Skip to Content.
Sympa Menu

cat-users - [[cat-users]] reMarkable 2 devices insecure WPA Enterprise by design

cat-users AT lists.geant.org

Subject: The mailing list for users of the eduroam Configuration Assistant Tool (CAT)

List archive

[[cat-users]] reMarkable 2 devices insecure WPA Enterprise by design


Chronological Thread 
    < Chronological >      < Thread >
  • From: ALBRIZIO DANIELE <albrizio AT units.it>
  • To: "cat-users AT lists.geant.org" <cat-users AT lists.geant.org>
  • Subject: [[cat-users]] reMarkable 2 devices insecure WPA Enterprise by design
  • Date: Wed, 28 Feb 2024 14:24:39 +0000
  • Accept-language: it-IT, en-US
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=units.it; dmarc=pass action=none header.from=units.it; dkim=pass header.d=units.it; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=fP1h2NXSJEYFSNsIxlc0ytKDDQZQ09TGTjT8jvp1Hg0=; b=bkpg2SQ4fD4f2mj7SDoK9G74iggJrfa9IaKQQ5YsD0ZUV9u22JVxA00udX5TslTZ/h6LnrXQ9iiAuFl9Ps5XTh/WnjXR/yRooRLx1U+Kb2WXUj+8NIVl+XFPRq23keYabSqQyCabAZU/ysrUXRTPU3Sz58hmOQqDueDE0SSeox8XqRms230X1Fej6iXbpMxhWpWvHA4VqZ5LG80JalZ1cX3qFn3pmeeUt52KQGEmeXNXgF630JuxJy7LZLFWmJlu5QmtwSGJqBO+QsnCg4a/RV0joarZnSACd4uRcdpLG6f0eymo1ZRz/GZ2jrJZxtUH0dul/a2+rIfUjZr4voBCXw==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=V7nTz9EzkTUAzKBdSPgl6SF1fbHolJjDcORMd9NdrFLn15GZbsaZUz7r/dLxPsEiWnrtoBpWwqu8vH80Oz0D6caAhIFA6+1vNe/VnNwXXn+oz/9ud8g9jqlcrAxsfGyTHs7ivehhvE0zZXlfrW1Mbp6CIYJVOP5/xk/MZdPGLxXvov/L+eAGpX1Uym0YMWSfPAV3T+MNZqO7shNtkAmWLwcWFSEhmw2pjPQti1W91xgdRtuiNw5VHcgxrvLMFFkMSLEfuROZF6uAKGaXhjIweB5eEwxy5WUDVwsxYqGe21BbV3PUlw/uoLFKZECu08F1gwkLbIX00ayfeXGPE/1W4w==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=units.it;
Had some tests on this device

reMarkable 2, OS 3.9.5.2026

Device does not offer system updates to 3.10 right now from Italy.

Device seems to not permit CA certificate selection and CN pinning nor network profile on-boarding for WPA Enterprise networks such as the worldwide education roaming network eduroam.

We marked  reMarkable 2 device as un-connectable for security design reasons for our 30k users.

If you have means to correctly connect this devices to eduroam feel free to contradict me, otherwise, be advised.

Also reported this bad behavior through reMarkable support web form.

Don't know how many reMarkable devices are around, but should we try to take direct contacts with developers?

-- 


Daniele Albrizio
Ufficio Reti e telefonia | ICT - Phone and Network Management
Università degli Studi di Trieste | University of Trieste
Via Alfonso Valerio 12 - 34127 Trieste (Italy)
daniele.albrizio AT units.it
Tel. | Ph. +39 040 558 3319
Ufficio Reti e telefonia | ICT - Phone and Network Management
Tel. | Ph. +39 040 558 3331

  • [[cat-users]] reMarkable 2 devices insecure WPA Enterprise by design, ALBRIZIO DANIELE, 02/28/2024

Archive powered by MHonArc 2.6.24.

Top of Page