Head blueLogoText.gif NCF HelpWiki
Help | StartPage

Difference between revisions of "KRACK Vulnerability"

From Support
Jump to navigation Jump to search
Line 26: Line 26:
# Connected your devices where possible to the modem by ethernet especially if there is not security update available for them yet.
# Connected your devices where possible to the modem by ethernet especially if there is not security update available for them yet.
# Use HTTPS to connect to secured services and websites. This means information transmitted to such web pages will have end-to-end encryption. Web pages that use HTTPS or another secure connection will include HTTPS in the URL.
# Use HTTPS to connect to secured services and websites. This means information transmitted to such web pages will have end-to-end encryption. Web pages that use HTTPS or another secure connection will include HTTPS in the URL.
#* Check on your browser's address bar to ensure the. If your browser shows a little lock in the address bar and says "secure," you should be safe.  [[File:HTTPS_ncf.PNG|300px|thumb|right|NCF website showing secure logo]]
#* Check on your browser's address bar to ensure the. If your browser shows a little lock in the address bar and says "secure," you should be safe.  [[File:HTTPS_ncf.PNG|300px|thumb|left|NCF website showing secure logo]]
#* HTTPS Everywhere on Chrome [https://chrome.google.com/webstore/detail/https-everywhere/gcbommkclmclpchllfjekcdonpmejbdp]
#* HTTPS Everywhere on Chrome [https://chrome.google.com/webstore/detail/https-everywhere/gcbommkclmclpchllfjekcdonpmejbdp]
#* HTTPS Everywhere on Mozilla Firefox [https://addons.mozilla.org/en-US/firefox/addon/https-everywhere/]
#* HTTPS Everywhere on Mozilla Firefox [https://addons.mozilla.org/en-US/firefox/addon/https-everywhere/]

Revision as of 13:55, 3 November 2017

Disclaimer: This page is specifically written to help members with limited technical knowledge or experience understand the most relevant aspects of this topic for them. We include some helpful links below for further study.

What is KRACK?

  • KRACKs stands for Key Reinstallation Attacks and describes attacks on Wi-Fi networks using weaknesses in WPA2 protocol which secures most modern protected Wi-Fi networks.
  • KRACKs allows attacker to read and access information on your wifi network that was considered secured.
  • Wi-Fi networks use a password through WPA2 for 2 general purposes:
    • Control who can connect to the network; and
    • Encrypt (or conceal) the data shared over the network between the access point (Modem or Router) and clients (computers, phones, tablets, etc). Encryption is done by the Wi-Fi password to generate an even stronger key that is used to scramble the data between the access point and client.

Why should I care?

  • WPA2 is widely used and presently the strongest form of Wi-Fi security available to the average person including modems configured by NCF.
  • Almost every client device is vulnerable to KRACK whether on Wi-Fi at home or elsewhere.
    • Variations of KRACK can be used against clients of various kinds including devices running Android, Apple OSes, Windows and Linux.

Important Things to Note:

  • NCF modems with standard configuration are not vulnerable to KRACK however your client devices may be.
    • However, once firmware updates are provided by our modem providers we will make them available for members.
  • Vulnerability vs Infection: Be vigilant but do not be anxious. A security vulnerability on a device does not mean that device is already infected or has a high likelihood of being infected. Follow the recommendations below to guard against this vulnerability and keep informed.
  • Proximity: An attacker needs to be within wireless range of your network that (close enough to connect to your wifi).
  • Time: This attack works during the periods of connection and reconnection of your client device to a wifi network. As such, an attacker has a very limited time window in which to try employing this attack (usually a few seconds).

What should I do?

  1. Update the operating system on your phone, computer and other client devices when they receive security updates.
    • You can check if your client devices have received updates at the following link
  2. NCF recommends that you do not use public wifi. KRACK is just one of many known security risks associated with using public wifi. Using a trusted VPN service is one way of keeping your data encrypted on public wifi.
  3. Connected your devices where possible to the modem by ethernet especially if there is not security update available for them yet.
  4. Use HTTPS to connect to secured services and websites. This means information transmitted to such web pages will have end-to-end encryption. Web pages that use HTTPS or another secure connection will include HTTPS in the URL.
    • Check on your browser's address bar to ensure the. If your browser shows a little lock in the address bar and says "secure," you should be safe.
      NCF website showing secure logo
    • HTTPS Everywhere on Chrome [1]
    • HTTPS Everywhere on Mozilla Firefox [2]
  5. Consider using a VPN service. You can learn more about VPN services here

How can I learn more?