Major wifi vulnerability could affect all devices

Discussion in 'Electronics Insanity' started by Boyd, Oct 16, 2017.

  1. Boyd

    Boyd Super Moderator
    Moderator

    Joined:
    Jul 31, 2004
    Messages:
    6,011
    Likes Received:
    797
    https://arstechnica.com/information...l-leaves-wi-fi-traffic-open-to-eavesdropping/

    Researchers have disclosed a serious weakness in the WPA2 protocol that allows attackers within range of vulnerable device or access point to intercept passwords, e-mails, and other data presumed to be encrypted, and in some cases, to inject ransomware or other malicious content into a website a client is visiting.

    https://arstechnica.com/information...ck-attack-destroys-nearly-all-wi-fi-security/

    "...our attack is exceptionally devastating against Android 6.0: it forces the client into using a predictable all-zero encryption key." While Windows and iOS devices are immune to one flavor of the attack, they are susceptible to others. And all major operating systems are vulnerable to at least one form of the KRACK attack.

    https://www.macrumors.com/2017/10/16/wpa2-krack-attacks/

    Fortunately, the vulnerabilities can be patched, and in a backwards-compatible manner. In other words, a patched client like a smartphone can still communicate with an un-patched access point like a router. [ . . . ] It is now up to device and router manufacturers to release any necessary security or firmware updates.