NetworkToolbox news

A few words about KRACK

You will have heard about the KRACK (Key Reinstallation Attacks) vulnerability. I think all information (even – as usual – some over hyped and misinterpreted) is available from many sources. If you are interested, I would recommend reading Mathy Vanhoef’s information on his website

However, here is a summary:

  • The WPA2 WiFi encryption has a weakness that can be used to sniff network traffic
  • Your WPA2 password can not be discovered by this attack, however it is not necessary for sniffing the traffic by using this attack
  • Almost all routers and WiFi Network devices are affected (including iPhones and iPads using the current iOS Versions)
  • This vulnerability can (only) be fixed with updates on both ends, Router AND Client

What to do:

  • Look for updates (for your Router AND your Clients). Throw away devices that can’t be updated.
  • Until updates are installed, prevent using sensitive information (e.g. Banking) on any WiFi device. Better use cabled devices for this.
  • If you really have to, double check if you are indeed using HTTPS while submitting sensitive information. Man-in-the-middle attacks, which are possible by using this vulnerability, will most of the time cause HTTPS connections to end up as HTTP connections in order to capture the traffic.
  • Carefully look out for unusual logins on your accounts or anything else unusual. In doubt, change passwords for accounts using cabled devices.
  • After everything calms down, take this opportunity to change all your passwords

Don’t trust the evil,