A Wi-Fi symbol with computer binary code in the background, to signify the hackers who exploit insecure networks via key reinstallation attacks.

What You Need to Know About Key Reinstallation Attacks

If you haven’t heard about key reinstallation attacks yet, they’re the most recent form of Wi-Fi hacking. It’s also possible that you actually have heard about them under their media nickname, which is ‘Krack Attacks.’

Regardless of the nomenclature, key reinstallation attacks are attempts to exploit a flaw in the Wi-Fi encryption protocol which permits hackers to hijack all kinds of personal information, including photos, passwords, and account numbers. The first thing to know about key reinstallation attacks is that they’re not specifically targeting any particular hardware, but rather a weakness in the Wi-Fi protocol itself.

This means that all smartphones, mobile devices, routers, and desktop machines are subject to attack, and any or all of your personal data may abruptly come into the possession of someone with criminal intent. Today, we’re here to discuss what you should know about this new threat.

How Key Reinstallation Attacks Work

Researchers have uncovered a flaw in the WPA2 Wi-Fi protocol which allows hackers to replicate a user’s network entirely, and by falsely representing the Media Access Control (MAC) address, which is a device’s physical address, it can actually cause a switch in Wi-Fi channels.

When a bogus network is set up in this way, it can actually intercept signals from any remote device attempting to connect to the original system, causing such attempts to bypass the real network, and instead connect to the rogue.

The way WPA2 encryption is supposed to work, it would require a unique key for any encryption request, but the flaw uncovered in the WPA2 protocol does not always need that specific key, and instead, reuses a previous one. The problem is particularly acute with Linux and Android, because of the way they make use of the WPA2 protocol. In these operating systems, a unique encryption key is not demanded every time an encryption request is made, leaving the system vulnerable to hacking.

In layman’s terms, the Wi-Fi protocol can be exploited when hackers can find a vulnerable network and take advantage of the WPA2 weakness, ultimately directing users to the rogue network for data hijacking.

Little people browsing the internet on their laptops, perched on a laptop. Key reinstallation attacks take advantage of how ubiquitous Wi-Fi is.

Key reinstallation attacks take advantage of the fact that most of our world now runs on Wi-FI so it’s important to take precautions before connecting to an unfamiliar Wi-Fi network or an insecure one.

Researchers Proof of Concept

Previous minor flaws had already been uncovered in the WPA2 protocol, so researchers were already fearful that some even more significant problem might be lurking within the software. The key reinstallation flaw was discovered by those researchers, who then conducted proof of concept experiments to attack a theoretically vulnerable Wi-Fi system. On an Android system, the researchers were successful in intercepting and decrypting all the test victim’s data.

According to these penetration experts, the same kind of ‘success’ could not be achieved on a system setup with HTTPS secure socket layers but would wreak havoc on sites which have been poorly set up and missing HTTPS. While Linux and Android are most severely affected because of how they use WPA2, other operating systems like Windows, MacOS, and OpenBSD would also be compromised but to a lesser degree. How serious is the issue for Android? Experts recommend that owners of Android devices shut off Wi-Fi until known fixes have been applied to close up the weakness in the protocol.

What You Can Do to Avoid Krack Attacks

One of the best things you can do to avoid the possibility of a key reinstallation attack is to look for the ‘https’ at the beginning of any URL for websites which you visit. That ‘https’ is an indicator that the site uses secure protocols, and you would be safe in visiting. You can also simply avoid using Wi-Fi for the time being, while software gurus hurriedly develop a fix for the vulnerability. This may be inconvenient, especially when you’re away from home or the office and might need Wi-Fi, but it’s much safer than having your sensitive data fall into the hands of a criminal.

One of the interesting things about these attacks is that a hacker must be within the physical range of your machine before the attack can be carried out, and while that does serve to shield many users from harm, an actual attacker can’t be identified beforehand so you know if he’s close enough. So naturally, you can’t rely on remaining safe because you aren’t within range of a criminal – after all, what does a criminal look like?

Fortunately, the fix will be relatively easy to develop in this case and should be forthcoming relatively soon. All that’s necessary is a simple change to the firmware so that during the ‘handshake’ between devices, a unique key is requested every single time, rather than sometimes relying on previously used ones which can be exploited. Get in touch with your provider and ask when fixes will be made available, and as soon as those security updates are released, make sure they are applied to all your devices.


