More than a billion internet-connected devices—including Apple's iPhone and Amazon's Echo—are affected by a security vulnerability that could allow hackers to spy on traffic sent over Wi-Fi.
The flaw, discovered by the cybersecurity firm ESET, effectively disarms the encryption used by a password-protected Wi-Fi network. This could let hackers watch the activity on the network as if it were wide open. But while this could mean victims are vulnerable to eavesdropping, software updates and other layers of security will likely prevent this attack from having catastrophic results.
Wh00ps: The vulnerability, dubbed Kr00k by researchers, affects devices with Wi-Fi chips by Broadcom and Cypress—used in a vast range of devices with wireless internet, including Apple, Google, and Samsung phones. But security updates have already been deployed to fix the issue, so the best advice is to make sure your computers, phones, and all internet-connected devices have the latest software and firmware.
Not good, not terrible: In a worst-case scenario, a significant amount of data would be exposed, including the websites you're visiting or messages you are sending. However, a lot of private communication on your Wi-Fi network should still be safe because of encryption used by websites themselves. So keep calm, salute the folks finding these problems, and carry on.
Erik Prince wants to sell you a “secure” smartphone that’s too good to be true
MIT Technology Review obtained Prince’s investor presentation for the “RedPill Phone,” which promises more than it could possibly deliver.
Corruption is sending shock waves through China’s chipmaking industry
The arrests of several top semiconductor fund executives could force the government to rethink how it invests in the sector.
Inside the software that will become the next battle front in US-China chip war
The US has moved to restrict export of EDA software. What is it, and how will the move affect China?
Hackers linked to China have been targeting human rights groups for years
In a new report shared exclusively with MIT Technology Review, researchers expose a cyber-espionage campaign on “a tight budget” that proves simple can still be effective.
Get the latest updates from
MIT Technology Review
Discover special offers, top stories, upcoming events, and more.