Quote:
Originally Posted by haertig
If that's the case, why is there any worry about this WPA2 vulnerability? Or is this encryption only used during login, and not routine transmission (downloading books)? But the DRM on eBooks would serve as effective encryption.
Or is this WPA2 vulnerability more than just the simple eavesdropping case that I'm assuming?
|
It allows a physically nearby attacker to perform a full man-in-the-middle attack on the connection, so in effect it can remove the encryption entirely, and block or inject arbitrary packets -- but only the encryption at the wifi level. If the layer beneath is communicating using another shared secret (as the Kindle does), the only thing the attacker can do is DoS the connection by just refusing to pass some or all packets on (or changing them in transit, which would cause them to be dropped by the recipient, with the same effect). Eavesdropping is impossible, and though the attacker can fake out DNS, since the attacker cannot mimic Amazon's HTTPS traffic (due to lack of their private keys), again all this can be used for is denial of service.