Router Wi-Fi Scare
Router Wi-Fi Scare: a reader asks…
I just read about Wi-fi being compromised. Something called Krack. Now what do I do? I have a home router from Verizon FIOS, a Dell laptop and an iPhone.
First, be aware that this scare is way overblown by the news services. Security researchers found a way to get past the security encryption protocol WPA2 – in the lab. My guess is by the time hackers are able to weaponize this flaw, device manufacturers will have already issued updates (either in firmware or operating system updates) that will patch the hole and keep you protected. That’s not to say don’t worry about it at all, but keep all your equipment up-to-date and apply software updates as soon as they are released – this is still (and always) important.
The flaw affects every device you mentioned – all devices that use Wi-fi are affected since the encryption methodology is what’s at risk. My guess is that Verizon is going to take their sweet time about issuing an update (if they do anything). Your laptop manufacturer should have an update soon (or now), but you’ll have to go searching for it. Try https://support.dell.com. Apple reports that the update for iOS is already in beta testing and will be rolled out to consumers within a few days.
The security vulnerability has a significant drawback for a hacker – physical distance. A hacker would have to camp outside your home in order to snoop on your FIOS router and home network. Or be close to your laptop or iPhone while they are using Wi-fi someplace else. I have to tell you that the chances of that happening are pretty low. That said, if you’re still worried, here’s some things you can do to limit your exposure:
- Turn off Wi-fi when you’re not actively using it. You may not need to bother with your FIOS router, but certainly you can quickly put your computer/iPhone in Airplane Mode, and/or just turn off Wi-fi.
- Avoid using public Wi-fi networks. If you are going to use a public network, you should only be using secure protocols (the s in https://whatever.com), not unsecure (http://whatever.com).
If you are interested in following this as it develops, check out https://www.krackattacks.com/ which is the website of the security researcher (Mathy Vanhoef) reporting on this vulnerability – KRACK stands for Key Reinstallation Attack. He’s even got a logo designed for the vulnerability (picture at right). I think you’ll be reading a lot about this vulnerability in major publications, but I have to say that the hack is pretty sophisticated and descriptions will probably fly over everyone’s head. Suffice it to say that you should be looking to your device manufacturers for updates to patch the flaw sometime soon.
This website runs on a patronage model. If you find my answers of value, please consider supporting me by sending any dollar amount via
(send to @PosiTek), 
(send to Support@PosiTek.net), 
using any credit card (no Paypal account required), using Zelle, Apple Pay or Google Pay, or by mailing a check or cash to PosiTek.net LLC 1934 Old Gallows Road, Suite 350, Tysons Corner VA 22182.
I am not a non-profit, but your support helps me to continue delivering advice and consumer technology support to the public.
Thank you!
Author: Chris Gardner
Your Tech Coach at PosiTek.net
There are currently 1277 reader comments on published articles, care to join in? Use the Leave a Comment form below/at the bottom of any existing comments. This is a good place to ask follow-on questions on this subject.
