The WPA2 (Wi-Fi Protected Access II) protocol that’s used by most Wi-Fi networks today has been compromised, and a way to intercept traffic between computers, phones, and access points has been found.
Today’s Internet and network connections rely on specific tools that are taken for granted, most of the time. From time to time, a way to compromise these protocols sends everybody running for the fences. Let’s just remember the OpenSSL problem, for just a moment.
Now, a similar problem has been identified in the WPA2 protocol that’s used by Wi-Fi networks. Whenever you connect your device to a Wi-Fi network, you are probably using the WPA2 security protocols, and you feel safe. Well, you shouldn’t feel safe at all. It turns out that the protocol is vulnerable and that communications between client and host can be intercepted.
WPA2 has been KRACKed
Security researchers have discovered a way to compromise the communications between a host and client that’s using the WPA2 protocol. According to a notification sent by US-CERT, via Ars Technica, says that “the impact of exploiting these vulnerabilities includes decryption, packet replay, TCP connection hijacking, HTTP content injection, and others.”
The moniker for the attack is currently “KRACK,” although it not official just yet. And, as usual, there are good news and bad news, and the bad ones outweigh all the rest. The following vulnerabilities have been noted: CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13084, CVE-2017-13086, CVE-2017-13087, and CVE-2017-13088.
This means that we should start to see patches for these problems soon, but it’s important to know that many of the devices we’re using today, like routers, for example, won’t get these patches.