WPA2 Vulnerability Discovered KRACK - Wi-Fi Security Threatened

[DKB]

KRACK (Key Reinstallation Attack) is an attack on the Wi-Fi Protected Access protocol that secures Wi-Fi connections. It was discovered in 2016 by Belgian researchers Mathy Vanhoef and Frank Piessens of the University of Leuven. (Wiki)

It is recommended everything that you use that has a WIFI connect to be updated, considering, all things that now use Wifi are under a threat, from having your credit information stolen, to a large amount of other things.

Source(s):

https://arstechnica.com/information...l-leaves-wi-fi-traffic-open-to-eavesdropping/

https://www.theverge.com/2017/10/16/16481136/wpa2-wi-fi-krack-vulnerability

https://www.wired.com/story/krack-wi-fi-wpa2-vulnerability/

This Vulnerability is being patched quite quickly, however: "In general, Windows and newer versions of iOS are unaffected, but the bug can have a serious impact on Android 6.0 Marshmallow and newer." - http://www.zdnet.com/article/here-is-every-patch-for-krack-wi-fi-attack-available-right-now/

It should be noted that this is a client-based attack. WPA2 is still secure as long as the client device (laptop, cell phone, etc.) isn't vulnerable to the attack.

 

[Lacius]

It should be noted that this is a client-based attack. WPA2 is still secure as long as the client device (laptop, cell phone, etc.) isn't vulnerable to the attack.

 

[CMDreamer]

And also should be noted that WPA2 Wi-Fi Passwords (modem/router) are not compromised by this attack, but all type of content can be "seen" and disclosed.

And speaking of threats, take special care with a new type of attack on Android when being asked to download Flash Player Plugin on a site. All your information could get encrypted.

 

[brickmii82]

How will this affect Apple devices?
Just update and you're good?

 

[Lacius]

How will this affect Apple devices?
Just update and you're good?

That's pretty much the advice for all devices.

 

[brickmii82]

That's pretty much the advice for all devices.

Lol, true. The only problem with updating Apple devices is that many times, the updates can't work properly on older devices due to size or compatibility issues. I swear it's planned obsolescence.

 

[Lacius]

Lol, true. The only problem with updating Apple devices is that many times, the updates can't work properly on older devices due to size or compatibility issues. I swear it's planned obsolescence.

To be clear, Windows and Apple devices are pretty much in the clear, as updates have been published or are about to be published that block this issue.

If you're using an Apple device that cannot be updated to iOS 11, it's recommended that you get a new device (which is the case with any device that cannot be updated with security patches). However, it wouldn't be unprecedented for Apple to put out a minor security update to depreciated devices on iOS 10 or even 9 to address a specific high-profile security issue. iOS devices are also only vulnerable to a partial iteration of this attack.

Android devices, on the other hand, are very vulnerable if on v6.0 or higher, and it could be months (if ever) before a lot of devices are updated to protect against this issue.