If you want to check for yourself if someone close by i sending deauthentication packages; fire up a Mac and:
1. Open Wi-Fi-diagnostics and change to 'Sniffer' from the Window-tab
2. Dump 30sec-1min of data. The dump is saved to /var/tmp ending with .pcap
3. Open the .pcap file in WireShark and search for wlan == 0x0C
For all the different WiFi packages to filter for:
The router Synology RT2600AC is the only one I have found that guard against deauthentication packages by supporting WPA3 and PMF (encrypt management frames).
iOS 13, Mac OS Catalina and Windows 10 support WPA3 so it comes down to your router.
OpenWRT 19.07 adds wpa3 support and the linux kernel supports 802.11w so probably many more APs could be secured.
Neat! Note that it is not enabled by default and requires installing the -openssl or -wolfssl variant of the hostapd, wpa_supplicant, or wpad package and may require recreating the wireless config file.
Now I have a good and cheap solution to get it solved for friends/family.
As a manufacture you know that you only need a couple of these “bad” devices before you damage the traffic for everyone, forcing everyone to upgrade all their equipment.
It also benefit the Internet providers, because faster network will camouflage the problem a bit.
Is there any such law against this or any efforts in introducing such laws, either in Norway or elsewhere?
>No person shall willfully or maliciously interfere with or cause interference to any radio communications of any station licensed or authorized by or under this chapter or operated by the United States Government.
So according to you, denying everyone usage is worse than denying everyone else usage to improve your usage?
>If we expand the definition of jamming to the protocol level like exemplified here, the law gains broad authority to interpret any online interaction that makes your experience worse as "jamming." The law should really should stick to radio frequency enforcement, and stay out of protocol-level concerns - it's just too big a can of worms.
This is a fundamental misunderstanding of how the legal system works. It's not an algorithm. Intent matters. Going back to the originally quoted text, it says "willfully or maliciously", so maxing out your WLAN to transfer files 24/7 is probably not going to get a knock on the door by the FCC. Intentionally jamming your neighbor's wifi (deauth packets or otherwise) is.
If you’re objecting to the phrasing in the boingboing article (which called it “jamming”), ok, but the law seems clear to me and the interpretation thereof I think was correct.
I posted what turned out to be a misunderstanding (or incomplete if you are more generous) understanding of spectrum rules. My comment was correctly downvoted to 0, but more importantly I got a response that simply explained where I was (utterly) wrong. No flames, no further conjecture, just references. There's a little bit of following discussion.
This is the way it's supposed to work!!
A deauth packet needs the MAC address of the AP to deauth clients connected to it and the MAC address of client you want to deauth, the latter is not required and an omission would result in the packet being treated as a "broadcast deauth" but many clients do not accept broadcast deauth requests.
"Auto Channel Selection" is done very poorly on most routers, there isn't an algorithm to do so in the spec and the vast majority of routers either to a round robin on boot up or default to channel 6 when set to auto, I can count on one hand the number of routers I've seen that run any type of spectrum analysis on the available bands before selecting a channel.
The only thing I've seen that even resembles closely to what you claim is that some ISP provided routers default to "disconnect" every 12-24 hours. Some just reset the DSL connection, but some also reset the clients. This is done primarily by cheap ISP's that want to free up IP addresses they basically reset the DSL connection and complete the handshake but does receive a lease until a client on their network attempts to connect to the internet, think of it as a standby mode.
To ensure that random traffic on the network does not trigger a lease some deauth their wifi clients to reset all existing connections. However this is pretty rare as most DSL providers just reboot the router remotely....
However again random deauth MGMT frames on the same channel would not affect your own wifi network since the MAC addresses of those APs are not identical, conflicting MACs could cause issues but they could cause so many other issues as well way before anything like this could become an issue.
I really don't know why home internet connection and particularly WIFI has so many insane myths and conspiracy theories around it.
The reality is simple the 2.4ghz spectrum is the most contested unlicensed spectrum in common use with everything down from your microwave to house and car alarms, wireless headsets and other wireless radio equipment using because that spectrum has been pretty much defined as unlicensed globally way before WIFI every became a thing.
As a result WIFI equipment and especially old and or cheap equipment works really poorly, and the fact that everything from your mobile phone to your toothbrush today comes with wifi and in many cases spams the spectrum even when it's not enabled only complicates the issue.
