The long weekend is nearly here – time to break out the speakers for a poolside party. Check out Yes... Read the full story
2017-10-19 11:17 AM
We’ve received quite a few questions about software updates for Android devices to protect them from Krack Wi-Fi and would like to provide you with some background information.
When a new update is made to an Android Operating System (OS), the device manufacturer will send it to our software testing team who will then check it is compatible with our network first before it is ready to be rolled out and used by customers.
We have been in touch with all of our handset manufacturers to check on the status of a security software update that would protect Android devices from Krack Wi-Fi. The manufacturers are currently waiting for Google to provide a patch before they customise it for their software and handsets. Once the manufacturers receive this from Google, they will send it to our team to test. Once it’s been approved by our team it will then be pushed out to our Android customers.
We don’t have an ETA on when the next software update for each device will arrive at this stage, however, any new updates will appear in our Android Software Update blog section and we’ll also be updating this thread with the latest information.
2017-11-29 10:11 PM
Hi. And I quote "When a new update is made to an Android Operating System (OS), the device manufacturer will send it to our software testing team who will then check it is compatible with our network first before it is ready to be rolled out and used by customers." So after you get that zip and test, can you please provide it as a download? Then we can use it. Would be much appreciated. I own my phone (bought outright), it has Optus firmware, therefore you are responsible for providing updates....right?
2018-05-24 01:26 AM
For years we've all depended on the WPA2 (c084d04ddacadd4b971ae3d98fecfb2a covered get entry to) protocol to cozy our c084d04ddacadd4b971ae3d98fecfb2a networks. that each one involves an end these days.
safety researcher Mathy Vanhoef has discovered what he has labeled KRACK, an exploit that assaults a vulnerability within the handshake of the WPA2 protocol which you maximum possibly use to defend your c084d04ddacadd4b971ae3d98fecfb2a at home and millions of small organizations around the arena use, too.
update: A declaration from Google given The Verge says that whilst each c084d04ddacadd4b971ae3d98fecfb2a enabled tool is affected, Android telephones the usage of Marshmallow (Android 6.zero) or better pose a special chance and are liable to a variant of the take advantage of that may control wi-fitrafwiwireless. models on older wirelessrmware are susceptible in different ways, but wi-fi injection is a severe difwiwireless. expect a repair from Google in the near destiny.
speakme at the ACM conference on computer and Communications protection in Dallas, Vanhoef explained that this exploit may additionally permit packet snifwirelessng, connection hijacking, malware injection, and even decryption of the protocol itself. The vulnerability has been disclosed to the individuals who want to recognize those styles of matters early to wireless restoration and US-CERT (u.s.a. laptop Emergency Readiness crew) has launched this prepared bulletin:
US-CERT has come to be privy to numerous key control vulnerabilities inside the 4-way handshake of the c084d04ddacadd4b971ae3d98fecfb2a included get entry to II (WPA2) safety protocol. The impact of exploiting those vulnerabilities includes decryption, packet replay, TCP connection hijacking, HTTP content material injection, and others. observe that as protocol-level issues, maximum or all correct implementations of the standard will be affected. The CERT/CC and the reporting researcher KU Leuven, will be publicly disclosing these vulnerabilities on 16 October 2017.
in keeping with a researcher who has been briefed on the vulnerability, it really works through exploiting a four-manner handshake it truly is used to establish a key for encrypting wireless. at some stage in the 1/3 step, the important thing may be resent more than one times. while it is resent in positive ways, a cryptographic nonce may be reused in a manner that absolutely undermines the encryption.