WPA2 protocol violated: Wi-Fi networks are vulnerable

Adjust Comment Print

This is particularly worrying because WPA2 is the most secure WiFi security protocol now available in general use.

"Our attack is especially catastrophic against version 2.4 and above of wpa_supplicant, a Wi-Fi client commonly used on Linux", wrote the researcher Mathy Vanhoef on the website.

Depending on the network configuration, it is also possible to inject malware and manipulate data. This is important because the attack is apparently "exceptionally devastating against Linux and Android 6.0 or higher".

"The attack works against all modern protected Wi-Fi networks", the researcher noted.

"It is likely that some products, particularly Android smartphones, and Wi-Fi routers, will never be fixed".

The good news is that Vanhoef says that WPA2 can be patched to block the attack, and the patch will be backward compatible. Because KRACK relates to the WPA2 Wi-Fi standard itself, rather than individual devices that use it, its impact could be significantly widespread.

This key is installed following the third part of the four-way handshake, but access points and clients allow this third message to be sent and received multiple times, in case the first instance is dropped or lost.

At various times during an encrypted wireless connection, you (the client) and the access point (the AP) need to agree on security keys. Storing personal data and using networks on this protocol was now longer an option. "By manipulating cryptographic handshakes, we can abuse this weakness in practice". The researcher named the attack after its method of action, a Key Reinstallation Attack.

Authorities cry arson as fires devastate northwestern Spain
A spokeswoman for Portugal's civil protection agency said of the 145 separate fires being fought, 32 were serious. A one-month-old baby was among the dead, the Civil Protection Agency said Monday.

A nonce is a number that is not necessarily a secret but is meant only to be used once and never repeated. Now WPA2 is under attack. The attack includes the but is not limited to recovering login credentials (ie, email addresses and passwords). "Customers who apply the update, or have automatic updates enabled, will be protected", a representative of Microsoft told The Verge.

Is it as bad as it sounds?

If you're still concerned about your security, use a "virtual private network" (VPN) such as TunnelBear. Known as Krack, it allows an attacker within range of a Wi-Fi network to inject computer viruses into it - including secured Wi-Fi connections - and read communications like passwords, credit card numbers and photos sent over the internet.

Additional details of the exploit have been provided at krackattacks.com, the team of researchers is going to formally present the vulnerabilities on November 1st at a security conference in Texas.

Previous research by Vanhoef in related areas of HTTPS and Wi-Fi security can be found here and here.

One surefire way to protect yourself from hackers is to disable Wi-Fi on your devices and turn off your router - at least until security patches become available.

He acknowledges that some of the hacking scenarios listed at his website would be impractical for most attackers to pull off, but he still suggests updating the software on any "client device" (i.e. computers, phones or anything you use to connect to the internet) as soon as possible, and consider updating your router's firmware as an added precaution.

Comments