Then you have housing that outside of the US is primarily built out of reinforced concrete or bricks even for internal walls and you get the worst possible environment for a stable connection.
It's slightly better now in Europe as wood, foam and composites are becoming more and more common for housing both internally and externally but still I've seen flats in London that the wifi won't work from one room to another if the door was closed, we later figured out that the door had an old layer of lead paint and the flat was in a converted victorian town house from the late 1800's which was built from brick and still had lead piping, some of the windows can also be made out of lead glass especially if they are old and pebbled or painted if they weren't replaced recently (which if you live in a graded building they likely weren't because it would cost a small fortune), and some of the clay bricks and fire bricks may contain high levels of tin and lead naturally.
How many IP addresses can you possibly save with this tactic? If you have 1000 subscribers, are you really going to only get 990 IP addresses, and hope that your subscribers don't all come online at the same time?
That's the problem though. Even if most people are offline during the night or during holidays/weekends, you still need to provision enough IP addresses for peak demand. ISPs aren't paying for IP addresses by the hour, they're probably leasing/buying subnets on a yearly basis, if not longer.
So they would have to be not home, and not leave any IoT device on when away. Of course this happens, but is probably very rare in the evenings (and at night).
There is roaming support in management frames and for signal strengths clients usually do their own roaming if you have 2 APs on different channels for the same SSID your client would select the best on and roam if necessary as the signal strength changes.
Unless you're on ethernet, then you suffer none of wifi's many downsides.
The real the8472 would have never said that. Then again without you coming to pin your message on an actual bulletin board for everyone to see you we can neither confirm the authenticity of this message nor of it author. Implicitly its validity is questionable.
> have other options at their disposal
When I tried connecting all the phones, tablets, watches and other such devices in my house to Ethernet cables it proved to be a real hassle for my cat. Do not recommend.
There's value in convenience and it probably outweighs the drawbacks for all but a (very) few specific applications.
As for the convenience, I think the same kind of reasoning brought us endless ads and tracking.
Of course it isn't. The person making one argument against convenience chose convenience over the massive downsides of using the option with "questionable security" and that is "inherently unreliable". Hence the validity of the claim is undermined. Tomorrow your message might read that "WEP secured WiFi networks are the pinnacle of security and reliability" because dang decided it's a funny thing to do, with little recourse from your side.
The world is not only black or white. You're using the downsides of one extreme as an argument to support the other extreme. Do you realize now that they're both extremes and likely equally wrong?
There's always a balance between security and usability. A sweetspot where the system is convenient to use and still offers as much security as possible. Make it too inconvenient and it's either not used at all or people just end up circumventing all the controls to get that convenience. And this happens ad-hoc, uncontrolled, which is worse.
But it should not be the only option since it can't be relied on due to its many problems. Deauth attacks aren't the only issue.
Although if someone can think of better reasons I would love to hear it.
There are devices that act as AP like the chromecast. This is then used by a smartphone app to connect and configure the device. I don't think the chromecast in particular is the culprit but I wouldn't be surprised a similar device was sending deauth packets due to an implementation mistake.
Rehearsals are done in controlled manner.
Would then drive around with 4 devices collecting data on different channels simultaneously. With GPS and signal-strength you can calculate how often this is.
Been walking around in my neighborhood with a GPS-logger and a simpler setup (WiFi hopping to gather data). Found 4 houses where these signals come from in a 300m radius.
Use a WiFi Dongle that support Monitor mode, as described here:
Edit: Seems my card might actually support monitor mode, I'll probably give it a shot.
Why do they do that?
Installing a doorbell with a camera that looks into the hallway is illegal. You may not record what happens in public spaces on security cameras. And even inside your home, you still have to ask for consent to make an audio recording. Otherwise, this constitutes a crime.
Also, sniffing Wifi for data not aimed at you is illegal. The law is quite broad and covers unencrypted data. Sniffing MACs of devices that don't communicate with your own network falls under that. Sending deauthenticarion packages using those MACs proves the intent to deliberately obtain that data. Thus might even result in a prison sentence. Deliberately interfering with the operation of a Wifi network may also constitute computer sabotage, but the bar for that is higher.
EDIT: I also forgot: creating the program that is intended to specifically interfere with the doorbell is also punishable. This is one of the rare cases where the preparation of a crime constitutes a separate crime in itself. The same goes for the distribution of such tools.
A lecturer from my Hochschule was fired for protesting this practice.
