After all the buzz in the news lately, are you now finally planning on patching your WiFi router, buying a new one, or just saying the hell with it and going back to Cat 5e Ethernet?
“Krack” WiFi exploit news got you bummed out, or are you just now learning about Re-using a “Nonce” to fake out your trusty old router with a “key re-installation attack”……that you always thought was secure using WPA2?
How often have you even heard of or used the word “nonce” in a sentence?
You don’t want someone decrypting your packets and/or forging new ones to basically hijack your connection. Maybe you don’t care and like to surf the web on public WiFi at your favorite coffee shop. That’s up to you.
It’s been a very odd year for cyber security issues.
If privacy isn’t your main concern, then maybe avoiding someone or something trashing your laptop with malware is. Either way bad things seems to appear to be accelerating, or maybe it just feels that way because such reports are more readily available online than a few years ago. (More information = more awareness……and often stress)
For a very rudimentary, somewhat sketchy and brief explanation let’s say that in a WiFi 4 way handshake there is the possible retransmission of the 3rd message because a potential loss of the final message. (the other end for whatever reason never sees it)
– Apparently this creates a potential exploit against the “client” because of the odd rule set or way in which the WiFi router fumbles the ball with encryption. This all happens because of a possible “PERSON in the MIDDLE” attack,
Is a VPN or Cellular link a better alternative?
– hmm, possibly.
Actually, I do think WiFi will be around as a consumer LAN for a while. So, you’ll just have to keep current with all the available security parameters……forever?
What can the average user actually do?
-Well, let’s first make sure your “clients” are all patched and up to date. Your laptop, TV, refrigerator, security cameras and anything else connected to your local network
-If you have access and permissions, check to see if you can disable your router’s ability to act as a client (maybe you use your router as a repeater or access point) and see if your equipment’s vendor has or will have a patch soon.
-Running a relatively modern operating system and keeping your patches up to date is always a good idea.
-A decent firewall policy and a trusted Anti Virus program make sense for most user’s systems.
-Having a backup procedure or scheme could be very handy also.
-Using strong password protection policies and in some cases encryption for your computer drives are all common sense now.
Nothing really new, just a reminder, but unfortunately replacing your WiFi router each time a new vulnerability is publicized could get a little expensive especially if that’s the only fix available.
As a general recommendation I’d say update your client equipment’s software/firmware if you can soon.
Relax, you’ll be fine…..Probably.
Do you depend on venders and your local Internet providers to patch there “rental” equipment or do you add your own newly updated super cool WiFi router ? (Probably both would be nice)