If you are running Windows 7 or a more recent version and applied the patches from last Tuesday then you are essentially immune to KRACK attack, however older Android OS, Chromium, Linux, OpenBSD and Android Wear 2.0 are. There are several attacks that can be carried out via this vulnerability but all rely on modifying the key which connected devices use to protect data transferred over the wireless network. KRACK replaces that key with one which the attacker has crafted, which allows them to intercept and decrypt packages sent over the wireless network, or to send there own disguised as an authenticated system. Depending on the security you use and the OS you are on the attacker can carry out a variety of tasks, which Ars Technica describes in full.
If you are running an older Android device, especially one which no longer receives regular updates you should be concerened, Apple will offer a patch soon as will Google; for now if you have an up to date installation of Windows, the risks have been minimized thanks to the recent patches from Microsoft.
"While Windows and iOS devices are immune to one flavor of the attack, they are susceptible to others. And all major operating systems are vulnerable to at least one form of the KRACK attack. And in an addendum posted today, the researchers noted that things are worse than they appeared at the time the paper was written."
Here is some more Tech News from around the web:
- Dubai Police Get Hoverbikes @ Slashdot
- IT at sea makes data too easy to see: Ships are basically big floating security nightmares @ The Register
- Linux vulnerable to privilege escalation @ The Register
- Romoss U-Style Red 10000mAh Power Bank Review @ NikKTech
Speaking of cracks(1) that
Speaking of cracks(1) that are not hard to Krack one must not forget that pawnware Tat with the mostest cracks ->Flash<- by that Tat Maker Extraordinaire Adobe. And there we have a new Zero Day for that every day is a Zero Day Flash Tat from Adobe. Adobe Flash, Are we Pawned Yet! (1) "Here's a timeless headline: Adobe rushes out emergency Flash fix after hacker exploits bug So much for that security-patch-free October" http://www.theregister.co.uk/2017/10/16/adobe_flash_emergency_patch/