- Posts: 9342
- Thank you received: 218
A serious Wi-Fi vulnerability was revealed today, affecting nearly every Wi-Fi network and device using WPA or WPA2 security encryption.
Attackers can potentially gain access to encrypted information like usernames, passwords, and credit card data. Luckily, companies are already patching the flaw in order to prevent this potential hack from happening, but you’ll need to do a little work on your end and update your devices.
The US Computer Emergency Readiness Team (US-CERT) has compiled a list of manufacturers that have been notified about the vulnerability, as well as whether or not they have provided information concerning updated devices. Be sure to check if your wireless router’s manufacturer is on the list, and update your router following their instructions.
You may remember the last time you connected your phone, laptop, or other device to a new WiFi network. When it asked you for the network password, it also said something about the security protocol, perhaps listing something like “WEP” or “WPA2,” or asking you to choose from a list of types.
The flaw has to do with the actual encrypted messages that devices send each other to authenticate when they connect. The researchers proved that someone can manipulate those connections, abuse the vulnerability, and gain access to communications that are supposed to be secure.
Because the weak point is in the actual standard, it’s not limited to a single network or device. It’s pervasive — every single device that can communicate in this way, which is basically all of them, is potentially susceptible. The list includes all Android, Apple, Linux, and Windows devices — your standard phones and laptops — as well as the routers they connect to, from companies like Linksys.
There’s nothing that individuals can do; changing your WiFi password or using a different device won’t help, since the flaw is embedded deep in the very basis of your internet connection.
But there is good news: This flaw is patchable.
Please Log in or Create an account to join the conversation.