HFU HF Underground
General Category => General Radio Discussion => Topic started by: ka1iic on October 23, 2017, 1640 UTC
-
Researchers find bug in Wi-Fi network encryption
October 19, 2017
by Phoebe Rouge
Technologist, Office of Technology Research and Investigation
If you have a smartphone, laptop, or IoT device connected to a Wi-Fi network, the information you send over that network could be at risk. Researchers recently found a bug that lets attackers break the encryption that protects most wireless networks – leaving data you send exposed.
The bad news is that this is not a problem with a specific device, or even manufacturer – it’s a problem with the WPA2 encryption standard nearly all Wi-Fi devices on the market today use to scramble communications, preventing eavesdropping and tampering. Basically, if you use a device to connect to a wireless network at home, work, or elsewhere, this bug means you cannot rely on that connection being secure.
The good news is that the bug can be fixed with a security update or patch. Device manufacturers and software companies are aware of the bug and updates for affected devices should be rolling out in the near future, if they haven’t already.
In the meantime, connections other than Wi-Fi (like your smartphone’s 4G/3G carrier connection, or a connection with an Ethernet cable) are not affected. So, consider using them instead of Wi-Fi until the updates are available.
Even so, this bug is a reminder that there’s no single solution to secure your data, and all of the other tips for protecting your sensitive information and security online are more important than ever, including:
Keep up with the latest updates for your software and devices, including updates for your smartphone, computer, and any IoT devices around your home.
Avoid sending sensitive information over public Wi-Fi, whether or not it’s encrypted.
When you do send sensitive information to a website, make sure the address starts with “HTTPS” – this will at least ensure the data you send to that one website is encrypted.
A VPN (Virtual Private Network) app or service can give you another layer of protection for your personal data. VPNs encrypt traffic between your computer and the internet – even on unsecured networks. You can get a personal VPN account from a VPN service provider. If you decide to use one, be aware some VPNs are more secure and easier to use than others, so shop around. Read reviews from several sources, including impartial experts.
https://www.consumer.ftc.gov/blog/2017/10/researchers-find-bug-wi-fi-network-encryption?utm_source=govdelivery