Lappy's WiFi does not actually protect me, does it? Why can't a putative "bad person" still "war drive" around my neighbourhood, sniff my WiFi network, & break into it through the modem by the exploits recently revealed? That is, why is patching my Lappy helpful, if the modem remains vulnerable anyway? In other words, i depressingly concluded that "I'm stuffed", until & unless i could afford to buy a better modem that is properly secure.
    3. Is my logic defective? If yes, i would immediately do the dups, even if not yet at my normal weekly interval.


    You may commence your communal laughter at my silliness & ignorance, now.

  9. #19
    Join Date
    Jun 2008
    Location
    East of Podunk
    Posts
    33,257
    Blog Entries
    15

    Default Re: WPA2 situation

    Quote Originally Posted by GooeyGirl View Post
    As a general principle i completely agree with you. In the present specific case, additional to what i already posted, my thinking was as follows.

    1. My primary pc is my Tower, & is in use all day every day, & often also long into many nights. This pc does not have WiFi; it connects to my modem exclusively via Ethernet cable. Hence, i presumed that this important patch will not actually do anything useful on this pc.
    2. My secondary pc is my Laptop. There are exceptions, but generally speaking this pc is left Suspended during daylight hours, & i only wake it at nights when i want to stream Netflix. It of course does have WiFi, & that's how i connect it to my modem. Hence it would appear that this pc should be prioritised for the dup to get the patch. Yet i still have not done it. I was intending to do it yesterday, but then i had the following, completely fatalistic pessimistic realisation. Even if/when my Lappy is patched, my WiFi modem remains unpatched, & unpatchable [by me, at least]. Hence, patching my Lappy's WiFi does not actually protect me, does it? Why can't a putative "bad person" still "war drive" around my neighbourhood, sniff my WiFi network, & break into it through the modem by the exploits recently revealed? That is, why is patching my Lappy helpful, if the modem remains vulnerable anyway? In other words, i depressingly concluded that "I'm stuffed", until & unless i could afford to buy a better modem that is properly secure.
    3. Is my logic defective? If yes, i would immediately do the dups, even if not yet at my normal weekly interval.


    You may commence your communal laughter at my silliness & ignorance, now.
    Hi
    Your system(s) your call, but if you look there is an update to 2071018 available, CVE's in the list. You need to review the ML post, then decide if the package is installed whether to update.

    Is the modem your's or the ISP's? If yours, does it support openWRT?
    Cheers Malcolm °¿° SUSE Knowledge Partner (Linux Counter #276890)
    SUSE SLE, openSUSE Leap/Tumbleweed (x86_64) | GNOME DE
    If you find this post helpful and are logged into the web interface,
    please show your appreciation and click on the star below... Thanks!

  10. #20
    Join Date
    Jul 2008
    Location
    Seattle, WA
    Posts
    17,385

    Default Re: WPA2 situation

    On Fri, 20 Oct 2017 01:56:02 +0000, malcolmlewis wrote:

    > Is the modem your's or the ISP's? If yours, does it support openWRT?


    Arguably, it'd not the modem - it'd be the router. <g>

    (openWRT user here myself)

    But my understanding of the WPA2 vuln is that it's a client-side issue,
    so a change at the router isn't really going to address it. But I'll be
    the first to admit I don't know everything about it, so I could be wrong
    there (in which case, I need to get my router updated).

    Jim
    --
    Jim Henderson
    openSUSE Forums Administrator
    Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C

Page 2 of 4 FirstFirst 1234 LastLast

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •