back to article Warning: Your wireless networks may leak data thanks to Wi-Fi spec ambiguity

Ambiguity in the Wi-Fi specification has left the wireless networking stacks in various operating systems vulnerable to several attacks that have the potential to expose network traffic. The design oversight was described in a presentation this week at the 2023 Real World Crypto Symposium, in Tokyo, Japan, by Mathy Vanhoef, a …

  1. WolfFan Silver badge


    I noticed two prominent missing OSes: mcOS and Windows, which between own over 95% of the desktop. If iOS is derived from macOS, and t is, and iOS is affected, and it is, then shouldn’t macOS have problems, too? And as for Windows… watch out for flying pigs, me lads and lasses, for if there’s a serious security issue that does NOT affect Windows, we are truly living in the Age of Miracles.

    1. jollyboyspecial Silver badge

      Re: Hmm

      I think what you're doing here is know as "confirmation bias".

    2. Anonymous Coward
      Anonymous Coward

      Re: Hmm

      ...or you can just be elite, like me, and run OpenBSD and not be affected by news like this the vast majority of the time. Also, did you happen to read section 5 of the new Restrict Act ? You needed to be running OpenBSD , since, years ago, for various other obvious reasons too.

      1. An_Old_Dog Silver badge

        MOST of the Time is not ALL of the Time

        I run OpenBSD, too, but I do not let that make me complacent about my computers' security.

      2. wub

        Re: Hmm

        "Also, did you happen to read section 5 of the new Restrict Act ?"

        Yeah, just did. This sentence has no relevance to the other sentences in your post. Might as well be a comment on the social life of a goose, as far as any point being made about running a given operation system. ChatAPI, is that you?

    3. Roland6 Silver badge

      Re: Hmm

      Suspect they didn’t test the hotspot capabilities of macOS and Windows, probably because they were focusing on common WiFi AP platform OS’s.

      I wonder how much use the Windows Share my network connection gets these days…

    4. DS999 Silver badge


      If as they say this is an ambiguity in the spec, Microsoft may have simply interpreted that ambiguity differently than others did and not been affected.

    5. Anonymous Coward
      Anonymous Coward

      Re: Hmm

      well... it is not an OS issue it is a protocol specification and implementation mistake

  2. RichardBarrell

    Ah well

    WiFi continues to be possible to snoop on, ever since the days of the WEP fiasco. Continue to use TLS for all the traffic you care about.

    1. martinusher Silver badge

      Re: Ah well

      Actually, WEP worked quite well provided that you used long keys and cycled them frequently, every few thousand frames. Sure, it had all the security of wet tissue paper but the fact is that people never figured out how to configure and use it properly -- they want one password to Rule Them All because that's how they were brought up to think of passwords.

      ...and yes, its wireless which means anyone can snoop on it. The smart money assumes that the link will be compromised so uses end to end encryption.

  3. jollyboyspecial Silver badge

    I'd agree with Cisco on this one. If your traffic is encrypted then if you are just stealing the client's MAC address in order to receive the buffered frames intended for that client then all you are doing is getting a bunch of encrypted frames. Not a lot of use to you without the key. And of course without the key you can't continue the conversation anyway. Unless I'm missing something fairly obvious. Quite possible as I've already missed breakfast and lunch today.

    1. Roland6 Silver badge

      The question is whether this attack can be used to support a man-in-the-middle attack or network sniffer style of eavesdropping.

      1. jollyboyspecial Silver badge

        Unlikely as it only seems to allow the attacker to grab frames that are buffered

        1. Roland6 Silver badge

          Now having read the prepublication paper (see link in article), the paper gives details about how a man-in-the-middle attack could potentially be supported by taking advantage of credential retention timeouts, intended to cover legitimate disconnects and reconnects due to poor Wi-Fi connection…

  4. TRT Silver badge

    Hang on a minute...

    Wasn't that the technique Data used to defeat the Borg assimilation of Earth after the Federation fleet was destroyed at Wolf 359?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like