Article: WPA2 security flaw puts almost every Wi-Fi device at risk of hijack, eavesdropping
By: Zach Whittaker
Date Published: 10/16/2017
In Zach Whittaker's newest article on zdnet.com, he talks about one of the newest hot topics: the WPA2 risk. Today, the world was told about a new development in the news that affects basically anyone and everyone that connects to the internet. The risk, or bug, has come to be known as "KRACK." This bug allows attackers to take over and monitor internet connections using WPA2 and proceed to "inject content into the traffic stream" if someone wishes to do so. Computer security expert, Marthy Vanhoef, believes that the risk is in the "protocol's four-way handshake" and when exploited, "gives the attacker a skeleton key" to the network, allowing them view what is happening on the network. Vanhoef then continued to state that any Android device running anything above Marshmallow 6.0 would be in the most danger.
So, what is being done in response to the knowledge of this risk? Whittaker believes that most companies will most likely not release any patches to fix this, or if they do, it will be a while for anything to be given to the public. However, if you use anything from Aruba, Ubiquiti or Eero, then patches have already been made available for update. In the meantime, Whittaker wrote that "it's still safe to access sites that encrypt your data over an insecure network." In other words, sites that use HTTPS will still protect any data you may place on online sites.
This article really surprised me with the knowledge that even though we know that there is a potential risk, most companies will not be releasing immediate patches to their systems. I feel that it is unacceptable for companies to refrain from putting out a patch and instead, they need to have their security experts work on code to improve their users’ safety. The public definitely needs to stay vigilant in watching what is released through the news, so they know to update anything as needed. I really hope that public policies evolve after finding out about this risk to help protect everyone and their private information. Hopefully as this gains more coverage in the news, companies start to feel pressure to update their programs.
Article:
http://www.zdnet.com/article/wpa2-security-flaw-lets-hackers-attack-almost-any-wifi-device/
Picture:
http://ishpssb2017.abfhib.org/9-3.html
By: Zach Whittaker
Date Published: 10/16/2017
In Zach Whittaker's newest article on zdnet.com, he talks about one of the newest hot topics: the WPA2 risk. Today, the world was told about a new development in the news that affects basically anyone and everyone that connects to the internet. The risk, or bug, has come to be known as "KRACK." This bug allows attackers to take over and monitor internet connections using WPA2 and proceed to "inject content into the traffic stream" if someone wishes to do so. Computer security expert, Marthy Vanhoef, believes that the risk is in the "protocol's four-way handshake" and when exploited, "gives the attacker a skeleton key" to the network, allowing them view what is happening on the network. Vanhoef then continued to state that any Android device running anything above Marshmallow 6.0 would be in the most danger.
So, what is being done in response to the knowledge of this risk? Whittaker believes that most companies will most likely not release any patches to fix this, or if they do, it will be a while for anything to be given to the public. However, if you use anything from Aruba, Ubiquiti or Eero, then patches have already been made available for update. In the meantime, Whittaker wrote that "it's still safe to access sites that encrypt your data over an insecure network." In other words, sites that use HTTPS will still protect any data you may place on online sites.This article really surprised me with the knowledge that even though we know that there is a potential risk, most companies will not be releasing immediate patches to their systems. I feel that it is unacceptable for companies to refrain from putting out a patch and instead, they need to have their security experts work on code to improve their users’ safety. The public definitely needs to stay vigilant in watching what is released through the news, so they know to update anything as needed. I really hope that public policies evolve after finding out about this risk to help protect everyone and their private information. Hopefully as this gains more coverage in the news, companies start to feel pressure to update their programs.
Article:
http://www.zdnet.com/article/wpa2-security-flaw-lets-hackers-attack-almost-any-wifi-device/
Picture:
http://ishpssb2017.abfhib.org/9-3.html
Comments
Post a Comment