WPA2 Wifi Flaw Remained Due to Unnecessary and Proprietary Secrecy

Another example of insufficiently public code as a security vulnerability.

How did a bug like krack fester in WPA2, the 13-year-old wifi standard whose flaws have rendered hundreds of millions of devices insecure, some of them permanently so?

Thank the IEEE’s business model. The IEEE is the standards body that developed WPA2, and they fund their operations by charging hundreds of dollars to review the WPA2 standard, and hundreds more for each of the standards it builds upon, so that would-be auditors of the protocol have to shell out thousands just to start looking.