KRACK Attacks: Breaking WPA2
The report states the vulnerability is in the WPA2 protocol itself. This means our WAPs (wireless access points - typically integrated in wireless routers) must receive necessary firmware updates, in addition to every one of our wireless devices - such as smart TVs, Blu-ray players, cell phones that use wifi, and more. Not just our wireless computers.
My advice is to use Ethernet (wired connections) whenever possible - especially for your critical computing tasks such as on-line banking and shopping. I also recommend accessing your router's admin menu and limit the number of simultaneous connections allowed to the number of devices you have. You typically can do this by setting a finite range of available IP addresses. Use MAC filtering. This tells your router to only allow devices with specific MAC addresses to connect. The MAC address is (or should be) printed on a label on each device. Assigning a "static" address to each authorized device can further protect you.
And avoid connecting to free "hotspots" such as Internet cafes, hotel and airport wireless systems when possible and for sure, don't do any Internet banking at those locations. There is no way to see if the administrators at those locations have made the necessary security upgrades.
Except for going all Ethernet and disabling wifi completely, none of those steps are foolproof nor do they guarantee a bad guy cannot exploit this WPA2 vulnerability. But it sure will slow them down and, because most badguys are lazy opportunists, these steps will hopefully cause them to exclaim "sour grapes" and move on to easier pickings.
The report states the vulnerability is in the WPA2 protocol itself. This means our WAPs (wireless access points - typically integrated in wireless routers) must receive necessary firmware updates, in addition to every one of our wireless devices - such as smart TVs, Blu-ray players, cell phones that use wifi, and more. Not just our wireless computers.
My advice is to use Ethernet (wired connections) whenever possible - especially for your critical computing tasks such as on-line banking and shopping. I also recommend accessing your router's admin menu and limit the number of simultaneous connections allowed to the number of devices you have. You typically can do this by setting a finite range of available IP addresses. Use MAC filtering. This tells your router to only allow devices with specific MAC addresses to connect. The MAC address is (or should be) printed on a label on each device. Assigning a "static" address to each authorized device can further protect you.
And avoid connecting to free "hotspots" such as Internet cafes, hotel and airport wireless systems when possible and for sure, don't do any Internet banking at those locations. There is no way to see if the administrators at those locations have made the necessary security upgrades.
Except for going all Ethernet and disabling wifi completely, none of those steps are foolproof nor do they guarantee a bad guy cannot exploit this WPA2 vulnerability. But it sure will slow them down and, because most badguys are lazy opportunists, these steps will hopefully cause them to exclaim "sour grapes" and move on to easier pickings.
