A new bug could place every single WiFi user in jeopardy. Since most devices (phones, computers, watches, routers, etc.) are able to access the internet, hardly anyone is safe. The security protocol that allows these devices to access the World Wide Web has been broken by a bug known a “KRACK.”
What Is KRACK?
KRACK stands for Key Reinstallation Attack, and it “exposes a fundamental flaw” in how we use our WiFi. A common protocol, WPA2, is usually pretty secure, but Mathy Vanhoef, a computer security academic, says “the weakness lies in the protocol’s four-way handshake, which securely allows new devices with a pre-shared password to join the network.”
What Does This Mean?
This means, in the worst case scenario, an attacker can decrypt any and all network traffic from WPA2-enabled devices. This gives them the ability to hijack connections and insert any content they want into whatever traffic stream they want.
Creepy.
In other words, be careful where you browse. Check your StumbleUpon activity. Keep it secret, keep it safe.
What Devices Are Affected?
According to ZDNet, both personal and professional devices with WPA2 protocols have been affected. The bug essentially breaks down that protocol and leaves each user’s activity bare to the hacker’s gaze.
“If your device supports Wi-Fi, it is most likely affected,” said Vanhoef, on his website.
Vanhoef first warned users about this kind of attack at the Black Hat conference, where he discussed “networking protocols, with a focus on the Wi-Fi handshake that authenticates a user joining a network.”
Cisco, Intel, Juniper, Samsung, and Toshiba are among those already affected by the attack.
Where Exactly Is The Attack?
The flaw, and hence the opening for the attack, is in the “cryptographic nonce, a randomly generated number that’s used only once to prevent replay attacks, in which a hacker impersonates a user who was legitimately authenticated.”
So if you are being asked to reinstall a key you’re sure you’ve authenticated before, stay alert!
Reusing or recycling a nonce allows the attacker to decrypt and forge packets of information within the traffic stream, exposing user activity and data.
Stay safe, fellow denizens!
Author
