85      iPhone_iPad_Mac_apple

Major Wi

Major Wi-Fi Vulnerabilities Uncovered Put Millions of Devices at Risk, Including Macs and iPhones

An attacker within range of a victim can exploit these weaknesses using so-called KRACKs, or key re-installation attacks, which can result in any data or information that the victim transmits being decrypted. Attackers can eavesdrop on network traffic on both private and public networks.

As explained by Ars Technica, the primary attack exploits a four-way handshake that is used to establish a key for encrypting traffic. During the third step, the key can be resent multiple times. When it's resent in certain ways, a cryptographic nonce can be reused in a way that completely undermines the encryption.

As a result, attackers can potentially intercept sensitive information, such as credit card numbers, passwords, emails, and photos. Depending on the network configuration, it is also possible to inject and manipulate data. For example, an attacker might be able to inject ransomware or other malware into websites.

Note that the attacks do not recover the password of any Wi-Fi network, according to Vanhoef. They also do not recover any parts of the fresh encryption key that is negotiated during the four-way handshake.

Does anyone know if Apple pushed a patch for this already or not ?

Hi,

Also, the router should be updated by the router company. In the meantime, use Ethernet if possible.

最後更新：2017-10-19 01:55:18

  上一篇： New Ipad 5th generation text messages

  下一篇： Apple Watch won't Pair