Wi-Fi Security Cracked

History of Wi-Fi security

When Wi-Fi first appeared, it used an encryption system called WEP (Wired Equivalent Privacy). That soon got hacked, so the privacy level clearly didn’t provide the same level of privacy as using wires after all. WEP was replaced by a new system called WPA (Wireless Protected Access). That got hacked as well, and was therefore replaced by yet another system called WPA2 (Wireless Protected Access version 2). We’ve all been using WPA2 quite happily until now, but some security researchers have recently found a problem with that too. What a surprise.

What’s Wrong with WPA2?

Without getting too technical, WPA2 has a weakness that can be exploited by hackers who are in range of your Wi-Fi equipment, including desktop computers, laptops, tablets, mobile telephones, and wireless routers. At the time of writing, the manufacturers of affected Wi-Fi equipment are scrambling to come up with fixes for the problem, and when they do, it’ll be up to us to apply their ‘patches’ to our equipment.

Can hackers see what I’m doing?

When you visit a secure website (one that has a name beginning with ‘https://’) there’s an extra level of security between the device you‘re using to view the website and the computer where the website ‘lives’. This is on top of the WPA2 security that works between your viewing device and the nearby wireless router. So even if a hacker manages to monitor the Internet traffic flowing between your viewing device and the router, all they’ll see is a stream of what looks like gibberish, because of the extra level of encryption. However, when you visit a website with a name that doesn’t begin with ‘https://’, an attacker could potentially see what you’re doing and even interfere by changing or injecting information.

Fixing the WPA2 problem

Patching up desktop computers and laptops will just be a simple matter of downloading and installing updates, some of which are available already. However, the situation will be more complicated for tablets and mobile telephones as there are so many different makes and models. For wireless routers and similar equipment the updates won’t be easy to apply at all, because they’ll involve the installation of new ‘firmware’. That’s often a non-trivial process that needs to be done carefully to avoid ruining the equipment. Also, the manufacturers of older Wi-Fi equipment may no longer be providing fixes for their out-of-date hardware, and might even have gone out of business.

Can I just change my Wi-Fi password?

No, changing your Wi-Fi password will not solve this problem.