KRACK Kills! Or At Least It Will Compromise All Your Wifi Traffic!

[Jonny Kansas]

Yep, my bad. I got it backwards, newer Android versions are more vulnerable and not less vulnerable. But the main way to stay safe hasn't changed....avoid public WiFi. This hack doesn't infect your phone, it happens at the WiFi router / source of connection. If you do that you should be fine.

Sent from my XT1650 using Tapatalk

To add to this, for someone to do anything, they'd have to physically be in range of the network you're on. They CAN sniff data going to and from your device and the router. They CAN inject malware as you're trying to access legit websites. But, there isn't really a ton of Android malware out there to be worried about and the chances of someone having this exploit, being in range of your network, and knowing you have an Android device, and having malware to shoehorn in to your legit connection are pretty low.

Additionally, they can sniff for packets and collect data, but if the sites you're visiting are using https (most are these days), the data remains encrypted and unreadable.

Further, I know I was looking through the list in the link that @me just sayin posted in post #7. Netgear, specifically, as that's the brand of router I use at home. According to the Netgear site, this only affects routers and etc that are running in bridge mode, which none of their devices do out-of-the-box. You'd have to set it up to run in bridge mode for specific use cases. Again, if you're only using sites that are https instead of http, the data remains encrypted and unreadable.

While this is a rather disheartening exploit, it's not as earth-shattering as it has originally been made out to be.

Make sure your routers and devices have the latest available patches, use https as much as possible, and you should be fine.

 

[Sajo]

Thanks for the additional clarification Jonny. [emoji106]. That's the kind of info people need to know; that this is not as scary as originally made out to be. It's sad how each new vulnerability (and there will be many more) is over exaggerated in many Tech Media sites & articles. Heck... look at the title of this official news thread, it's a little misleading and doomy & gloomy.

Sent from my XT1650 using Tapatalk

 

[Jonny Kansas]

Wow. The new Tapatalk is kinda cool, but also kinda sucks. If I scroll to the top of a thread, I can't seem to get back down to the bottom.

There's definitely reason to be vigilant, but as the dust settles, we often find out that things aren't as bad as they appear, that's for sure.

I think the title of this thread is ok. The exploit CAN compromise your data, it's just not as likely as someone sitting at a computer thousands of miles away & compromising your data. & KRACK kills is a silly joke in my book.

It's hard to find the fine line where the proper amount of worry & caution lie. This exploit COULD cause some serious issues for some people, but it won't be widespread because of the need to physically be in range of the network.

Sent from my Pixel XL using Tapatalk

 

[me just sayin]

a quick online search using krack hype will show the experts are now saying it is mostly hype and it is nothing to really worry about.

 

[SMYDSMITH]

a quick online search using krack hype will show the experts are now saying it is mostly hype and it is nothing to really worry about.

Just got an update on my z2 force wonder if it was the fix

Sent from my Moto Z (2) using Tapatalk