The iOS 9+ bug: Why did PEAP or TTLS users get locked out of Wi-Fi when their password is updated? Why and how does TLS authentication still work? To update or not to update? The unfortunate trade-off of the cool …
Certificate Lifetimes – Is 20 Years Too long?
Certificate Lifetimes – Is 20 Years Too long?
August 13, 2015Over the last few years, software makers have begun cracking down on certificates that do not expire soon enough. Most browsers will reject any SSL certificate with a lifetime longer than 39 months. This may seem like a long time, …
Wireless Hacks from Defcon and Blackhat 2015
Wireless Hacks from Defcon and Blackhat 2015
August 11, 2015Defcon 2015 (ahem, excuse us, DEF CON® 23!) took place this last weekend in Las Vegas, preceded by a week of Black Hat 2015. As always, we look for the odd and interesting in the world of wireless security. A …
WPA2-PSK is Not Enough
WPA2-PSK is Not Enough
July 24, 2015In this day and age, employees are accessing their corporate resources wherever they can get a strong wireless signal, whether that’s a public hotspot, the office, or a friend’s apartment. Methods of authentication based on a pre-shared key (PSK) are …
Dinosaurs Among Us: The Archaic Protocol at the Heart of Secure Wireless
Dinosaurs Among Us: The Archaic Protocol at the Heart of Secure Wireless
July 17, 2015At SecureW2, we develop a lot of technology for wireless security, more specifically 802.1X. If you’re not familiar 802.1X, it’s the basis of WPA2-Enterprise networks that corporations, colleges, and other large organizations use. And inside the vast majority of these …
Samsung keyboards vulnerable to Man-in-the-Middle exploit
Samsung keyboards vulnerable to Man-in-the-Middle exploit
June 30, 2015During a presentation at BlackHat London in early June, a major vulnerability in software that comes bundled with Samsung phones was unveiled. The bug, uncovered by NowSecure researcher Ryan Welton, lets intruders hijack software updates for Swiftkey, the device’s default …
Wi-Fi Sense Is a Wakeup Call for PSK Networks
Wi-Fi Sense Is a Wakeup Call for PSK Networks
June 23, 2015Wi-Fi Sense is a feature that has been around for a bit in the Windows phone environment, but will make its PC debut in Windows 10. In essence, it lets Windows users share Wi-Fi connections with each other. It’s an …
Stop using self-signed certificates for 802.1X
Stop using self-signed certificates for 802.1X
May 26, 2015When setting up 802.1X we often run into questions about using self signed certificates for WPA2-Enterprise server certificate validation. First, we should clarify the difference between a self-signed certificate and a private Certificate Authority — this is often a point of …
LogJam- Another cryptography bug from the past
LogJam- Another cryptography bug from the past
May 21, 2015A team of researchers recently discovered a new vulnerability that significantly weakens the encrypted connection between a user and web or email server, potentially putting your secure web information at risk. This latest flaw, named the “LogJam” bug, affects all …
802.1X and HTTPS face off when it comes to server certificate validation
802.1X and HTTPS face off when it comes to server certificate validation
May 15, 2015This is part 2 of our series on server certificate validation. In talking with many customers about setting up RADIUS certificates, it is clear many admins have a difficult time describing the server certification validation process to their user base. …
