KUL team cracks WPA2

The crypto team at the Katholieke Universiteit Leuven found a flaw in WIFI encryption, compromising its security. Anyone who can capture the signals during the handshake can decrypt the traffic and in some configurations insert and modify data sent over the protocol.
The crack replays message 3 (of 4) in the handshake of WPA2 that establishes the crypto channel.  The message is used to reinstall the encryption key and reset the nonce and replay counters.
Linux and Anroid implementations suffer most from the attack as another bug sets the new key to all zero's rendering decryption trivial.
The protocol can be patched in a backward compatible way. Look out for updates on all your WIFI devices!

Oracle handing over java products and standards

Oracle is reducing its Java costs and commitment. The latest platform releases (Java SE 9 and Java EE 8) were surprisingly low key.
With the releases out of the door, Oracle is drastically reducing its teams and handing over control of related products.

• The Netbeans IDE, always the first to implement new standards, is handed over to the Apache Foundation.
• The Java EE standard itself (!) is handed over to the Eclipse foundation under the EE4J (Enterprise Eclipse For Java) project.

Given that the EE spec moves to an organisation whose main product is a Java IDE, Apache seems a second choice for Netbeans.

cloud prices compared