sci.electronics.repair@googlegroups.com

Google Groups

harry newton <harry@is.invalid>: Oct 16 12:46PM Did you update your router for the WPA2/PSK KRACK nonce re-use attack yet? <https://www.krackattacks.com>   I reported it yesterday over here with links... <https://groups.google.com/forum/#!forum/alt.internet.wireless>   They made it public a half hour ago: <https://groups.google.com/d/msg/alt.internet.wireless/vn8yRnm7UF8/N89Wcd_OAAAJ>   Manufacturers apparently had 50 days to effect the fix: Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2 <https://papers.mathyvanhoef.com/ccs2017.pdf>   -- No need to respond; this is just FYI...

harry newton <harry@is.invalid>: Oct 16 01:59PM The weaknesses are in the Wi-Fi standard itself, and not in individual products or implementations.   Therefore, any correct implementation of WPA2 is likely affected. To prevent the attack, users must update affected products as soon as security updates become available.   If your device supports Wi-Fi, it is most likely affected.   Android, Linux, Apple, Windows, OpenBSD, MediaTek, Linksys, and others, are all affected by some variant of the attacks.   The research behind the attack will be presented at the Computer and Communications Security (CCS) conference, and at the Black Hat Europe conference. Our detailed research paper can already be downloaded.   DEMONSTRATION As a proof-of-concept we executed a key reinstallation attack against an Android smartphone.   In this demonstration, the attacker is able to decrypt all data that the victim transmits. For an attacker this is easy to accomplish, because our key reinstallation attack is exceptionally devastating against Linux and Android 6.0 or higher.   This is because Android and Linux can be tricked into (re)installing an all-zero encryption key (see below for more info). When attacking other devices, it is harder to decrypt all packets, although a large number of packets can nevertheless be decrypted.   In any case, the following demonstration highlights the type of information that an attacker can obtain when performing key reinstallation attacks against protected Wi-Fi networks:   Any data or information that the victim transmits can be decrypted.   Additionally, depending on the device being used and the network setup, it is also possible to decrypt data sent towards the victim (e.g. the content of a website).   Although websites or apps may use HTTPS as an additional layer of protection, we warn that this extra protection can (still) be bypassed in a worrying number of situations. For example, HTTPS was previously bypassed in non-browser software, in Apple's iOS and OS X, in Android apps, in Android apps again, in banking apps, and even in VPN apps.

David_B <David_B@nomail.afraid.org>: Oct 16 03:13PM +0100 On 16-Oct-17 2:59 PM, harry newton wrote: > worrying number of situations. For example, HTTPS was previously bypassed > in non-browser software, in Apple's iOS and OS X, in Android apps, in > Android apps again, in banking apps, and even in VPN apps.     FYI https://www.krackattacks.com/   -- David B.

harry newton <harry@is.invalid>: Oct 16 03:18PM He who is David_B said on Mon, 16 Oct 2017 15:13:58 +0100:   > FYI https://www.krackattacks.com/   That link was already in the original post. :)   In cryptography, a nonce is a neologism for an arbitrary number that may only be used once, similar in spirit to the occasionalism lexeme "nonce word" (as are the headwords of any dictionary).   Here is a related link to the Blackhat briefing that wasn't in the OP: <https://www.blackhat.com/eu-17/briefings/schedule/#key-reinstallation-attacks-breaking-the-wpa2-protocol-8861>   "We have discovered several key management vulnerabilities in the Wi-Fi Protected Access II (WPA2) security protocol. These can be exploited using so-called key reinstallation attacks.   Because this is a protocol-level issue, most correct implementations of the standard are affected.   Put differently, most protected Wi-Fi networks, including personal and enterprise WPA2 networks, are affected.   All clients and access points that we tested in practice were vulnerable to some variant of the attack. The precise impact depends on the specific variant(s) of the attack that an implementation is vulnerable to."   Bear in mind that the attacker has to be in close proximity to your device to effect the attack, and that no known variants are in the wild yet, so it's not something to worry about except to start looking for when the patches come out for all your devices that handle the WiFi WPA2/PSK protocol.   -- See also en.wikipedia.org/wiki/Cryptographic_nonce

