'KRACK' security issue affects all modern Wi-Fi networks | Inquirer Technology

‘KRACK’ security issue affects all modern Wi-Fi networks

/ 02:54 PM October 17, 2017

Image: INQUIRER.net

Research regarding a serious Wi-Fi vulnerability was recently disclosed online. It taps on the issue apparently affecting all modern Wi-Fi security protocols, something that allows attackers to access sensitive information.

Researchers posted the study on a website called “Krackattacks.” The security vulnerability could be exploited through the use of key reinstallation attacks or “KRACKs.”

Article continues after this advertisement

Wi-Fi security protocols like WPA2 send data in a secure encrypted stream between devices. Smartphones and other gadgets joined in a Wi-Fi network each have an encryption key to read the encrypted data. These keys are like passwords used by devices to see what each sends to one another.  They are different from the passwords that users input to join an existing Wi-Fi network.

FEATURED STORIES

A KRACK works by replacing the encryption key of a Wi-Fi network into something a hacker knows about. A good example would be setting the encryption key to all zeros. Doing so allows an attacker to intercept all the data being transmitted and received along the Wi-Fi network. Data from smartphones, laptops and other wireless devices become an open book to any attacker looking for sensitive information to exploit. Android and Linux devices appear to be most vulnerable.

Watch the proof-of-concept video below to see how a KRACK can be executed.

Article continues after this advertisement

The researchers advised to temporarily avoid public Wi-Fi hotspots and stay on HTTPS websites until companies release software patches to fix the vulnerability in their respective devices.

Article continues after this advertisement

Windows and macOS devices are also vulnerable to KRACK. As such, Microsoft announced that a patch had already been rolled out with the October 10 Windows update.

Article continues after this advertisement

A statement from the company, released via The Verge, said it “withheld disclosure until other vendors could develop and release updates.”

According to Engadget, Apple already applied a fix for this vulnerability in the beta versions of macOS, iOS, tvOS and watchOS. Users may expect the full version software updates to be released within October.

Article continues after this advertisement

Google also plans to release a security update for Android phones by Nov. 6. JB

RELATED STORIES:

WATCH: Robot explains benefits of AI, internet to UN official

iPhones of the future may no longer include Touch ID, predicts expert

Your subscription could not be saved. Please try again.
Your subscription has been successful.

Subscribe to our daily newsletter

By providing an email address. I agree to the Terms of Use and acknowledge that I have read the Privacy Policy.

New Japanese satellite will help GPS be more accurate

TOPICS: patch, security risk, vulnerability, WiFi, WPA2
TAGS: patch, security risk, vulnerability, WiFi, WPA2

Your subscription could not be saved. Please try again.
Your subscription has been successful.

Subscribe to our newsletter!

By providing an email address. I agree to the Terms of Use and acknowledge that I have read the Privacy Policy.

© Copyright 1997-2024 INQUIRER.net | All Rights Reserved

This is an information message

We use cookies to enhance your experience. By continuing, you agree to our use of cookies. Learn more here.