Skip to main content

"KRACK" BUG SPITS TERROR ON WIFI

By

 use Wi-Fi every day -- you may even be on it right this very moment -- and that means the device you're using is at serious risk of being hijacked.

Researchers have discovered a flaw in the security protocol that's a fixture in almost every modern Wi-Fi device, including computers, phones and routers, reported ZDNet on Monday.

A weakness in the WPA2 protocol, meant to protect both wireless networks and devices, was discovered by computer security academic Mathy Vanhoef, and is being nicknamed "KRACK," short for Key Reinstallation Attack.

The bug ultimately could allow hackers to eavesdrop on network traffic -- bad news for anyone sending sensitive or private information over a Wi-Fi connection. These days, that's pretty much all of us, although this could hit businesses using wireless point-of-sale machines particularly hard.

It's yet another weak spot in the wireless connections now woven into the fabric of daily life. Just last month, for instance, a security company flagged a flaw that could let malware hit more than 5 billion devices via their Bluetooth connections.

And it comes on top of a seemingly endless string of bad news in general about security vulnerabilities, whether still in a potential state or actually exploited by hackers. In May and June, ransomware attacks locked up computers around the world, demanding, payment from people and companies in return for renewed access to vital information and systems. More recently came the hack at Equifax, which compromised the person details of 145 million Americans, and the latest shoe to drop in the matter of Yahoo's massive hack, which hit a breathtaking 3 billion accounts.

In the case of KRACK, hackers would have to be within physical range of a vulnerable device to take advantage of the flaw, but if they're in the right spot, they could use it to decrypt network traffic, hijack connections and inject content into the traffic stream.

To do so would involve effectively impersonating a user who had already been granted access to the network so as to exploit a weakness in the secure four-way handshake that acts as its gatekeeper.

"All Wi-Fi clients we tested were vulnerable" to an attack on that handshake, Vanhoef wrote.

For more on KRACK, what it means for businesses and what to do about it, head over to our sister site ZDNet.



Comments

Post a Comment

Popular posts from this blog

YOUTUBE HDR COMES TO IPHONE X

By
YouTube has rolled out high dynamic range (HDR) to users of the iPhone X, enabling improved contrast and color on HDR-enabled YouTube videos. As spotted by Macrumors, videos like those from the popular HDR Channel, are now able to be viewed in HDR mode. Neither the iPhone X nor the Apple TV are able to output the videos in 4K, however. Not to be confused with HDR for photography, high dynamic range for video and TVs expands the range of both contrast and color significantly. Bright parts of the image can get much brighter, so the image seems to have more "depth." Colors get expanded to show more bright blues, greens, reds and everything in between. OLED-powered screens like the one on the iPhone X are particularly adept at showing HDR. The HDR capability isn't stated in the release notes for the latest 13.17 update which only lists "General fixes and stability improvements". YouTube is the latest company to enable HDR for the iPhone X after N...
Post a Comment
Find out more

TRANSFER MONEY THROUGH GOOGLE

By
Google Pay is the fast, simple way to pay in millions of places ā€“ online, in stores, and more. It brings together everything you need at checkout and keeps your information safe and secure. With Google Pay, you can check out in hundreds of apps without having to enter your payment information. Catch a ride, order takeout, or get tickets to that just-announced show with the simple press of a button. Now you can use Google to pay with ease on thousands of websites. Just look for Google Pay and spend less time checking out, and more time checking in. If they have an email address or phone number, you can pay them with Google Pay ā€“ whether youā€™re going halfsies on that pizza, or sending dough halfway across the country. No more IOUs. No more bank transfers. Just an instant way to pay using the debit cards already in your wallet. Save your transit tickets to Google Pay and forget about forgetting them once and for all. Buy your tickets online, use your phone at the gate, and go. Now a...
Post a Comment
Find out more

FIFA CRUSHES PES AND RETAINS TITLE AS KING OF FOOTBALL GAME

By
"In North America, if you say  FIFA , the majority of people will think of us rather than the actual governing body." The unabashed view of Matthew Prior, FIFA's creative director, explains why EA Sports' FIFA is king. But how did the game consumed by so many become the definitive, market leader, when a decade ago it had a major rival for gamers' eyes, ears and dollars in the shape of Konami's Pro Evolution Soccer? The studio has inevitably benefited from its unique licensing contracts with brands, players and the governing body. Its grip on the living, breathing world of football via its online platform has entrenched the status quo. Yet PES has sustained a reputation as something bordering on a cult hit, with gameplay that continues to score strongly with audiences. It cannot, though, translate its cultural currency into sales. Metro 's September 2017 review of last year's PES instalment observed: "There's always the feeling that...
1 comment
Find out more