The property owner could make not operating an access point on the property a condition of granting permission to enter the property. Someone who then operated an access point would be trespassing and they (and their access) point could be evicted. In other words, the property owner is already allowed to monopolize those unlicensed airwaves on their property.
If they choose to exercise this monopoly by using technical measures to stop other access points from working, rather than by physically evicting those access points, why should that make a difference as long as those technical measures do not interfere with access point not on their property?
By the same argument, can I also ban cellphones from my property and set up cellphone jammers to enforce this ban? You're free to set up arbitrary "rules" and ban people from your property for it, but that doesn't mean you're deputized by the government to do whatever you want to enforce those rules.
Unlicensed doesn't mean no rules. For example, even though 2.4 Ghz is unlicensed, you're still subject to transmission power limits. In the US at least, there's also statues against interference.
There is no private property right to the radio frequency energy traversing someone's property. The owner / lessor of a property may not interfere in someone's use of the airwaves.
What remains as argument is the service quality aspect.
One wants to deliver the best wireless quality. Either because of own quality needs or because for a production environment.
In either case one is using an unlicensed band that still has certain constraints based on the country. The choice of technology might just not be the right one for these needs. How about 5G?
I can imagine that one can define certain rules only for a private property though.
Radio waves usually do not stop on property fences. One would need to convince a court that it is 100% certain that deauthentication packets can not reach others outside of the property. I guess if the property is big enough that will work or one puts up a Faraday cage around the property or building.
Still one can not send with more power as it might have health consequences for employees or visitors. Private property right is solely for how one uses the property and whom is given access to under what conditions. It does not allow a completely new rule set that conflicts with the “surrounding” law (not to mention human rights). One can still not lawfully murder a person on their private property just because the own property rules allow it.
For public universities I do not see any way to implement wireless restrictions in any lawful way. Their properties are usually public for everyone. So making rules for employees and students that can not be enforced on visitors is probably against the principle of equal treatment.
Then there is the constitutional Academic Freedom in most democratic countries. Not allowing researchers or teachers to freely choose the technology suited for their needs is probably against the constitutions of these states. Also students can not be denied access to a university because of such a rule set because they have freedom of choice where and what they want to study.
Last but not least we discuss this because of a WPA design flaw that is fixed with PMF/WPA3. If we would not have had this flaw to begin with I guess we would never ever had this discussion as we do not have it for Bluetooth or wireless mice/keyboard combos or other wireless protocols that use the same frequency bands.
And finally I wonder about the mindset of the mentioned network admin’s.
I can not agree if one assumes just because an organization might have more people or more important ones or richer ones or has a higher building or … to then assume might is right and enforcing it by using design flaws in network protocols. This will eventually lead to an arms race with no winner at all.
Ugh, yuck, I hate when lawmakers write laws like that. What does that even mean? All WiFi that I can hear is aimed at me. That's how radio works.
No, I'm not being disingenuous or obtuse, this is a legitimate concern with the way we're allowing artistic liberty into the written law. It's really badly ambiguous, not to mention the ridiculous violation of autonomy that you can't listen to broadcasts you can hear is.
That most people do not choose 802.11w is a similar state of ignorance. Yes these are public broadcasts. The laws are substitutes for more thoughtful engineering.
We have little privacy on the internet; that ship has sailed, through similar ignorance. It's worth worrying about doorbells, but that's not the big picture.
- The camera can only be active when someone actually rings your doorbell
- You cannot store any images from this camera.
If the system you have installed doesn't abide by those rules, it falls under the more stringent camera surveillance law. That includes hanging up pictograms indicating camera surveillance, registering and obtaining permission,... and so on (gdpr becomes relevant).
In America this could be up for debate. Much of this kind of law depends on a "reasonable expectation of privacy", meaning that if anyone could see you there, it's not an issue to record or take pictures. An apartment hallway actually may or may not count as a public space, depending on whether or not the building is access controlled.
Record audio at your peril: (This is re: New York)
“...it is possible to violate the Wiretapping Act (and thereby commit a felony) by pointing a camera at a person speaking on a cell phone and creating an audio recording of part of the telephone conversation.”
Recording audio is always fraught with risk. You should avoid it, especially in indoor locations that you do not control.
This means you can't leave a microphone at a bus stop to record random conversations, say, not without a) owning the bus stop, and b) loudly announcing the presence of the microphone to all users of said bus stop. Replace "bus stop" with any public space. This also applies to private spaces as well, even when you're the owner. Thus you can have video surveillance at any office, but audio surveillance is generally a big no-no.
