Wi-Fi encryption is useless. Is it not important to have no money, so just "run naked"?

Yes, you read that right. With the exposure of the WPA2 protocol vulnerability (logical flaw), your Wi-Fi encryption has become useless. Almost all Wi-Fi devices that support WPA/WPA2 encryption are facing intrusion threats.

Moreover, since this vulnerability occurred in the Wi-Fi standard protocol and was not unique to some specific products or implementations, it caused a huge uproar and attracted widespread attention.

However, in the face of reports from all sides, the author believes that the following points are more important and can help you get rid of misleading information and quickly improve security protection.

[[207063]]

Which devices are targeted?

According to foreign security researcher Mathy Vanhoef, the WPA2 protocol vulnerability discovered this time mainly targets Wi-Fi access client devices (such as mobile phones, tablets, laptops, etc.).

Through the Key Reinstallation Attack (KRACK), these clients can be induced to perform key reinstallation operations to complete mutual authentication, thereby cracking the WAP2 encrypted network.

It should be noted that the key reinstallation attack is due to the fact that the 802.11 standard does not define when the negotiated key should be installed in the 4-way handshake (and handshake with other devices). An attacker can induce the installation of the same key multiple times, thereby resetting the random number and replay counter used by the encryption protocol.

In fact, when performing wireless encryption, a key should only be installed and used once, but the WPA2 protocol layer does not provide corresponding protection. Therefore, all clients that support WPA2 will become potential targets of attack.

Do wireless routers not need to be patched?

To clarify this issue, we must first understand which devices are affected by the WPA2 protocol vulnerability? It can be said that all Wi-Fi devices that use WPA/WPA2 encryption and support client mode are affected.

[[207064]]

Affected devices:

• Wireless terminal devices that support WPA/WPA2 encryption, such as smartphones, tablets, laptops, wireless network cards, etc.;
• Wireless router/AP, wireless extender or wireless bridge in client mode or Mesh mode (supporting WPA/WPA2 encryption);

[[207065]]

• Wireless routers in client mode and Mesh mode need to be patched

Therefore, if you are an individual user or enterprise using the above-mentioned router model, you need to contact your respective equipment manufacturers as soon as possible to find out whether there are any security updates available.

Attack launch conditions:

The attack can only be carried out if the attacker can find your Wi-Fi signal and is within the coverage of your wireless network signal. For example, "Lao Wang next door" will have the conditions to launch an attack:) Of course, he also needs to understand the key reinstallation attack techniques and tools.

[[207066]]

Attack Impact:

Using key reinstallation attacks, attackers can bypass conventional network password authentication, sniff and tamper with all traffic on the attacked end, obtain plaintext accounts, and even inject ransomware or other malware, etc. Obviously, corporate wireless networks will become the main target of attacks.

Manufacturers that have released patches:

After the details of the vulnerability were exposed, Linux, Microsoft, and Apple have successively released patches. Therefore, it is strongly recommended that you update your system version or install patches in a timely manner. So far, the patch progress of mainstream terminals is as follows:

• Windows Terminal: Microsoft has fixed the KRACK vulnerability in the security cumulative update on October 10. Please enable automatic updates for Windows 10, and upgrade older versions of Windows to Windows 10 in a timely manner.
• iOS terminal: Apple announced on October 16 that this vulnerability has been fixed. Please receive iOS push updates.
• Android devices: Google will fix this vulnerability in November. Domestic manufacturers' Android systems are not native, so please contact each manufacturer for security updates.
• Linux: wpa_supplicant has released an update to fix this vulnerability. Please update the component through the package manager.

Can individual users protect themselves?

In fact, this question is as clear as asking whether you need to set a payment password for your bank card, Alipay, or WeChat: you must upgrade your protection.

Although there is no exploit tool for the KRACK vulnerability exposed in the WPA2 protocol, it does not mean that it will not appear in the future. And since it is a vulnerability at the Wi-Fi protocol level, its impact is widespread, as described above.

Moreover, the painful lesson of the Shandong prospective college student Xu Yuyu (a child from a poor family) who died after being deceived in 2016 is still fresh in our minds. Scammers and purposeful information thieves don’t care whether you are rich or not, or whether you are important or not, as long as you become his target, the rest may be just a voice or a few lines of code. . .

In recent years, insufficient protection of personal information has led to infringements of personal privacy, property and other rights, and even endangered personal property and life safety. In addition, after being infringed, it is possible that there is no efficient channel for filing a complaint. This obviously serves as a wake-up call to those careless people who do not pay attention to information protection.

Moreover, as social engineering is continuously applied to the Internet, technical vulnerabilities now seem to have lost their halo and become simple tools behind the scenes.

Therefore, at a time when our personal information has been converted into information data and is flowing on the Internet, apart from patching and seeking protection yourself, no one else is responsible for your information being "naked".

[[207067]]

How to prevent?

1. Pay attention to the latest developments of terminal equipment manufacturers and upgrade as soon as the corresponding security patches are released;
2. Try not to connect to public Wi-Fi networks. If you need mobile network, connect to 4G first.
3. The vulnerability is mainly targeted at the client, and simply upgrading the wireless router or AP cannot effectively protect it;
4. Changing the wireless network password is ineffective because the KRACK attack can be bypassed;
5. Enterprise users can deploy wireless intrusion prevention systems (WIPS) or VPNs.