Partner links

What you need to know about KRACK vulnerability

KRACK attack

This week security researchers announced a newly discovered vulnerability dubbed KRACK, which affects several common security protocols for Wi-Fi, including WPA (Wireless Protected Access) and WPA2. This is a bad vulnerability in that it likely affects billions of devices, many of which are hard to patch and will remain vulnerable for a long time. Yet in light of the sometimes overblown media coverage, it’s important to keep the impact of KRACK in perspective: KRACK does not affect HTTPS traffic, and KRACK’s discovery does not mean all Wi-Fi networks are under attack. For most people, the sanest thing to do is simply continue using wireless Internet access.

The limited privacy goals of WPA:

It’s worth taking a step back and remembering why a cryptographic protocol like WPA was developed to begin with. Before the advent of Wi-Fi, computers typically connected to their local Internet access point (e.g. a modem) using a physical wire. Traditional protocols like Ethernet for carrying data on this wire (called the physical layer) were not encrypted, meaning an attacker could physically attach an eavesdropping device to the wire (or just another computer using the same wire) to intercept communications.

Most people weren’t too worried about this problem; physically attaching a device is somewhat difficult, and important traffic should be encrypted anyways at a higher layer (most commonly a protocol like TLS at the transport layer). So Ethernet was unencrypted, and remains so today.

With wireless protocols it became much easier to eavesdrop on the physical layer. Instead of attaching a device to a specific wire, you just need an antenna somewhere within range. Continue reading

KRACK attack

Share:

Facebook
Twitter
Pinterest
LinkedIn

Partner links

Newsletter: Subscribe for updates

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments

Get the latest

On social media

Security distros

Hacker
Linux distros for hacking and pentesting

Crypto mining OS

Bitcoin
Distros for mining bitcoin and other cryptocurrencies

Crypto hardware

MSI GeForce GTX 1070
Installing Nvidia GTX 1070 GPU drivers on Ubuntu

Disk guide

LVM
Beginner's guide to disks & disk partitions in Linux

Bash guide

Bash shell terminal
How to set the PATH variable in Bash
Categories
Archives
0
Hya, what do you think? Please comment.x
()
x