Geeks2U Promise
We guarantee you'll love our fast, friendly service - or we'll refund your money.  
133,572 Happy Customers & Counting
Need tech support?
1300 769 448
Extended hours, 7 days a week
Home  /  geekspeak  /  What can you do to combat the Wi-Fi KRACK problem?

What can you do to combat the Wi-Fi KRACK problem?

Millions of people around the world use Wi-Fi networking for both their home and office work, because it’s extremely convenient to go fully wireless, and, indeed, many of today’s devices don’t even consider the older wired networking technology at all. That’s not just the obvious fare such as smartphones or tablets, where it would be difficult if not impossible to tether an ethernet cable, but even most laptops, where ethernet is often skipped over to keep costs low and devices as thin as possible.

Wireless is convenient, but because it’s a radio signal at its heart, it’s never been quite as secure as a physical cabled connection. Somebody running a CAT6 cable out of your home or office would be rather obvious, after all, whereas somebody relatively near your wireless network (if it’s completely unsecured) could gain effective free access. That’s why best practice is to enable wireless security. While older standards such as WEP and WPA have largely been depreciated due to older security flaws, WPA2 has stood the test of time as a robust security standard.

Well, it did. The bad news here is that researchers uncovered a very serious flaw in the WPA2 standard that could compromise just about any currently locked down network. Known as KRACK (for Key Reinstallation attACK), the flaw is inherent in the core protocols used for Wi-Fi transmission.

The good news here is that it was uncovered by a security researcher, not a malware author. The bad news is that its impact could be incredibly widespread, leaving numerous systems potentially vulnerable to outside attack.

That’s a statement that has to be predicated by “potentially”, because there are some significant caveats to the KRACK issue. First of all, while a system that uses Wi-Fi to connect to the Internet might be susceptible to KRACK, it’s only susceptible within range of the actual Wi-Fi network. If you have Wi-Fi at home, in other words, a miscreant would have to actually be standing in range of your network, which typically means your home or garden. Fairly obvious in other words, and the more likely targets there would be high value targets such as, say, banks, rather than ordinary consumers.

As yet there’s also little evidence of actual KRACK-based attacks on systems. That may well come in time as exploits are developed, but it’s not a widely exploited flaw to date.

Still, it’s an issue if the core security that’s meant to lock down your Wi-Fi doesn’t work properly. So what can you actually do to stay secure online in the shadow of KRACK?

Firstly (and this should be a regular part of your system maintenance anyway), make sure you’re up to date with any patches for any Wi-Fi connected equipment, including your router and any computers, tablets, smartphones or other devices. That’s going to be a somewhat uneven experience depending on the number of devices and who’s responsible for their updates.

As an example, however, Microsoft says that up-to-date Windows 10 machines are already immune from KRACK. Apple is working on patches for its mobile and desktop operating systems, as is Google for Android devices. Android is trickier, however, because while inhouse devices like the Pixel phones will almost certainly see quick KRACK fixes, older devices might not see them at all. If you’re still using a much older Android device, it may be wise to consider an upgrade in the near future. It’s certainly worth checking with device vendors to see if they’ve got updates planned for this purpose, and applying them as and when they become available.

Secondly (and again, this is something you should be considering anyway), check what you’re doing online and how secure it actually is. Using online banking as an example, your financial institution almost certainly uses HTTPS, rather than HTTP for its web site. That critical ‘S’ at the end indicates an encrypted session, which means that even if somebody did KRACK into your Wi-Fi, they wouldn’t be able to see your online banking anyway. Not every site uses HTTPS, however, and there it may be wise to consider using VPN (Virtual Private Network) software to encrypt your other communications.

Your other option, of course, is to use actual ethernet wherever feasible. The KRACK exploit doesn’t grant attackers carte blanche access to your network, just the potential to snoop on wireless traffic. Anything running along a fixed wired connection should be entirely safe, or at least as safe as anything on the Internet ever is.


Recent News

It’s incredible to see how far we’ve come from even just 10 years ago in terms of home networking. Back then, Telstra’s pay TV channels and its T-Box Digital Video Recorder were all the rage and ‘internet-ready’ devices weren’t as accessible as they are today. While the ways in which and the ease at which

This week, Apple released an update to its macOS operating system to macOS Big Sur 11.5.1. Unusually for Apple, it detailed exactly what kind of security issue it relates to. Specifically, it patches a hole that would allow attackers to execute arbitrary code with kernel privileges. If that sounds like so much techno-mumbo-jumbo to you,

I’ve not had a standard landline in my home for quite some time now. Partly that was because I very much did switch over to using my smartphone a great deal more over time. Mostly, however, it was because getting rid of it was one of the simplest ways to cut off those interminable “support

Social media can be a huge force for change, and in these times where many of us are bouncing in and out of lockdowns, also a vital lifeline for communication on everything from important matters to the wildly trivial. We’re all allowed our personal obsessions, after all. However, many of us don’t think about the

Coronavirus (COVID-19) Update

Learn about the precautions we are taking and our new contactless pick-up and remote service options. Read More
Get help setting up your home office or homework area today. Learn More