As a matter of courtesy, I never aim a telephoto at windows. Paparazzi are an entirely different class though in that most have no "class" anymore it seems.
- Have talked to multiple business owners nearby and they can't figure out why their wifi won't work.
- Comcast Business is worthless and weeks of calls by business owners and multiple tickets have led to nothing.
- Have talked to the mayor of the town and their tech guy agrees something is wrong.
- A "smart guy" that works for the government doing security did a quick scan and said it was because one wifi was on a channel between 1 and 6 so the overlap was causing the problem... that wasn't it.
- Have approached university researchers to see if their students would be interested in looking at/for it. No response.
- Have walked with laptop watching signal strength and know roughly which building it is coming from.
From what I understand, there is NOTHING one can do to attack it, other than sending massive RF interference, which would be a crime in itself.
How the heck does one get rid of this thing? Any suggestions?
I think people don't believe a technical glitch is a real world problem. I've tried to tell them that it is definitely impacting their business (restaurants and cafes) and so there is in addition, a monetary impact, just as if someone was causing damage to their business that drove away customers.
Could be you can break the device by flooding it with fake SSID, using AirPlay-ng. A bit more technical but should be possible with every Mac or most WIFi dongles that support monitor-mode (could be illegal).
Not sure about breaking the device by flooding with SSIDs? Sorry, not my area here. From what I know, it isn't on any network (it does appear to have a network with an SSID though), but it is attacking up and down all nearby devices regardless of channel or SSID.
Have you considered that what you are seeing is unintentional ? I myself have set up many different (RX only!) experiments in GNU Radio, etc., and had to leave them sit for weeks at a time while I was busy with actual work.
Maybe someone was tinkering/playing/experimenting and just left it on ? I would suggest putting up a polite, but loud and eye-catching one page sign at the entrance to this building alerting someone that they are dramatically impacting their neighbors.
They do this kind of thing - it's called a "fox hunt".
Finding a cop that's willing to go out on their own to find a potentially unsolvable crime is going to be pretty hard. There are way bigger cases they are already tasked making them too busy to actually get interested in this kind of non-violent/non-life threatening case. 1st world problem: my wifi isn't working because someone else's wifi is being mean.
Also, the device is intermittent. I can collect traces, but who do I send them to?
Guy was real nice and seemed to understand what I was worried about.
I had an officer acquaintance who said he pulled over a car with a shotgun in the back seat and asked who it belonged to, nobody was willing to claim it. He impounded it as abandoned property despite it being perfectly legal to possess.
> In practice, any ordinary computer has come under the jurisdiction of the law, including cellphones, due to the interstate nature of most Internet communication.
"In addition to monitoring rogue APs, you can actively prevent your users from connecting to them. When suppression is activated against an AP, the FortiGate WiFi controller sends deauthentication messages to the rogue AP’s clients, posing as the rogue AP, and also sends deauthentication messages to the rogue AP, posing as its clients."
Besides, jamming has a much less targeted effect than a de-auth.
For example, an attacker may wish to keep their network working while disrupting others (there is an example of Marriott hotels doing this linked elsewhere in the comments here).
... skims search result for "rogue access point suppression"
wow this is just stupid
Edit: minor grammar clarification.
Not proud of it today of course, but fun times ;)
Incidentally, I was considering one of these devices as an addition to my home automation setup, then I realized that it would not be cool to monitor every person getting out of the elevators on my floor.
Also, deauth isn't anything new and you don't have to 'hack' anything in aircrack-ng since all of the tools for this are available out of the box, with nice configuration to select what has to be included and what excluded from deauth.
Wouldn’t the Ring just buffer and send once it rejoined the network?
I think industries follow the money. If the end user doesn't absolutely demand security features, then there won't be such features. Typically people who obsess about security build a product that provides security as a product (vs. a camera as a product).
The guy who wrote Minix makes this argument (and no, he doesn't dislike Linux Torvalds): There are solutions to security problems, but you need to be interested in them in the first place. The military for example is interested in microkernels because in their case security is critical. Minix I believe is written more for reliability (e.g.: uptime) and (better) security comes as a added benefit.
Anyone has background info on why the hell WiFi spec is designed this way?
