A new attack called KRACK can break the security of any WiFi network in the world. That means that by means of this attack, a person near your network can steal the data that you send by your smartphone or PC. Data such as credit cards or passwords. The only solution is to update all devices on the network.
How to KRACKean my WiFi
This attack breaks the WPA2 security that is normally configured on a WiFi network. WPA2 is a protection system, which shields data transmitted wirelessly so that it can not be obtained by people nearby. Until now it was the most reliable security standard.
Once the attacker within the reach of the WiFi violates this security, he can obtain the data that the devices of the network transmit. For example, you can get the credit card number that a person entered on a web page from their wirelessly connected PC. Or your username, password and messages you sent via Facebook.
In summary, the attacker does the following from a computer nearby:
- Clone the wifi network.
- Force the smartphone or PC to connect to that cloned network.
- Set a new key (blank key or only zeros, for example).
- Wait for the information that the user sends.
Should I Change the Security of my WiFi?
The solution is NOT to change the security of WiFi. The reason is that this hack affects all versions of WPA2 security, including WPA2-PSK. Also to the old WPA version to dry. And it would be crazy to use WEP, because it is much more vulnerable.
It is no use changing the key of the WiFi network. That’s not the problem.
The solution is to update the software of all the devices that are connected by WiFi. Smartphones and PCs, for example. Secondly you have to update the software of your router, modem or access point.
For now, the only system based on Android that does not have this problem is Lineage OS 14.1 . We will have to wait for mobile manufacturers to patch their system from this vulnerability and send the update to users.
In the case of the router or modem, there is usually an option to update the software (Firmware Upgrade) on your configuration page.
Both the router / modem and clients (smartphones, PCs, etc.) must upgrade their software to a version that patches this vulnerability. Only then can you be sure.
Meanwhile, it will be advisable not to use the smartphone or the laptop to buy online. Use a PC that connects to the internet by cable.