There is no secure WiFi in the world now, and operators are laughing

Vulnerability Android Microsoft

jikeshijie· 2017-10-23 05:38:18

10 month 16 days, broke in with the discovery of has a very serious security vulnerabilities in 13 years of Wi-Fi security encryption protocol WAP2, this vulnerability allows you to bank cards, chat messages, passwords and other important information in front of the attacker in the nude state. That means rubbing your Wi-Fi's "next door Lao Wang" not only to your people, but also to your money and privacy...

" because the WAP2 has been the industry standard, the global access to Wi-Fi devices may be streaking... Operators are laughing, traffic package business this does not take off.

in the "Wi-Fi" did not die in, if this loophole and brought the "KRACK" ("Key Reinstallation Attack attack", the key to re install the attack) is heavily used, it will bring disastrous consequences. Is it true that the next door Lao Wang will do it? What is

KRACK? According to foreign media

Engadget "said the people" described by KRACK is that the person to carry out attacks when the attacker found a loophole:

a WPA2 network, will make a copy of it to the spoofed MAC address, Wi-Fi channel change. Then, this new network would act as a "fake" man in the middle (Man in the Middle) identity, and when the device attempts to connect to the original network, the device will be forced to fake the "detour" on the network. At the same time,

vulnerabilities found on the site who hove warned that any device that supports Wi-Fi are likely to be affected by KRACK, including but not limited to Linux, Android, Apple, Windows, OpenBSD, MediaTek, Linksys, especially Linux and Android equipment.

, so basically, as long as the normal people use the equipment, almost can not escape KRACK attack... However, the vulnerability of WPA2 although the impact of a very wide range, but this vulnerability is difficult to be used by

in the short term, because the use of loopholes in the attack need long time to prepare and identify a clear goal and attack code, and the code has not yet appeared on the Internet; secondly, the physical Wi-Fi the coverage is not big, but lived next to you "Wang" as long as not a hacker, a great probability also didn't have the ability to hack your home router...

giants react? After the

vulnerability was exposed, Microsoft said that this vulnerability we have already patched up: vulnerability patch has been released on Tuesday, October 10th patch update day. And perhaps because the leaks were not yet available, Microsoft did not mention it.

of course, this update requires the use of Windows 7 or higher version of the operating system can receive, but also use XP or Vista system of small partners quickly upgrade it.

" in the footsteps of apple as quickly: released in Beijing on October 17th morning iOS 11.1 third, watchOS 4.1, developers test version of tvOS 11.1 to develop the test version, Apple has fixed this serious vulnerability, and the official version of the above system may also need to wait for a long time.

" according to the report of the 50% van Hove, Android devices are vulnerable to the effects of the KRACK attack, but Google will be in the next month to push Pixel security update, so Android users may have recently exceptionally careful security wait for Android patch and major OEM vendors. Security experts suggest that the only way to use Android users at this stage is to use VPN or HTTPS encrypted communication App to prevent hijacking.

ordinary users should do?

for the WPA2 vulnerability, wireless security expert Yang Qing 360 gives professional advice in his micro-blog update:

wireless router, mobile phone, intelligent hardware etc. all use WPA2 wireless authentication client software version. (if there are patches under

conditions) enterprises and individuals to please the deployment of WIPS is reasonable, timely monitoring of malicious phishing WiFi legal WiFi in the region, and to block the interference, the malicious WiFi can not work normally. (importance of WIPS)

wireless communication connects with VPN encrypted tunnel and forced SSL to avoid information leakage caused by traffic hijacking and middleman attack.

national standard WAPI wireless authentication temporarily not affected by the vulnerability.

" and if because of limited conditions or other reasons to do the above, the following points can largely help eliminate the influence of the vulnerability of

in the use of computer and console connection cable network; mobile phone

sensitive operations when use number

The lastest articles of jikeshijie

There is no secure WiFi in the world now, and operators are laughing

His life is legendary, from the Tramp to the founder of the world's hottest game

His life is legendary, from the Tramp to the founder of the world's hottest game

Even iPhone didn't name it these days

In front of this country, Jia Yueting can only show the white feather

IOS 11 is probably one of the iPhone's ground gas updates

More attractive than the new iPhone is the full screen

More attractive than the new iPhone is the full screen

More attractive than the new iPhone is the full screen

More attractive than the new iPhone is the full screen