If you use WIFI, read this: your connection is unsafe KRACK hack

The Lobby
1

In short, any wifi connection (and the devices on that network) using WPA2 could be open to an attack. I believe this is limited to un-encrypted traffic, so things like using HTTPS websites and VPNs help you stay safe. Rather than regurgitate what’s already been written, here’s info from world renowned security professional Brian Krebs:

Short for Wi-Fi Protected Access II, WPA2 is the security protocol used by most wireless networks today. Researchers have discovered and published a flaw in WPA2 that allows anyone to break this security model and steal data flowing between your wireless device and the targeted Wi-Fi network, such as passwords, chat messages and photos.

“The attack works against all modern protected Wi-Fi networks,” the researchers wrote of their exploit dubbed “KRACK,” short for “Key Reinstallation AttaCK.”

Read the whole article here:
https://krebsonsecurity.com/2017/10/what-you-should-know-about-the-krack-wifi-security-weakness/

So this is a protocol issue, not related to specific hardware or software defects.

What devices could be affected?
Any device running with a wifi connection running WPA2, so:

  • PCs/Macs/Chromebooks running Windows, macOS, Linux, ChromeOS
  • Anything running Android (phones, tablets)
  • iPhones
  • Printers and copiers
  • Handheld scanners (warehouse / retail environments)
  • Point-of-Sale systems (very common now in small businesses)
  • VoIP phones
  • Streaming media players (Amazon Fire, Roku, Google ChromeCast, etc.)
  • Gaming consoles
  • Smart home (IoT) devices, (thermostats, lighting, refrigerators, doorbells, etc.)
  • Smart televisions
  • eBook readers
  • Security cameras
  • Medical devices
  • Any industrial control equipment running Wi-Fi

How to protect yourself?
Update your device software/firmware/etc. Some patches are available.

Further reading if you’re super interested and want to know more