Should You Buy Google’s New WiFi Router?

An image of a WiFi router's signal strength.

Will you be buying Google’s WiFi router?

Google is looking extend the reach of your modem with their new WiFi router. Chances are, your house could use something like this. You probably have at least one room that’s a total dead zone. And you’ll wind up avoiding it all day or lifting up your laptop awkwardly to get a better connection.

It doesn’t have to be that way. Google’s WiFi router intends to get rid of those pesky dead zones. They want you to get the most out of your modem. Because you deserve to have the exact internet you paid good money for.

So, how well does it perform? Is it better than the other routers currently out there? What about the price? We’re going to discuss all of that out now. Here’s our review of the new Google WiFi router.

Product Review: Google’s WiFi Router

Setting up the router is pretty simple. All you have to do is download the Google WiFi app on your phone. After that, just follow a few easy instructions and you’re connected.

The reach of Google’s router ranges from 500-1500 square feet. The reach depends on which speed you prefer. If you choose the 2.4 GHz speed, it’ll be longer. But if you want the faster 5 GHz option, your reach will not be as far.

For people that live in a larger home or apartment, one router might not be enough. That’s why Google came up with the Network Assist feature for multiple router homes. So, when you’re moving around the house, Network Assist will immediately connect your device to the one with the fastest connection. This is done seamlessly, so you won’t experience a dropped call or failed download when going from room to room.

For one router, the price is at $129. And buying three in a bundle costs $300 dollars. Compared to other routers with an equal reach that the three routers combined give you, it’s a good deal.

Google is looking to make your WiFi reach further with their new router. And no matter the size of your house, it has you covered. At a fair price for its quality, this product would make a good purchase for anyone.

Why Be On Guard When Using Public Wi-Fi

Whether your favorite hotspot is at McDonalds, Starbucks, or your local library, there are some things that you should know about before you hop on public Wi-Fi and surf the web like it’s business as usual. If you are going to log into an account, use a credit card, or shop while on a public network, here are a few things you should think about concerning Wi-Fi security.

  1. Hackers Love Public Wi-Fi

Why take the chance of hacking a secure network when you can sit in the corner with your coffee and laptop and steal tons of passwords, credit card numbers, and bank accounts from an open network? Hackers are opportunists. Never assume you’re on a public network alone, even if you don’t see anyone. Someone could just as easily be in the parking lot in a car.

  1. Check Your Credentials

Does the Internet at your favorite coffee shop require a password? Either way, you will want to know the SSID. Make sure you are logging onto the right network. A sly scam that hackers pull off regularly is creating an SSID that seems legit. For example, “Free Airport WiFi.” You connect, thinking that the airport has gotten generous. Now you are on the hacker’s Wi-Fi network, and every keystroke you make is being logged.

  1. Use a VPN

If you need to shop, bank, or do anything with your credit cards on a public Wi-Fi network, we strongly recommend using a VPN, or virtual private network. Most have a monthly or annual fee.  A VPN allows you to encrypt your data while you are using public Wi-Fi. Remember, most hackers are opportunists. Few will try to deal with your extra line of defense while there are easier targets around. Plus, a VPN gives you plenty of other benefits too.

In short, we’re not saying that public Wi-Fi is bad in any way. You just need to use caution due to unsavory individuals who take advantage of the lax Wi-Fi security free public networks employ.

Give Your Older Printer WiFi Capabilities

Just about every modern printer comes equipped with WiFi. After all, no one wants to have to plug in to print anymore. Plus, what are all of those tablets and smartphones to do with no way to connect to a printer. That has led to the age of WiFi printers. So do you have to upgrade your printer at the home or office if it doesn’t have WiFi capabilities? Not necessarily. ImageTech has released a couple of devices to turn any printer into one that can handle mobile devices.

The devices are named printUSB and printWiFi. PrintUSB is more suitable for the home setting. It only allows one device to be connected to the printer at a time. Print USB isn’t wireless. It’s just a means for connecting mobile devices that wouldn’t normally have a place to plug in a printer. It is basically a USB hub that lets you attach the mobile device and a printer.

