You can now connect securely to your Wi-Fi with your iPhone -


Post Top Ad

Post Top Ad

Tuesday, 17 October 2017

You can now connect securely to your Wi-Fi with your iPhone

Apple has already addressed serious vulnerabilities in the Wi-Fi standard WPA2 that protects many modern Wi-Fi networks. The exploits have been covered in iOS, tvOS, watchOS and macOS betas that are currently available to developers and will be released to end users soon.

The WPA2 vulnerability , released this morning by researcher Mathy Vanhoef, affects millions of routers, smartphones, PCs and other devices, including Apple's Mac, iPhones and iPads.

By using a key reinstallation attack or "KRACK," attackers can exploit weaknesses in the WPA2 protocol to decrypt network traffic to detect credit card numbers, usernames, passwords, photos, and other sensitive information. With certain network configurations, attackers can also inject data into the network , remotely install malware and other malicious software.

Because these vulnerabilities affect all devices that use WPA2, this is a serious problem that device manufacturers must address immediately. Often, Apple quickly solves major security issues, so it's no surprise that the company has already tackled this particular problem .

Websites that use HTTPS offer an additional layer of security, but an incorrectly configured site can be exploited to remove HTTPS encryption, so Vanhoef warns that this is not a reliable protection .

Apple iOS devices (and Windows machines) are not as vulnerable as Macs or devices running Linux or Android because the vulnerability is based on a flaw that allows what is assumed to be a single-encryption key use is resubmitted and reused more than once. The iOS operating system does not allow this , but there is still a partial vulnerability.

Once patched, devices running iOS , macOS, tvOS and watchOS can not be violated using the KRACK method, even when connected to an access point or router that is still vulnerable. However, users should look for firmware updates for all their devices, including routers.

Prior to the release of the vulnerability update, customers worried about attacks should avoid public Wi-Fi networks , use Ethernet wherever possible, and use a VPN .

Source :

No comments:

Post a Comment

Post Top Ad