If you are running Windows 7 or a more recent version and applied the patches from last Tuesday then you are essentially immune to KRACK attack, however older Android OS, Chromium, Linux, OpenBSD and Android Wear 2.0 are. There are several attacks that can be carried out via this vulnerability but all rely on modifying the key which connected devices use to protect data transferred over the wireless network. KRACK replaces that key with one which the attacker has crafted, which allows them to intercept and decrypt packages sent over the wireless network, or to send there own disguised as an authenticated system. Depending on the security you use and the OS you are on the attacker can carry out a variety of tasks, which Ars Technica describes in full.
If you are running an older Android device, especially one which no longer receives regular updates you should be concerened, Apple will offer a patch soon as will Google; for now if you have an up to date installation of Windows, the risks have been minimized thanks to the recent patches from Microsoft.
"While Windows and iOS devices are immune to one flavor of the attack, they are susceptible to others. And all major operating systems are vulnerable to at least one form of the KRACK attack. And in an addendum posted today, the researchers noted that things are worse than they appeared at the time the paper was written."
Here is some more Tech News from around the web:
- Dubai Police Get Hoverbikes @ Slashdot
- IT at sea makes data too easy to see: Ships are basically big floating security nightmares @ The Register
- Linux vulnerable to privilege escalation @ The Register
- Romoss U-Style Red 10000mAh Power Bank Review @ NikKTech