The new Wi-Fi standard is not secure at all
|The new Wi-Fi standard is not secure at all|
When the Wi-Fi Alliance released the next-generation WPA3 security protocol in January this year, they claimed it was almost impossible to hack. But it seems that the protocol that is supposed to replace the current WPA2 would not be nearly as impenetrable.
Namely, computer security experts have published the results of research according to which WPA3 has several serious design flaws due to which it can be the target of the same attacks with which WPA2 has problems.
The new protocol was primarily supposed to solve problems with the encryption process known as Dragonfly. But the solution used still allows hackers close to your smartphone or laptop to relatively easily crack your password if it is too short or not random enough.
The researchers were able to break through WPA3 using cheap and relatively simple bare-force attacks, as well as features that make the protocol compatible with WPA2. So they managed to break into Samsung’s Galaxy S10 even though it was connected to Wi-Fi by a network that only supports WPA 3.
This is a problem because it will probably be a long time before all Wi-Fi networks are compatible with the new protocol, and in the meantime, due to the rise of the Internet of Things, more and more devices will be interconnected, including Wi-Fi. During this transition period, WPA3 will be just as vulnerable as WPA2.
And that’s not the only flaw researchers have come across. They discovered, for example, at least two more ways a hacker could get hold of your passwords. They warned that the flaws could have been avoided if the Wi-Fi Alliance had cooperated more with experts outside its ranks during the development of the new protocol.
The Wi-Fi Alliance is aware of the flaws. They claim that WPA3 is still in the early stages of development and that the manufacturers who implemented it have already received security software upgrades to patch them, writes Gizmodo.