Skip to Content
Uncategorized

Secure Wi-Fi Networks Everywhere Are Wide Open to Hacks, Thanks to a Newly Discovered Security Flaw

October 16, 2017

Your wireless network isn’t as safe as you thought it was.

Security researcher Mathy Vanhoef has discovered a serious flaw, which he’s calling KRACK, in the WPA2 protocol that secures almost every modern Wi-Fi network. The vulnerability could allow hackers to inject malware into websites, or spy on people by reading information that was until now assumed to be encrypted.

The flaw exists in the verification process that’s carried out when users join a protected Wi-Fi network using a password they’ve been given. At that point, the WPA2 protocol gives the user an encryption key that’s used to scramble data being sent across the connection. That encryption key, along with some other numbers, is supposed to be used just once.

But numbers used by the protocol can sometimes be reused, and Vanhoef has shown that it’s possible to forcibly obtain them and reverse-engineer the system to decrypt transmitted data.

Vanhoef says that “any correct implementation of WPA2 is likely affected,” which means “any device that uses Wi-Fi is likely vulnerable.” Android, Apple, and Windows software is all said to be affected by KRACK attacks on some level.

The Wi-Fi alliance, which certifies Wi-Fi devices, says “there is no evidence that the vulnerability has been exploited maliciously.” It also adds that the issue “can be resolved through straightforward software updates.” Now, we just need to wait for those software updates to arrive.

Deep Dive

Uncategorized

Our best illustrations of 2022

Our artists’ thought-provoking, playful creations bring our stories to life, often saying more with an image than words ever could.

How CRISPR is making farmed animals bigger, stronger, and healthier

These gene-edited fish, pigs, and other animals could soon be on the menu.

The Download: the Saudi sci-fi megacity, and sleeping babies’ brains

This is today’s edition of The Download, our weekday newsletter that provides a daily dose of what’s going on in the world of technology. These exclusive satellite images show Saudi Arabia’s sci-fi megacity is well underway In early 2021, Crown Prince Mohammed bin Salman of Saudi Arabia announced The Line: a “civilizational revolution” that would house up…

10 Breakthrough Technologies 2023

Every year, we pick the 10 technologies that matter the most right now. We look for advances that will have a big impact on our lives and break down why they matter.

Stay connected

Illustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at customer-service@technologyreview.com with a list of newsletters you’d like to receive.