#workaround

anonymiss@despora.de

#BLUFFS: #Bluetooth Forward and Future Secrecy Attacks and Defenses

Source: https://francozappa.github.io/post/2023/bluffs-ccs23/

TL;DR: If you are within range of a Bluetooth connection, you can force both devices into an insecure #encryption which can be cracked using brute force. The #workaround is to reject weak encryption via #software. Since there are never #updates for devices that have already been sold, any Bluetooth #connection with an old device must be considered insecure. Bluetooth can be monitored up to 100 meters with special antennas.

#bug #fail #security #hack #warning #danger #problem #update #news #CVE-2023-24023 #smartphone #vulnerability

anonymiss@despora.de

#Microsoft Calls #Firefox’s #Browser #Workaround “Improper,” Will #Block It

source: https://www.howtogeek.com/768727/microsoft-calls-firefoxs-browser-workaround-improper-will-block-it/

The upcoming Windows Update won’t block you from changing the default browser in #Windows 11. The #patch will force links using the microsoft-edge #protocol to always open in #Edge. These are specific links opened through Windows 11, such as those directly from the taskbar’s search feature. Firefox’s workaround and EdgeDeflector made it so these links would still open in your default browser. Microsoft is about to roll out an update that disables this workaround, calling it “improper” on Mozilla’s part

enter image description here

#freedom #openSource #software #economy #win11 #windows11 #news

frederik@pod.ferner-online.de

Setting up a new #Laptop with an #Intel #Wireless card (02:00.0 Network controller: Intel Corporation Wireless 7265 (rev 59)) on Debian Jessie. By default it was constantly dropping the link for a moment every few seconds, printing the following messages into /var/log/messages every time:

Aug 14 22:07:45 pw039 kernel: [ 2428.813167] cfg80211: Calling CRDA to update world regulatory domain
Aug 14 22:07:45 pw039 kernel: [ 2428.815042] cfg80211: World regulatory domain updated:
Aug 14 22:07:45 pw039 kernel: [ 2428.815044] cfg80211: DFS Master region: unset
Aug 14 22:07:45 pw039 kernel: [ 2428.815045] cfg80211: (start_freq - end_freq @ bandwidth), (max_antenna_gain, max_eirp), (dfs_cac_time)
Aug 14 22:07:45 pw039 kernel: [ 2428.815046] cfg80211: (2402000 KHz - 2472000 KHz @ 40000 KHz), (N/A, 2000 mBm), (N/A)
Aug 14 22:07:45 pw039 kernel: [ 2428.815047] cfg80211: (2457000 KHz - 2482000 KHz @ 40000 KHz), (N/A, 2000 mBm), (N/A)
Aug 14 22:07:45 pw039 kernel: [ 2428.815048] cfg80211: (2474000 KHz - 2494000 KHz @ 20000 KHz), (N/A, 2000 mBm), (N/A)
Aug 14 22:07:45 pw039 kernel: [ 2428.815050] cfg80211: (5170000 KHz - 5250000 KHz @ 80000 KHz, 160000 KHz AUTO), (N/A, 2000 mBm), (N/A)
Aug 14 22:07:45 pw039 kernel: [ 2428.815051] cfg80211: (5250000 KHz - 5330000 KHz @ 80000 KHz, 160000 KHz AUTO), (N/A, 2000 mBm), (0 s)
Aug 14 22:07:45 pw039 kernel: [ 2428.815052] cfg80211: (5490000 KHz - 5730000 KHz @ 160000 KHz), (N/A, 2000 mBm), (0 s)
Aug 14 22:07:45 pw039 kernel: [ 2428.815052] cfg80211: (5735000 KHz - 5835000 KHz @ 80000 KHz), (N/A, 2000 mBm), (N/A)
Aug 14 22:07:45 pw039 kernel: [ 2428.815053] cfg80211: (57240000 KHz - 63720000 KHz @ 2160000 KHz), (N/A, 0 mBm), (N/A)
Aug 14 22:07:49 pw039 kernel: [ 2432.559464] wlan0: authenticate with a4:b1:e9:55:24:b7
Aug 14 22:07:49 pw039 kernel: [ 2432.562609] wlan0: send auth to a4:b1:e9:55:24:b7 (try 1/3)
Aug 14 22:07:49 pw039 kernel: [ 2432.565435] wlan0: authenticated
Aug 14 22:07:49 pw039 kernel: [ 2432.567462] wlan0: associate with a4:b1:e9:55:24:b7 (try 1/3)
Aug 14 22:07:49 pw039 kernel: [ 2432.571061] wlan0: RX AssocResp from a4:b1:e9:55:24:b7 (capab=0x411 status=0 aid=3)
Aug 14 22:07:49 pw039 kernel: [ 2432.572094] wlan0: associated

The interim solution for this seems to be changing the powersaving settings with the following line in a file in /etc/modprobe.d

options iwlmvm power_scheme=1

Thanks to Volker's post at https://njh.eu/wireless for the solution.

#workaround #solution