I found some design and implementation flaws in Wi-Fi again. All Wi-Fi devices are affected. It was a long ~9 months embargo, over this time a lot of info has been collected and that info now available at fragattacks.com
Finally, WPA3!! It will include a more secure handshake: "WPA3 will deliver robust protections even when users choose passwords that fall short of typical complexity recommendations" wi-fi.org/news-events/ne…
New #TunnelCrack flaw can break a large majority of VPNs: we can trick a VPN into leaking traffic outside the protected VPN tunnel. Our tests indicate that this is a widespread design issue. For a demo, more details, and the USENIX Security paper, see tunnelcrack.mathyvanhoef.com
Me and @eyalr0 found new flaws in the WPA3 security guidelines that were *privately* created after our 1st disclosure. More details at wpa3.mathyvanhoef.com/#new and in our just accepted S&P paper. Wi-Fi standard is now being updated with proper defenses, which might lead to WPA3.1
Some IoT devices are initialized through smartphone apps that encode the SSID and password of the Wi-Fi network in the length of broadcasted packets. Attacker can capture this and extract the password. See loccs.sjtu.edu.cn/~romangol/publ…#wisec
Also check out github.com/vanhoefm/fraga… It's test tool with 45+ test cases, a live USB image, can test both APs and clients, both home and enterprise networks, supports multiple network cards, and contains references to slides and other overview info :)