The wireless option, which is much better for an office setting, is called printUSB. An app named printView will let you connect mobile devices to a printer using a wireless connection. Of course, this is also good for a person who needs to work a lot on the go. These are portable devices, and you can quickly attach them to any printer, even one that you don’t have the software for. The only real issue is whether or not someone minds if you reach behind their printer to plug in your device.

We’re talking mere inches for each of these devices that will give your older printer WiFi capabilities, so there is no problem slipping them into the slimmest of laptop cases. Of course, if your home or office printer is old enough to not have a wireless setting, it’s probably time to upgrade anyway, but you can’t expect everyone on the planet to keep up-to-date. PrintUSB and printWiFi may really save you when you need to print something somewhere that has barely made it into the 21st century.

Wireless Network Security

Wireless Network Security Woes Continue

There are different ways to make sure that a wireless network is safe. One method, the wireless equivalent privacy, or WEP, is now considered not as safe as it once were. New research is showing that hard-to-crack wireless security measures, such as using two Wi-Fi protected access, or WPAs, can now be easily broken into. Experts are now encouraging programmers to focus on removing weaknesses from wireless network security systems to prevent further network break-ins.

Wireless internet has made our lives easy in a lot of ways. The convenience of having your phone, computer, TV, and tablet all connected is unmatched. However, with fluid technology comes great risk: It would not be too difficult for someone to hack into the signal that is going between the devices. Most people are willing to take the risk because connecting wirelessly is way easier than having to connect individually using a cable connection.

But, there’s hope. Wireless network security can be achieved if the network setup is done correctly. A system that uses WPA2 can be secure. Depending on the device, you can choose to use temporal key integrity protocol (TKIP) or counter mode cipher block chaining message authentication code protocol (counter mode CBC-MAC protocol or simply CCMP) encryption options to significantly increase security.

Studies have shown a WPA2 password can be broken into, but the longer the password, the harder it will be to break into. On the other hand, if a hacker has what he needs, the deauthentication part of the wireless is more vulnerable. Routers that use WPA2 every so often have to reauthenticate devices. Each time that this happens a new key is used. Researchers claim that this process leaves a door open temporarily, but that window of time might be all the hacker needs to break in. Even if you keep access limited to devices that have a certain identification, the media access control on these devices is still vulnerable.

While research continues crack down on wireless network security issues, Wi-Fi network owners should use the safest security available to them with the most complicated password.

Airborne Computer Virus

First Airborne Computer Virus Infects Wi-Fi

A common cold can spread very quickly, especially in a densely populated area. Coughing and sneezing can send the virus into the air, infecting several people in a short amount of time. Now imagine a computer virus that can do the same thing. It doesn’t have to get directly into your machine. It can use a Wi-Fi network to affect every device in the area. An airborne computer virus was recently discovered that could potentially plague Wi-Fi networks everywhere.

The virus is aptly called “Chameleon” and it sneakily steals information from computers and other devices through the weakest points of Wi-Fi security. People use various wireless access points to connect to the Internet. When a virus is able to spread to all of these various access points in a densely populated area, a virtual endemic can ensue that can easily spread to larger regions.

This particular virus doesn’t do damage to the network itself or to the devices that connect to it. Rather, it steals the network credentials of anyone who connects to the network via the access point. So, how was this airborne computer virus able to spread undetected?

The fact is that nothing is designed to look for a virus at the access point. Viruses are always just on an individual machine or on the Internet waiting to be unwittingly downloaded. Chameleon is the first of its kind: It’s an airborne computer virus that hangs out on a Wi-Fi network itself.

These days, many networks are encrypted and password protected. The virus passes those networks by in favor of reaching an easy target. After all, there are plenty of coffee shops and Internet cafes that attract customers with an open Wi-Fi network. Once word of this virus gets around, however, more establishments may require patrons to get a password from the staff.

Your Android™ Device and Maximizing Its Battery Life

Maximizing Your Android Device’s Battery Life

Do you leave your Android™ phone or tablet on at all times? You probably find yourself having to charge it every day. Sure, we’re making better batteries all the time, but we’re also designing new apps and more powerful devices. The result is that battery life still remains relatively similar to previous devices. Short of buying a spare, how does one eke out a little extra battery life from your phone or tablet?

