[TriLUG] Got a Yubikey or a Chromebook? Heads up about ROCA...
Aaron Joyner via TriLUG
trilug at trilug.org
Tue Oct 17 13:06:42 EDT 2017
I think it's worth highlighting that ROCA is a separate vulnerability from
KRACK. It does not (directly) affect wireless security. ROCA stems from
an issue with vulnerable RSA key generation, KRACK stems from protocol
issues.
On Tue, Oct 17, 2017 at 12:15 PM, Roger W. Broseus via TriLUG <
trilug at trilug.org> wrote:
> See,
>
> http://www.zdnet.com/article/here-is-every-patch-for-krack-w
> i-fi-attack-available-right-now/
>
> and
>
> https://www.windowscentral.com/vendors-who-have-patched-krac
> k-wpa2-wi-fi-vulnerability
>
> Might have duplicity.
>
> --
> Roger W. Broseus - Linux User
> Email: RogerB at bronord.com
> Web Site: www.bronord.com
>
> On 10/17/2017 09:56 AM, Scott Chilcote via TriLUG wrote:
>
>> Thanks Aaron,
>>
>> This article has a list of the Chromebooks that have the vulnerability:
>>
>> https://sites.google.com/a/chromium.org/dev/chromium-os/tpm_
>> firmware_update
>>
>> I was glad to see that I missed out on this one.
>>
>> Scott C.
>>
>>
>> On 10/17/2017 08:50 AM, Aaron Joyner via TriLUG wrote:
>>
>>> TL;DR: If you have a Chromebook, a Yubikey 4, or other device which uses
>>> an
>>> Infineon TPM for hardware encryption, the RSA private keys generated by
>>> that device may be rather easily compromised.
>>>
>>> Fixes are rolling out where possible. For some use cases you may have to
>>> regenerate keypairs and redistribute public keys. Some devices like the
>>> Yubico 4 can't update this aspect of the software in the TPM by design,
>>> and
>>> will have to be replaced.
>>>
>>> Here are a few links, ranging from news-y to technical:
>>> https://www.forbes.com/sites/thomasbrewster/2017/10/16/worse
>>> -than-krack-google-and-microsoft-patch-massive-5-year-old-
>>> encryption-hole/#501ffe9747c3
>>>
>>> https://www.bleepingcomputer.com/news/security/tpm-chipsets-
>>> generate-insecure-rsa-keys-multiple-vendors-affected/
>>>
>>> https://www.infineon.com/cms/en/product/promopages/rsa-updat
>>> e/rsa-background
>>>
>>> https://www.yubico.com/support/security-advisories/ysa-2017-01/
>>>
>>> October is an "uncomfortably exciting" month, security-wise...
>>> Aaron S. Joyner
>>>
>>
>>
> --
> This message was sent to: Aaron S. Joyner <aaron at joyner.ws>
> To unsubscribe, send a blank message to trilug-leave at trilug.org from that
> address.
> TriLUG mailing list : https://www.trilug.org/mailman/listinfo/trilug
> Unsubscribe or edit options on the web : https://www.trilug.org/mailman
> /options/trilug/aaron%40joyner.ws
> Welcome to TriLUG: http://trilug.org/welcome
More information about the TriLUG
mailing list