Recently there has been an announcement concerning the Key Reinstallation Attack (KRACK) vulnerability which allows the decryption of WPA2 messages being the key exploit. This may open up additional vulnerabilities toward a wireless client and the security and integrity of their browsing traffic.
eduroam has issued the following advisory explaining how this might impact on sites using eduroam:
KRACK is an attack against Wi-Fi infrastructure and clients, rather than against a specific wireless network. This means that eduroam is no more or less affected than any other Wi-Fi network, and there is nothing you need to specifically do for eduroam that you wouldn’t already need to do for any other Wi-Fi network.
Submitted by Nicole Harris