A lot of discussion has been going on these past few days regarding whether all Wi-Fi networks can become compromised, under the KRACK threat.
Wi-Fi protocol 802.11i or WPA2 has proved to be vulnerable to KRACK, that is Key Reinstallation AttaCKs. Long story short, 802.11i uses a two-layer security system and KRACK infiltrates the second one, which performs a 4-way “handshake” when a client wants to join a protected Wi-Fi network, and is used to confirm that both the client and access point possess the correct credentials.
Who is vulnerable to KRACK attacks? Pretty much everyone. That is because all modern routers and access points use WPA2 technology. According to the researchers that uncovered this vulnerability, “depending on the network configuration, it is also possible to inject and manipulate data. For example, an attacker might be able to inject ransomware or other malware into websites.”
That’s pretty serious stuff. Whoever’s in-range with your Wi-Fi network and has an appetite for destruction can infiltrate your network, change passwords and intersect your communications. More specifically, Android, Linux, Apple, Windows, OpenBSD, MediaTek, Linksys, and others, were all affected by some variant of the attacks, during the research.
Now on to good news: A lot of technology companies have already released patches to help you fix this.
Apple has made the security update available in its latest beta version for iOS, 11.1 Developer beta 3. Everyone can opt to download a beta version, however if you’re not on the list, then you may have to wait for the 11.1 version to become available to everyone, in a few weeks from now. The same goes for its MacOS version; the patch is available only in beta/developer mode.
Microsoft has released a security update for its Windows 7, 8, 8.1, 10 versions. If you’re working with Linux, you’re on the safe side, too. Keep in mind that Windows and latest versions of iOS are unaffected, but however if you’re on Android 6.0 Marshmallow and newer, you should watch out, as there’s a good chance you are affected by the discovery.
Modem and router companies are slower to react, but most of them will have patches out soon. Please consult this handy guide and take precautions.
Stay safe everyone.