"Mr. Man-wai Chang" <toylet.toylet@gmail.com>: Oct 16 11:57PM +0800 On 16/10/2017 8:46 PM, harry newton wrote:   > I reported it yesterday over here with links... > <https://groups.google.com/forum/#!forum/alt.internet.wireless> > ...   Did you notice that these hacks always happen BEFORE someone fixed it? Are they all security traps, planted into router firmware by design? :)   -- @~@ Remain silent! Drink, Blink, Stretch! Live long and prosper!! / v \ Simplicity is Beauty! /( _ )\ May the Force and farces be with you! ^ ^ (x86_64 Ubuntu 9.10) Linux 2.6.39.3 不借貸! 不詐騙! 不援交! 不打交! 不打劫! 不自殺! 請考慮綜援 (CSSA): http://www.swd.gov.hk/tc/index/site_pubsvc/page_socsecu/sub_addressesa

"pfjw@aol.com" <pfjw@aol.com>: Oct 16 09:02AM -0700 On Monday, October 16, 2017 at 11:57:56 AM UTC-4, Mr. Man-wai Chang wrote:   > Did you notice that these hacks always happen BEFORE someone fixed it? > Are they all security traps, planted into router firmware by design? :)   a) If the fix were in, then they could not happen. b) Otherwise, it would not be a Hack.   You need to brush up on your logic.   Peter Wieck Melrose Park, PA

Peabody <waybackNO584SPAM44@yahoo.com>: Oct 15 04:34PM -0500 I bought a set of Uniden GMR2240-2CK walkie talkies for a song on Ebay, and at first everything looked perfect. But later one of the radios refused to transmit, and showed a low battery indicator, earlier than it should have. I switched the batteries between the radios, recharged both, and tested again. The shutdown happened again, but the good news is the problem followed the battery to the other radio. Well, the date code is 2211, so I think it's time.   I see that I can buy a set of two replacement EBL brand battery packs (BP40) on Ebay for under $8 delivered for the pair. I've always had good luck with generic batteries, but I know others haven't. Has anyone here had experience with these? Genuine Uniden replacements would be about $40.   And just to check my logic, it does make sense, doesn't it, that if the problem follows the battery, then the battery is the problem, not the radio? The thing that's curious is that if I wait a while after the shutdown, I can fire up the radio again, and it shows a full battery indicator, and the thing will run in listening mode for another hour or two. Maybe it's a heat related connection issue inside the battery pack. I further assume that at these prices for replacements, it makes no sense to try to replace the NiMH AAA cells in the pack, particularly since I don't know for sure that the problem isn't in the electronics inside the battery pack.

whit3rd <whit3rd@gmail.com>: Oct 15 05:19PM -0700 On Sunday, October 15, 2017 at 2:34:38 PM UTC-7, Peabody wrote: > transmit, and showed a low battery indicator, earlier than it should have.   > The thing that's curious is that if I wait a while after the shutdown, I can > fire up the radio again, and it shows a full battery indicator...   Probably there's an internal battery connection that's gone faulty. Internal faults account for lots of flaky battery behavior, usually there's just a bit of electrode material slightly loose against a crimped-in cap.   It's not age related, but it IS very very annoying. You might be able to get two good cells from a 3-cell pack, though, if it's worth the trouble of doing a pack disassembly.

