According to a research report published on Monday by the Research Institute, it is used to protect the WiFi network security WPA2 security protocol has a major security vulnerability. Attackers may monitor sensitive data transmitted between WiFi access points and computers or mobile devices, even encrypted data.
The vulnerability, known as krack, will affect WPA2 security protocol, which is widely used in modern Wi Fi devices. The vulnerability was discovered by mathy vanhoef of the University of Leuven in Belgium, who said in some cases hackers could use the krack vulnerability to implant blackmail into the site Software 。
Krack is the abbreviation of "key re installation attack". An attacker will repeatedly use the one-time key provided by the client device when joining the Wi Fi network, so as to crack the information exchanged between the access point and the client device. This can lead to the disclosure of credit cards and passwords.
Van Hoff described the attack process on his website: when a device joins a protected Wi Fi network, a process called a four-way handshake occurs. This "handshake" ensures that both the client and the access point have the correct login information and generates a new encryption key to protect network traffic.
This encryption key is installed in the third step of the four-way handshake, but sometimes the same key is sent repeatedly if the access point thinks the message is missing. Van Hoff's research found that the attacker can actually force the access point to install the same encryption key, so that the intruder can attack the encryption protocol and crack the data.
According to van Hoff, Google's Android system Apple's IOS system and Microsoft's windows operating system will be affected.
How to deal with it?
1. In order to protect yourself from vulnerability, WiFi devices such as smartphones, tablets and laptops should be upgraded to the latest version. If possible, you should also update the router firmware.
2. If there is a cellular mobile network, priority should be given to the use of cellular mobile network, and unknown public WiFi should be avoided as far as possible.
3. If there is no cellular mobile network, it is also safe to surf the Internet under the unknown public WiFi. The specific method is that the user needs to have a secure and reliable VPN account first. After connecting to WiFi, he can immediately connect to VPN, and after successfully connecting to VPN, he can get online again. Because all network traffic goes through VPN, it is difficult for a third party to eavesdrop on the communication between them.
Free VPN accounts are also provided by domestic companies, for example, for public WiFi security, Alibaba There is a free VPN. In aliqiandun phishing interception, a VPN account will be added to the system after the function is enabled. You can use this VPN to access the Internet safely.