Dear Turris testers,
we are happy to announce that we just pushed the fix of #KRACK vulnerability into Turris 1.x and Omnia RC branches. Let’s test it depper together so we will be able to deploy it ASAP.
It is possible that you won’t be able to connect to your Wi-Fi networks after the update. That can be easily solved by rebooting the device. Just push a button or restart your router via Foris/LuCI/SSH.
Please, keep in mind that we are not able to fix the vulnerability completely as it is mostly client-side problem. So update not only Turris, but also your computers, smartphones, tablets, washing machines, refrigerators, cars and so on.
Thank you for staying secure with us and enjoy the testing.
Update from 2017/10/17 17:09:45
The updater requests an autorisation of its planned actions. You can grant it in the Foris administrative interface. …
I have Turris 1.1 under contract and there is no authorisation button in Foris … Finished via ssh running updater.sh, program expected Enter or CTRL+C for continue …
is there any more secure alternatives to wpa2 personal? I’ve heard wpa2 enterprise is a good fix but it seems quite a bit complicate to set it up on omnia and not all client devices are able to use that…
Is it enough to fix the AP, or do both the AP and the client need to be fixed in order for this bug not to be exploitable in one particular situation? Or, more generally, is it enough for one side of the connection to be fixed, or do both sides need to be fixed?
I may have worded it wrong but I meant that wpa2 enterprise offers an additional level of security underneath, so it’s a good workaround, like using a vpn or https. but I think that by the time I set up wpa2 enterprise at my home I think all the fixes for all my devices will be released already. so my initial question was - is there any quicker fix than setting up wpa2 enterprise?