WiFi is protected via PSK (pre-shared [encryption] key), public cryptography (via CA generated key-pairs), or RADIUS. With RADIUS auth you may be able to harvest the username but the password is used as a PSK which is a shared secret between the client and RADIUS server. This is a two way check (i.e. the client confirms the RADIUS backed WiFi AP has the password too). After they both confirm each other has the password, a different encryption key is used.
There's no WiFi Auth protocol that I know of that involves sending a password over the air (hashed or otherwise).
Also what you describe with RADIUS is incorrect as well but there are too many ways to configure 802.1x and RADIUS to cover all of why in a comment. Overall it is considered safer than WPA2 though so the conclusion is sound.
Let's first off go back to what I was replying to:
> At that point, the attacker can pose as the router and collect the password hash.
By claiming my correction is "absolutely false" you're asserting that the above statement is "absolutely true." But even your technically unsound correction doesn't actually address the underlying inaccuracy of the original statement or why you seemingly believe it is "absolutely true."
It is also pretty clear from your reply that you're attempting to muddy the waters by conflating the PTK with the PSK or any other "password." The PTK isn't a password. It isn't like a password, and in order to derive it you need additional information which you need to attack (which is easier than attacking the PSK itself, thus WPA3's improvements, but doesn't make the above statement technically sound or true).
Your post reads like you decided to correct before having any corrections to actually make then tried to muddy the topic as much as possible in the hope that others would be fooled. Plus is "collect the password hash" really a hill worth dying on for WiFi Auth? That's obviously an unsound technical claim, that isn't how the protocol works at all (and you seemingly must know that given your knowledge).
> Also what you describe with RADIUS is incorrect as well but there are too many ways to configure 802.1x and RADIUS to cover all of why in a comment.
So it is "incorrect" because I simplified it rather than describing the process in intricate technical detail? And you won't point out why it was "incorrect" because it is too technically difficult..? K.
> By claiming my correction is "absolutely false" you're asserting that the above statement is "absolutely true."
> technically unsound correction
Please explain how.
> It is also pretty clear from your reply that you're attempting to muddy the waters by conflating the PTK with the PSK or any other "password."
The PMK is part of the PTK hash. When using a PSK the PSK = the PMK. Not much to conflate, the PTK is a hash of the password with other variables. Exactly as I explained.
> in order to derive it you need additional information which you need to attack
I already explained how the rest of the information needed to derive the PTK is sent in the handshake frames.
> Your post reads like...
Please stick to talking about WiFi authentication.
> Plus is "collect the password hash" really a hill worth dying on for WiFi Auth?
Prior to WPA3, yes - as explained already.
> So it is "incorrect" because I simplified it rather than describing the process in intricate technical detail?
It was incorrect because the password isn't used as a PSK so cracking the PTK gets you a nonce instead of the user password.
> And you won't point out why it was "incorrect" because it is too technically difficult..?
Given we are still trying to agree how the 4 way handshake works and what parts get hashed in it, yes - it is.
Edit: According to other comments, it seems that “spoofed” deauth does have legit use cases (other than DoS’ing neighbor’s internet of shit devices).
Running this software is likely illegal depending on the jurisdiction might be anything from a misdemeanor to a crime.
No need to edit aircrack-ng, WireShark does what he did natively (filter out and set channels), and a good realtek chipset allows you to set the scan interval so you can cover more channels (which is why the new ALFAs suck).
Also the DTIM and keepalive can be set such that the MCU can sleep while the phy link maintains a connection without a costly handshake, esp. if using TLS <1.3 to talk to the cloud. Reconnecting costs a shit ton of energy so they usually don't disconnect.
Hacking Wi-Fi has become exceptionally more difficult, as noted by the slow dating of materials at DefCon's WiFi Village over the past 8 years: cracking WPA2 is basically so hard no one bothers, even in CtF games.
"Smarter Home Networks" and creating a business around bolstering security on the slew of IoT devices available today.
20+ years ago when I was a Windows sysadmin, you could immediately discern the technological savviness and technological maturity of an individual by looking at their system tray:
The number of little icons in their system tray was inversely proportional to their level of this kind of technological maturity.
The system tray of 2019 is connected/smart/cloud devices in ones home.
Either way, it's not a well written post. I'd shred it here but the comments below it already cover what I would have said.
These ring devices are also installed outside of the US. The law is entirely different in other countries. A statement as "no reasonable expectation of privacy": why not? Just because people could record and film you doesn't mean it's allowed or that it's ok.
