Breaking News

WPA2 KRACK leaves your device vulnerable on every WiFi network

This post was originally published on this site

Share on Facebook Share

Share on TwitterTweet

Share on Google Plus Plus

Wi-Fi Protected Access II (WPA2) has been proven to be insecure – leaving your device vulnerable on pretty much all wireless networks, whether they are public or private. The WPA2 KRACK, a Key Reinstallation Attack, was discovered by Mathy Vanhoef and Frank Piessens of imecDistriNet, KU Leuven. More details about the vulnerabilities can be seen in their WPA2 KRACK detailed paper. The same caution that internet users have long been told to exercise when using public WiFi networks must be used on any WiFi network – because wireless security is currently cracked.

Encrypting with a VPN is the easiest way to protect your device when using a WPA2 “protected” WiFi network. Alex Hudson explained the security ramifications of a cracked WPA2 protocol concisely:

“What this means: the security built into WiFi is likely ineffective, and we should not assume it provides any security.”

WPA2 KRACK makes waves in internet security and privacy world

How did this WPA2 vulnerability go unnoticed for so long and fall through the cracks, so to speak? Dr. Matthew Green from Cryptography Engineering noted in a blogpost titled “Falling through the KRACKs”:

“If you’re looking for someone to blame, a good place to start is the IEEE. To be clear, I’m not referring to the (talented) engineers who designed 802.11i — they did a pretty good job under the circumstances. Instead, blame IEEE as an institution.”

The revelation that WPA2 is broken means that all wireless network should be considered vulnerable – which was always a safe default assumption anyways. Public WiFi security isn’t just for public WiFi hotspots anymore. Now, your home network and the older devices are just as vulnerable

Leave a Reply

Your email address will not be published. Required fields are marked *