If it has wifi, it is vulnerable the absolute safety does not exist in the Internet world. If a computer admits connection route wifi, probably it is vulnerable to the action of the thieves of information.
This is the conclusion to which there came Mathy Vanhoef and Frank Piessens, investigators of the University of Lovaina.
They published a report on Monday that shocked the world of technology and reveals a serious security flaw in the WPA2 protocol, which is used in WiFi systems through which mobile phones, computers and other devices are connected.
The Belgian researchers created a website (www.krackattacks.com) to provide information on the problem they discovered.
There they released their warning: “If your device supports WiFi, it is probably affected,” they alerted.
The conclusions of the report have been a shock in the world of cybersecurity, as so far the WPA2 protocol was considered the safest of the existing ones.
The Cards, Threatened
The flaw that was detected would allow to the hackers to gain access to information that supposedly was encriptada, like the numbers of credit cards and other information encriptados sensitive that every day circulate along the network supposedly protected by the protocol WPA2.
Vanhoef and Piessens baptized the type of attack that they discovered like attack KRACS, a method that can serve, according to Piessens, “to steal sensitive information of the user, like numbers of credit cards, e-mails, passwords, conversations of chat …“.
Even the breach might be used to infect web sites with malignant programs.
The WPA2 is the most habitual protocol and till now it had been had for almost infallible.
The experts detected that the flaw through which the Pirates could infiltrate opens as the negotiation process is operated by four-way handshake (handshake at 4 hands), which acts when the devices are connected to a given network Encrypted using WPA2 and a new key that encrypts internal traffic is used.
With an Old Key
In the light of new data, the WPA2 protocol can be deceived by re-using a previously used key. Android and Linux operating systems are especially vulnerable, although any device connected to a router could be attacked.
Despite everything, it is not clear if there has already been a theft of information or some attack of another type following the technique now discovered.
The Wi-Fi Alliance, a group of industries representing major technology companies, said in a statement that the quickest solution to the problem would be a “direct software upgrade”.
Wi-Fi Alliance’s recommendation to all its partners is to make timely corrections to software upgrades and users to install the updates as soon as possible.
How does WiFi work on airplanes and why is it so bad?
Waiting for manufacturers to make the measurements effective, some companies like Microsoft already have a patch that fixes the problem.
For users, the recommendation of experts is to avoid the connection through networks that have been affected and to keep the software updated to the latest version in the hope that the technological firms do their work in time.