top | item 11560717

(no title)

quit32 | 9 years ago

Article is completely wrong about not being able to decrypt other clients traffic when the PSK is known to the malicious actor and the authentication handshake is able to be observed.

This is well known and even documented in wiresharks guides. see Gotchas -> "WPA and WPA2 use keys derived from an EAPOL handshake,..." https://wiki.wireshark.org/HowToDecrypt802.11

discuss

dancsi|9 years ago

I agree, handing out the same static "secret" key to millions of New Yorkers would make no sense at all.