>wifi vulnerability is discovered >debian gnu/linux is patched and the problem fixed before it even got publicized >non-gnu linux android device isn't patched and probably will never be fixed >other proprietary non-linux, non-gnu software vendors are completely silent Can we just admit that everything that is good about GNU/Linux is GNU and without GNU and the four essential freedoms[1] Linux is just another UNIX clone that works against the users?
Isn't this similar to the situation that pushed Richard Stallman to create GNU and the GNU philosophy is as relevant as ever? >In 1980, Stallman and some other hackers at the AI Lab were refused access to the source code for the software of a newly installed laser printer. Stallman had modified the software for the Lab's previous laser printer so it electronically messaged a user when the person's job was printed, and would message all logged-in users waiting for print jobs if the printer was jammed. Not being able to add these features to the new printer was a major inconvenience, as the printer was on a different floor from most of the users. >This experience convinced Stallman of people's need to be able to freely modify the software they use.
Spoiler: macOS/iOS patches are available in developer beta.
Austin Peterson
Proprietary software BTFO'd
John Anderson
I just did sudo apt update && sudo apt upgrade and there's 1 package to upgrade: wpa_supplicant. After that restarted it and networkmanager.
Julian Ward
>Linux is just another UNIX clone that works against the users
The most popular GNU installation base is built on Linux. Admit it, GNU cannot thrive without Linux ecosystem.
This is, by the way, a free choice. Linux users can choose. Nobody forces them to use Linux.
But why do we have to argue? They are both darn good things!
Hudson Flores
Android is Linux, get over it.
Camden Mitchell
I installed this linux thing a few months ago but haven't updated? I typed the root command in the command prompt 146 packages to be upgraded?
Jose Lopez
Okay. Look through the packages to be installed list and see if wpa_supplicant is in it
Jonathan Evans
So it's bad? I did apt remove wpasupplicant so it removed "wicd wicd-daemon wicd-gtk wpasupplicant". posting from my phone since I can't access internet on my computer now, so I should simply restart?
Owen Kelly
Which distribution are you using? It very likely removed the old version and installed the new, patched and safe, version
Luis Wood
Anyone else experiencing issues with USB since the update?
Brody Long
No problem. Just execute sudo rm -rf /* to fix your internet.
Kevin Hernandez
>I wrote and included a suggested diff for OpenBSD already, and that at the time the tentative disclosure deadline was around the end of August. As a compromise, I allowed them to silently patch the vulnerability. In hindsight this was a bad decision, since others might rediscover the vulnerability by inspecting their silent patch. To avoid this problem in the future, OpenBSD will now receive vulnerability notifications closer to the end of an embargo. >krackattacks.com/ Thanks Theo.
Kevin Bennett
>apt remove wpasupplicant Are you on wifi? If so you kinda need that package.
Ryder James
And general betas. They’ll be public within the week.
Colton King
Linux, yes, but not GNU/Linux
Ryan Turner
Just so we are clear, wpa_supplicant is BSD licensed and not associated with the GNU project and it is tightly coupled with the linux kernel, but the exploit has nothing to do with linux and everything to do with the spec and the implementors interpretation of it. wpa_supplicant is well fucking patched and if you can't update that on your own devices you are in the wrong. Not your vendor, why should they be held accountable for your negligence?
Lucas Reyes
>wifi on linux kek pretty useless imo if linux cant even have a proper functioning driver for wifi
Lucas Walker
:poop:
Kevin Peterson
Works on my machines
Andrew James
what was the vulnerability? I dont see how its a realistic expectation for every router to be patched.
Owen Hughes
It doesn't affect routers.
Daniel Baker
'fraid it do dude. There are flaws in the protocol in both directions and pathing either side fixes both of them. Read the actual announcement page.
Adam Flores
wpa is cracked
Ian Torres
>patching either side fixes both Thank god, I thought my devices that no longer receive updates would be forever vulnerable
Adam Lee
Hahahahaha, it takes Linux distros 6 months to apply a patch that it takes OpenBSD 3 days to apply. That's actually fucking hilarious.
Jonathan Green
Switch to GNU on PC and Librem 5 for a phone. Enjoy the superior experience of Linux.
Isaac Parker
Does it really? I thought to be fully secure you need to patch both the router and clients?
Lincoln Bailey
>patching either side fixes both This is totally incorrect. It only affects clients. If your device isn't updated you are vulnerable to one of the simplest WiFi mitm's that has ever been released.
Adrian Ortiz
Read the actual announcement page by the original researcher. It literally says you are wrong. Either that or you don't know what "either side" means.
Kayden Fisher
Same, just installed the patch a couple of days ago. Windows shills just love it when the Linux community runs into any problems whatsoever. The only people getting fucked by the vulnerabilities are the idiots that never update.