For Netherlands: You cannot just have a camera recording the public. Though there's a bit of leeway, meaning if you have a camera recording your property it's logical that it'll record a bit of the road. You just have to minimize that bit. Interestingly enough, police actually encourages the installation of Ring camera's (so specifically Ring over anything else). It seems you can install these if it's just in front of your door and property. However, if they're on a flat (where neighbours need to walk by your door to get to your door), then you cannot have these.
In the US, it is allowed and is OK, though. Legally, you do not have a right to privacy if you are in a public location as a hallway in an apartment building would be considered. Whether or not it is a nice or considerate behavior is moot when it comes to the law.
Edit: it seems findings have gone both ways in the US for expectation of privacy in apartment buildings: https://illinoislawreview.org/print/vol-2018-no-3/fourth-ame...
The statement probably is entirely reasonable if you're born in the US (as you're used to it). Other countries have other expectations of what's reasonable and normal.
The often repeated "no reasonable expectation of privacy" in a public place to me is entirely odd. It's also something that could change (whether such a change/perception is in e.g. NL or in the US).
Technology makes things possible that weren't possible before at all. Meaning, you can store camera recordings for a ridiculously long time. From my buildings security (again: NL) I understood that legally they cannot store such recordings over 28 days. Above that things become difficult (possible but quite a hassle).
In the past people could see what you're doing in a public space. But nowadays you can easily be recorded and that recording could be stored forever. That was never the case before.
As a result, things such as "no reasonable expectation of privacy" should change with the changed circumstances, IMO.
Hence people are using the term in a specific legal way, rather than saying "I don't think it is reasonable to expect privacy here", they are saying "I think legal precedent would make a judge rule there is no 'reasonable expectation of privacy' here".
Generally much of the US protections for photography of the public reach pretty far, nice legal outline here http://www.krages.com/ThePhotographersRight.pdf
I found this fun guide I think others would enjoy while I was looking up this topic:
Sadly I don't find much on NL would be cool to build a chart to contrast and compare laws in each nation as they pertain to video/photo/audio recording in public.
This is simply not at all true. You can film anything you want in public. I believe the laws around publishing photographs or films of other people is a bit more complex though.
This is different from occasionally using a handheld camera.
Because one is surveillance that is meaningfully different from what you could do just by watching someone, and the other is not (this is my argument, not sure whether this is the legal argument in NL)
You could read this as something else, but IMO it was pretty obvious what I was referring to. And for static cameras I'm entirely correct. For other cameras there's been various new restrictions for them as well.
Your summary of "cannot film public scenes or the people who happen to be in them is simple false" for one distorts what I wrote, secondly, if you do this with a static camera, you will have a problem and your statement is _not_ true.
Friends had a "crazy lady" with cameras pointing at public space. It took a while, but eventually the cameras were removed. Something similar you can find via Google, plus (work) building security mentions the same.
Then again, after the Brussels terrorist attacks, the police managed to reconstruct the path of a terrorist pretty well by puzzling together all kinds of recordings, so my impression is enforcement is lax as long as nobody complains.
First Google result: https://www.politie.nl/themas/camera-in-beeld.html?sid=42aaf...
> Because the state offered credible testimony — specifically believed by the trial court — that third parties had unfettered access to the basement of this four-unit building, the defendant did not have a subjective expectation of privacy
GP suggested this wouldn’t be allowed in the hallway of an access-controlled building and precedent suggests that’s accurate. The key is whether a random person could wander into the area without encountering something analogous to a locked door.
If the door to the apartment block wasn’t locked (i.e. Joe Public could wander in and right up to your door), however, then when in the hallway a person would have no more expectation of privacy than when in the street.
Edit: Parent comment edited such that this makes no sense now
In the US, perhaps. My office in Brussels can't aim a camera at the public road, for example.
The linked article is nothing but SEO spam designed as lead gen for a law firm. A lawyer certainly didn’t write that.
I created a little tool as a test of this a while back: https://github.com/dom96/deauther
Well that's a kind of fundamental flaw of Wifi networks, so you're kinda stuck with this if you use Wifi, nope ?
Yeah, and the same sentence can be changed to "Anything running anywhere is vulnerable to something" and it's still true. I guess the valuable lessons are "There is never any service guarantee" and "something will always go wrong" when you want to built something reliable.