Jeff Liebermann <jeffl@cruzio.com>: Oct 15 07:39PM -0700 On Sun, 15 Oct 2017 16:34:32 -0500, Peabody   >And just to check my logic, it does make sense, doesn't it, that if the >problem follows the battery, then the battery is the problem, not the radio?   Yep. It's probably the battery. However, if both BP40 battery packs are the same age, it's likely the working battery pack will soon fail. Buy a replacement BP40 for both radios.   I usually don't have any problems with NiCd or in this case NiMH battery packs. You're probably safe at buying the cheapest. However, LiIon batteries and packs are another story, which are full of counterfeits and defective cells.   NiMH cells come in different capacities varying from 500 to 1000 ma-hr capacity. For example, the BP38 battery is rated at 4.8v 700 ma-hr, while the BP40 is rated at 550 ma-hr. For a dollar more, the BP38 seems like a better deal. The problem is with no-name pre-packaged battery packs, you don't really know what capacity you're getting until it arrives.   If this were my radio, I would buy 4ea AAA NiMH LSD (low self discharge) cells, such as Eneloop cells, and weld them into a replacement battery pack. The ability to charge the battery and know that it will be mostly at full charge months later, is worthwhile. <https://en.wikipedia.org/wiki/Eneloop> Be sure to check the charge current to make sure that you're not overcharging or quick charging the Eneloop batteries.   >these prices for replacements, it makes no sense to try to replace the NiMH >AAA cells in the pack, particularly since I don't know for sure that the >problem isn't in the electronics inside the battery pack.   One of the NiMH failure modes is accellerated self discharge. It will charge up to normal terminal voltage, but rapidly discharge itself (without a load). It also acts like a battery with much lower capacity than might be expected. I think that's what you're seeing.   -- Jeff Liebermann jeffl@cruzio.com 150 Felker St #D http://www.LearnByDestroying.com Santa Cruz CA 95060 http://802.11junk.com Skype: JeffLiebermann AE6KS 831-336-2558

oldschool@tubes.com: Oct 16 02:37AM -0500 On Sun, 15 Oct 2017 16:34:32 -0500, Peabody >on Ebay for under $8 delivered for the pair. I've always had good luck with >generic batteries, but I know others haven't. Has anyone here had experience >with these? Genuine Uniden replacements would be about $40.   A totally different battery, but my cellphone battery was getting real weak, The phone is a basic phone, not a smartphone, and the whole phone cost me $20. I went to "Batteries Plus". I was shocked when he quoted me $50 for a battery. I was gonna just buy another phone, but first I went to Ebay. Bought a battery on ebay for $5 shipped. It lasted well over 2 years, until the phone needed to be updated/replaced. I still have that battery, because the new phone uses the same. That way I have a spare.

rickman <gnuarm@gmail.com>: Oct 16 03:46AM -0400 > to Ebay. Bought a battery on ebay for $5 shipped. It lasted well over 2 > years, until the phone needed to be updated/replaced. I still have that > battery, because the new phone uses the same. That way I have a spare.   I used to be on a pay by the minute cell plan and it costs $30 for a minutes card. Or I could buy a new phone and get a $30 minutes card with it for <$30. So I ended up with a collection of phones all using the same battery and accessories. Unfortunately that phone couldn't be used with my new carrier, so I have a different phone, but like you when I thought my battery was getting weak, I found a new phone for $12 was much cheaper than even the low cost replacement batteries for $20.   Eventually I'll end up with a smart phone. Resistance is futile...   --   Rick C   Viewed the eclipse at Wintercrest Farms, on the centerline of totality since 1998

Foxs Mercantile <jdangus@att.net>: Oct 16 07:34AM -0500 > I was gonna just buy another phone, but first I went > to Ebay. Bought a battery on ebay for $5 shipped.   Congratulations, you bought a Chinese battery.   Fucking hypocrite.   -- Jeff-1.0 wa6fwi http://www.foxsmercantile.com

dmarino2494@gmail.com: Oct 15 06:50PM -0700 On Monday, May 29, 2000 at 3:00:00 AM UTC-4, Matt wrote:

dmarino2494@gmail.com: Oct 15 06:58PM -0700 On Monday, May 29, 2000 at 3:00:00 AM UTC-4, Matt wrote:   > I have two Heathkit 10MHz scopes and they both have failed at the same > spot. So I am wondering if anyone else has had this problem.   > The problem is on the left vertica   On Monday, May 29, 2000 at 3:00:00 AM UTC-4, Matt wrote:   > - Matt Rizzo > Oakland University > School of Engineering and Computer Science (SECS)   Hi,   I have the same scope, I put it a way working years ago and just turned it on today and it smoked. There is a burnt 10uf cap and 10ohm resistor on the vertical board in the minus 15 volt circuit. I believe the burnt components on my scope are C123 and R163-1, the cap is shorted. I will eventually try to replace the resistor and cap.   D. marino

bitrex <bitrex@de.lete.earthlink.net>: Oct 15 11:24PM -0400 > Hi,   > I have the same scope, I put it a way working years ago and just turned it on today and it smoked. There is a burnt 10uf cap and 10ohm resistor on the vertical board in the minus 15 volt circuit. I believe the burnt components on my scope are C123 and R163-1, the cap is shorted. I will eventually try to replace the resistor and cap.   > D. marino   You're responding to a post made over 17 years ago.

