We found that Wi-Fi client isolation can often be bypassed. This allows an attacker who can connect to a network, either as a malicious insider or by connecting to a co-located open network, to attack others.
NDSS'26 paper: www.ndss-symposium.org/wp-content/u...
GitHub: github.com/vanhoefm/air...
Where these tools shine is literature searches. I’m increasingly of the opinion that we need to write papers for LLMs to read. It’s frustrating that many ePrint sites actually block these tools. This is the first tool that can find the “small result” you left as a footnote in Appendix B that I need.
Interesting, thanks for the pointer!
Client isolation is supposed to prevent two clients on the same SSID to attack each other. We can bypass client isolation. Attacks are independent of the used crypto settings :)
Excellent article on the work by @dangoodin.bsky.social: arstechnica.com/security/202...
I'd say we bypass Wi-Fi encryption, in the sense that we can bypass client isolation. We don't break Wi-Fi authentication or encryption. Crypto is often bypassed instead of broken. And we bypass it ;)
Nominate yourself to help review papers for USENIX Security 2027! sec-rms.com/submit-appli... (or rms.swag.cispa.de/submit-appli... ). Deadline: May 28, 2026.
We're looking for both senior and junior people. See Andrei Sabelfeld's LinkedIn post for more info: www.linkedin.com/feed/update/...
Inderdaad een significante achteruitgang..
this is one of the most amazing papers I have ever read
eprint.iacr.org/2026/058.pdf