← Back to context

Comment by DannyBee

8 years ago

i'm pretty sure this is not true: The most recent example i remember is: https://lobste.rs/s/dwzplh/krack_attacks_breaking_wpa2#c_pbh...

2 comments

DannyBee

Reply
capt8bit  8 years ago

This is common misinformation. Even in this case, OpenBSD did not break the embargo. After protesting, they received the permission of the researcher to publish:

  Note that I wrote and included a suggested diff for OpenBSD already, and that
  at the time the tentative disclosure deadline was around the end of August. As
  a compromise, I allowed them to silently patch the vulnerability.

(https://www.krackattacks.com/#openbsd)