Some apps waste battery life. To find out which ones take up most juice, check your settings and look at battery usage. From this menu option you can select various features and apps and choose to shut them off or at least change their specs. Stopping apps from running can be rough on your device, so it may mean more resets if you resort to closing them. The better option is to simply uninstall apps that you don’t need or use.

You’ll probably notice that your display is consuming more power than anything else. That makes your brightness setting the number one determining factor in how long your battery lasts. Turning down the brightness too far can result in eyestrain, though, so try to find a happy medium.

Another thing to consider is your device’s wallpaper. Using animated wallpapers drains the battery because they’re constantly running. A static wallpaper is much less intensive for the system. Also, the amount of time that the system waits to sleep can be tweaked. Don’t set it too short lest it hibernates while you’re still using your phone or tablet, but don’t leave it active too long, either, as this wastes battery life as well.

Bluetooth™ or WiFi™ should both be switched off when not in use, as both drain the battery even when you don’t use them. The same is true about location-based services. Anything that continually tries to connect to a satellite or other device is going to use up energy.

As a last resort, you may want to download an app that helps conserve battery life. Look for one with good reviews.

Retailers Are Keeping Tabs On You and Your Phone Is Helping

Any time you walk into your average retail store, they are keeping tabs on you. You don’t have a rent-a-cop tailing you. It’s the store’s Wi-Fi and its accomplice, your smartphone. But you can keep it from happening with a little knowledge of how it works.

It’s a frightening thought that stores are tracking your location down to the display you are standing in front of at all times upon entering the premises. When your Wi-Fi is switched to the on setting, it is constantly searching for a signal. This allows sensors placed in displays around the store to follow you around. By the way, they know more than just that “someone” is there. Your phone’s wireless adapter has a unique address. They know the exact location of the device and who it belongs to.

What is the system keeping tabs on? Things like how frequently you enter the building, where you go when you are there and how long you spend shopping at that location. Video surveillance allows them to add more information to the data they have on you, such as gender, race and a rough estimate of your age.

We’re no strangers to having data collected on us. Stores get the same kind of info from us when we visit their online stores. Of course, we can read the privacy policy there. In store, they leave out the fine print.

Of course, there are potential benefits. Such data gives stores the opportunity to tailor your shopping experience to what you want and need most. On the other hand, there are clear privacy concerns. So what if you want to “opt out”? There’s one simple solution. When you leave your house, shut the Wi-Fi adapter off on all of your mobile devices. Without that turned on, there’s nothing for the store’s Wi-Fi to keep track of.

Wi-Fi and Gesture Recognition Make You Your Own Universal Remote

You’ll never have to walk back from the front door to your bedroom to turn off the light before leaving again – just put your hand up and make the right motion to flip a switch. What about when you are in the kitchen cooking and a song comes up that you don’t like? Don’t wash the raw meat off your hands – just put one of those hands in the air and flip to the next track as if you were at a jukebox.

This is what the world is coming to as computer scientists explore more options in the gesture recognition scope. Gesture recognition isn’t just to make you look silly playing video games anymore – and forget about having to stand in front of a device. Wi-Fi will make it possible to be your own human remote control device from anywhere in your home.

Wireless signals are typically used to let all your devices connect to the Internet or one another – the idea here is to repurpose those wireless signals to pick up specific gestures you make anywhere in the vicinity. All you need is a Wi-Fi router that has been adapted, along with some wireless devices to control. Oh yeah, and your hand!

How does Wi-Fi accomplish this? Unlike present gesture recognition devices, Wi-Fi doesn’t rely on line of sight. Since wireless signal can transmit through walls you can make your gestures from anywhere. Since our bodies have their own frequency we actually affect wireless signals in a very slight way as it is – researchers have just come up with a way to detect these minor shifts.

Presently researchers have the system detecting 9 unique gestures – a study was conducted in which five individuals performed 900 different gestures, and the system was correct 94% of the time.

This makes it the first system of this magnitude that doesn’t require the setting up of cameras or sensors in each room – it just needs an extra antenna for each new person that the system is required to recognize. This ensures that a spastic guest can’t flail around and turn your house into a discotheque! It also keeps the system from getting hacked – you have to perform a specific sequence of gestures as a password.

You may finally be about to get your wish and be able to turn on the coffee maker before you even get out of bed!

Go to Top