How to stay safe from Spark's Wi-Fi fault

How to stay safe from Spark's Wi-Fi fault

To exploit the vulnerability, a cybercriminal would have to launch a man-in-the-middle (MitM) attack against a WPA2-protected Wi-Fi network from within physical range of the target device. Every network-capable device has a hard-coded, unique "media access control" or MAC address, and most Wi-Fi routers have a feature that lets you only allow access to your network for specified MAC addresses. The hackers can unencrypted (non-HTTPS) traffic or compromise your computer by slipping malware into legitimate websites.

Vanhoef uploaded a video on YouTube outlining how the attack works.

"It means in practice, attackers can decrypt a lot of Wi-Fi traffic, with varying levels of difficulty depending on your precise network setup".

As the weakness lies in WPA2 itself, all devices using WiFi are at risk.

Android 6.0 and above, along with many Linux variants, use a newer version of the wpa_supplicant application that is the vector for this variation of the attack.

The main attack is against the "four-way handshake" of the WPA2 process that is executed when a user wants to join a protected Wi-Fi network. "But one would need to be careful about using public Wi-Fi", says Bhattacharya, also a "bug bounty" hunter.

What can a hacker have access to?

The vulnerability is the first to be found in the modern encryption techniques that have been used to secure Wi-Fi networks for the last 14 years.

Now since the vulnerability is so widespread, tech giants will have to speed up the patch process and issue updates to their users as soon as possible. "Users can expect all their Wi-Fi devices, whether patched or unpatched, to continue working well together", the statement said.

It's safe to say this newfound weakness poses a serious privacy risk - here are a few things you can do to protect yourself from a potential attack.

How can I prevent an attack? All you can do is wait for security updates for your devices.

Finally, consider browsing the Web with an extension or browser add-on like HTTPS Everywhere, which forces any site that supports https:// connections to encrypt your communications with the Web site - regardless of whether this is the default for that site.

"Wi-Fi Alliance now requires testing for this vulnerability within our global certification lab network and has provided a vulnerability detection tool for use by any Wi-Fi Alliance member".

Related Articles

  • Somalia: several killed in Mogadishu truck bomb

    Somalia: several killed in Mogadishu truck bomb

    The blast near Zobe, a busy road intersection, may have been a suicide bomber, a police official told VOA. Later on Saturday, a second blast took place in the city's Madina district.
    The Stranger Things Season 2 Final Trailer Will Give You Life

    The Stranger Things Season 2 Final Trailer Will Give You Life

    Eleven ( Millie Bobby Brown ), a girl with telekinetic powers who has been trapped in the Upside Down, will also return. The Demogorgon is bigger this season and the secrets from the Hawkins Lab will probably be revealed this year.
    Wells Fargo & Company Earnings Ahead: Quick Glance

    Wells Fargo & Company Earnings Ahead: Quick Glance

    Chief Financial Officer John Shrewsberry suggested Wells Fargo may also face issues hitting next year's cost-efficiency target. Finally, Hotchkis & Wiley Capital Management LLC lifted its position in shares of Wells Fargo & by 49.5% in the first quarter.
  • San Francisco 49ers: NaVorro Bowman release a sad reality of rebuild

    San Francisco 49ers: NaVorro Bowman release a sad reality of rebuild

    He's signed through the 2019 season with a base salary of $6.75 million this year and $8.7 million next year, per Spotrac . With Bowman gone, the 49ers basically discarded the last major piece of their team that reached Super Bowl XLVII .
    Nokia 9 out of the headphone Jack

    Nokia 9 out of the headphone Jack

    In terms of other components, speculation has it that the Nokia 9 will boast a 5.5-inch display with QHD resolution. Whereas, it will come in two storage variants, one will have 64 GB and other will have 128 GB internal storage .
    Martinez: Fellaini injury won't sour relationship with Mourinho

    Martinez: Fellaini injury won't sour relationship with Mourinho

    Mourinho's team face Liverpool at Anfield on Saturday in a lunchtime kickoff before a Champions League trip to Benfica on Wednesday.
  • October FIFA Ranking Provides Glimpse Into World Cup Draw Possibilities

    October FIFA Ranking Provides Glimpse Into World Cup Draw Possibilities

    The seeded teams have been decided by October's FIFA/Coca-Cola World Ranking, published today. Russian Federation is top-seeded for the World Cup despite being ranked No. 65.
    24 fall ill after consuming food on-board Tejas Express

    24 fall ill after consuming food on-board Tejas Express

    Sanjay Rao (32), a resident of Panjim, was travelling in the C-5 compartment of the coach with three other family members. The train was on its way from Goa to Mumbai when passengers complained about their deteriorating condition.

    U.S. flies strategic bombers over Korean peninsula

    Commenting on the news is Chris Doman, security researcher at AlienVault, who is investigating hacking groups in North Korea. The South's Yonhap news agency quoted Lee as saying that 235 gigabytes of military documents were taken.
  • IS Southeast Asia chief killed in Philippines

    IS Southeast Asia chief killed in Philippines

    Military intelligence suggests that two boats were prepared but the two men were unable to reach them due to intense fighting. The Philippine government had offered a 10m Philippines peso bounty for Hapilon on top of the $5m reward offered by the US.
    North Korea crisis: Tillerson says diplomacy will continue

    North Korea crisis: Tillerson says diplomacy will continue

    President Donald Trump has challenged Secretary of State Rex Tillerson to compare IQ tests. But Tillerson said suggestions that he's been undermined have no basis in fact.
    Oculus Go : a VR helmet for 199 dollars only

    Oculus Go : a VR helmet for 199 dollars only

    To achieve that goal, Zuckerberg has to figure a way for people to be able to move while using the premium, standalone VR device. Across all PC-based VR headsets we are forecasting a world installed base of 2.4 million by the end of the year.