Free Wi-Fi draws people to places like bees to honey. Malaysia has free Wi-Fi in many places, you’re your favourite cafes to popular outdoor spots around town, and many connect to these networks for their daily dose of Internet. You’ve probably been warned of the safety risks associated with free Wi-Fi…but did you know that your own, personal Wi-Fi at home is also not fool-proof?
But how can your home Wi-Fi be unsafe if you and your family are the only ones who can access it with a password? As it turns out, the flaw seems to be inherent in the Wi-Fi standards, according to two Belgian researchers, and it actually has nothing to do with the strength of your Wi-Fi password. Sorry folks, this is one time that a secure password won’t save you!
The Protocol Involved
For those who are more tech-savvy, you may have noticed there are several security protocols you can use to protect an Internet network, from the lowest-level WEP to the more comprehensive WPA2+AES protocol. The Belgian researchers mentioned earlier focused on the WPA2 protocol, which is an enhanced version of its predecessor, Wi-Fi Protected Access, or WPA.
The Affected Users
Basically, the moment your device supports Wi-Fi, you’ll probably be affected by this security flaw. Changing your Wi-Fi password won’t solve the problem although it certainly adds a layer of security to your personal network. You can contact your devices’ vendor to be sure.
What Does It Do?
Luckily, it seems that this security flaw has yet to be exploited for malicious purposes, as far as the Wi-Fi Alliance (an industry group that represents hundreds of Wi-Fi technology companies) is aware. This doesn’t mean that it’ll stay that way forever – especially now that it has come to light! Unfortunately, the Belgian researchers’ study did not extend to determining the exploitation of that vulnerability, so we might not know for sure.
How Can It be Exploited?
The study highlighted the Key Reinstallation Attack (KRACK) method of attacking, which targets a procedure called the four-way handshake. The four-way handshake is executed whenever a device tries to join and is authenticated by an access point, such as a router. The router – the access point – isn’t the problem, but your devices are.
How Can I Solve It?
Nevertheless, ensuring that your router has the latest security updates available for its model would help fortify your Wi-Fi, so it’s still a good idea to update your firmware along with all your devices. Your devices should take top priority. Fortunately, some companies are actively trying to fix this issue, especially the tech giants, so this problem might blow over sooner rather than later.