oldschool@tubes.com: Oct 16 02:48AM -0500 On Sun, 15 Oct 2017 23:24:41 -0400, bitrex   >shorted. I will eventually try to replace the resistor and cap.   >> D. marino   >You're responding to a post made over 17 years ago.   Holy crap Batman.......... 17 years ago, they hadn't even invented the electron yet!

etpm@whidbey.com: Oct 15 11:25AM -0700 On Sat, 14 Oct 2017 21:43:47 -0400, micky <NONONOmisc07@bigfoot.com> wrote:     >My attempted shortwave antenna didn't use that either. It used the round >white wire with for separate, unattached conductors inside, each with >its own separate insulation. Don't you remember those days? Yeah, I remember that wire. I though that the wires in them were twisted pairs though. Not a very high rate of twist though. Are you sure those wires aren't twisted pairs? Eric

Jeff Liebermann <jeffl@cruzio.com>: Oct 15 12:18PM -0700 On Thu, 12 Oct 2017 04:32:03 -0700 (PDT), "pfjw@aol.com"   >And, one of these will truly separate fly-poop from pepper. >Give it an 80' longwire and you will be getting AM from >Hawaii - or thereabouts.   Yeah, that's the conventional wisdom. I have a different view. A bigger broadband antenna does not produce a better AM signal. What happens when you install a bigger antenna is that you simultaneously increase the signal and the noise pickup with the SNR (signal to noise ratio) being constant. At BCB (broadcast band) frequencies, the atmospheric and man made noise is quite high. <https://upload.wikimedia.org/wikipedia/commons/9/93/Atmosphericnoise.PNG> Hearing a distant station with good fidelity and low noise is not so much a matter of having a strong signal, but more a matter of reducing the noise. The noise can be switching power supplies, motors, appliances, and mixing between two or more out of band stations.   The antenna does not need to be huge. See various version of the PA0RDT mini-whip antenna for clues on what can be done with very small antennas: <http://dl1dbc.net/SAQ/miniwhip.html> <https://www.ebay.com/sch/Ham-Amateur-Radio-Antennas/4672/i.html?_nkw=mini+whip+antenna> <https://www.google.com/search?q=pa0rdt+mini+whip&tbm=isch>   -- Jeff Liebermann jeffl@cruzio.com 150 Felker St #D http://www.LearnByDestroying.com Santa Cruz CA 95060 http://802.11junk.com Skype: JeffLiebermann AE6KS 831-336-2558

micky <NONONOmisc07@bigfoot.com>: Oct 15 09:21PM -0400 In sci.electronics.repair, on Sun, 15 Oct 2017 11:25:19 -0700, >twisted pairs though. Not a very high rate of twist though. Are you >sure those wires aren't twisted pairs? >Eric   I stripped back 6 inches on one occasion, I'm pretty sure, and I saw no twisting.   I'm sure I still have more of it, and I have some new stuff tooMaybe 5 years old.   I bought a new roll of 100' a while back, but I haven't stripped that type of wire back more than an inch or two.

etpm@whidbey.com: Oct 15 11:41AM -0700 >did not attach any 120VAC device to it yet, because the weather is too >rainy to mess with it outdoors. But the LED indicator showed it to be >working.   It probably blew the fuse because the inrush current to charge the caps was too high for the 15 amp fuse. There are ways to limit the inrush current. I know that the inverter drives for my machine tool spindles limit this current somehow. The manuals for each machine mention this feature. There is a lag in the machines between powering up and when drives signal the control that they are ready. Or in the case of the inverter based welder when the internal contactor for the welding output is enabled. There isn't a big spike in current draw when it powers up or when welding commences. It ramps up the welding current once the arc is established. Eric

You received this digest because you're subscribed to updates for this group. You can change your settings on the group membership page. To unsubscribe from this group and stop receiving emails from it send an email to sci.electronics.repair+unsubscribe@googlegroups.com.