How To Deal with a KRACK Attack
You may have seen the news about KRACK, a Wi-Fi exploit that can allow a determined invader to sniff traffic on your network encrypted with the latest and greatest WPA2 protection and decipher some or all of it. There’s a reason to be concerned: it affects every Wi-Fi radio ever made that uses WPA2, which is all of them since about 2003. However, in practice, someone has to be close to your network and use cracking software that doesn’t yet exist: the researcher who discovered the set of flaws exercised responsible disclosure, and thus malicious parties still have to figure out how to take advantage of these defects.
The flaws largely exist on the client side, so operating system and firmware updates on computers, phone, tablets, gaming devices, smarthome switches, and other equipment will take care of the problem. Base stations will be updated, too, preventing misuse of any device (even an unpatched piece of equipment) on updated networks.
What do you need to do? Apple already has updates in the latest betas for all its operating systems that will prevent these attacks from being used. iOS 10 and earlier users who can’t update or don’t want to will be in an awkward position, however, because their devices will remain vulnerable on networks that have unpatched or non-upgradable access points. Read more about this in my article at TidBITS, “Wi-Fi Security Flaw Not As Bad As It’s KRACKed Up To Be.”
Posted by Glenn Fleishman (Permalink)