When Wi-Fi first appeared, it used an encryption system called WEP (Wired Equivalent Privacy). That soon got hacked, so the privacy level clearly didn’t provide the same level of privacy as using wires after all. WEP was replaced by a new system called WPA (Wireless Protected Access). That got hacked as well, and was therefore replaced by yet another system called WPA2 (Wireless Protected Access version 2). We’ve all been using WPA2 quite happily until now, but some security researchers have recently found a problem with that too. What a surprise.
Without getting too technical, WPA2 has a weakness that can be exploited by hackers who are in range of your Wi-Fi equipment, including desktop computers, laptops, tablets, mobile telephones, and wireless routers. At the time of writing, the manufacturers of affected Wi-Fi equipment are scrambling to come up with fixes for the problem, and when they do, it’ll be up to us to apply their ‘patches’ to our equipment.
When you visit a secure website (one that has a name beginning with
‘https://’) there’s an extra
level of security between the device you‘re using to
view the website and the computer where the website
‘lives’.
This is on top of the WPA2 security that works between your viewing device
and the nearby wireless router.
So even if a hacker manages to monitor the Internet traffic flowing
between your viewing device and the router, all they’ll see
is a stream of what looks like gibberish, because of the extra
level of encryption.
However, when you visit a website with a name that
doesn’t begin with
‘https://’,
an attacker could potentially see
what you’re doing and even interfere by changing or injecting
information.
Patching up desktop computers and laptops will just be a simple matter of downloading and installing updates, some of which are available already. However, the situation will be more complicated for tablets and mobile telephones as there are so many different makes and models. For wireless routers and similar equipment the updates won’t be easy to apply at all, because they’ll involve the installation of new ‘firmware’. That’s often a non-trivial process that needs to be done carefully to avoid ruining the equipment. Also, the manufacturers of older Wi-Fi equipment may no longer be providing fixes for their out-of-date hardware, and might even have gone out of business.
No, changing your Wi-Fi password will not solve this problem.