Serious Flaw in WPA2 Protocol

Dan Goodin, writing for Ars Technica:

Researchers have disclosed a serious weakness in the WPA2 protocol that allows attackers within range of vulnerable device or access point to intercept passwords, e-mails, and other data presumed to be encrypted, and in some cases, to inject ransomware or other malicious content into a website a client is visiting.

The proof-of-concept exploit is called KRACK, short for Key Reinstallation Attacks.

This is bad.

Rene Ritchie, writing for iMore:

Apple has confirmed to me that the KRACK exploit has already been patched in iOS, tvOS, watchOS, and macOS betas. As soon as the updates leave beta, they’ll be pushed out to everyone. We’ll have to wait and see how fast other manufacturers are to respond, and how many of our connected devices receive updates.

Jason Tate
Jason Tate Jason Tate is the founder and editor-in-chief of He can also be found at @jason_tate on Twitter and on Facebook.