wi-fi


'wi-fi' Articles

Apple Says 'KRACK' Wi-Fi Vulnerabilities Are Already Patched in iOS, macOS, watchOS, and tvOS Betas

Apple has already patched serious vulnerabilities in the WPA2 Wi-Fi standard that protects many modern Wi-Fi networks, the company told iMore's Rene Ritchie this morning. The exploits have been addressed in the iOS, tvOS, watchOS, and macOS betas that are currently available to developers and will be rolling out to consumers soon. A KRACK attack proof-of-concept from security researcher Mathy Vanhoef Disclosed just this morning by researcher Mathy Vanhoef, the WPA2 vulnerabilities affect millions of routers, smartphones, PCs, and other devices, including Apple's Macs, iPhones, and iPads. Using a key reinstallation attack, or "KRACK," attackers can exploit weaknesses in the WPA2 protocol to decrypt network traffic to sniff out credit card numbers, usernames, passwords, photos, and other sensitive information. With certain network configurations, attackers can also inject data into the network, remotely installing malware and other malicious software. Because these vulnerabilities affect all devices that use WPA2, this is a serious problem that device manufacturers need to address immediately. Apple is often quick to fix major security exploits, so it is not a surprise that the company has already addressed this particular issue. Websites that use HTTPS offer an extra layer of security, but an improperly configured site can be exploited to drop HTTPS encryption, so Vanhoef warns that this is not a reliable protection. Apple's iOS devices (and Windows machines) are not as vulnerable as Macs or devices running Linux or Android because the vulnerability

Major Wi-Fi Vulnerabilities Uncovered Put Millions of Devices at Risk, Including Macs and iPhones

Mathy Vanhoef, a postdoctoral researcher at Belgian university KU Leuven, has discovered and disclosed major vulnerabilities in the WPA2 protocol that secures all modern protected Wi-Fi networks. Vanhoef said an attacker within range of a victim can exploit these weaknesses using so-called KRACKs, or key reinstallation attacks, which can result in any data or information that the victim transmits being decrypted. Attackers can eavesdrop on network traffic on both private and public networks. As explained by Ars Technica, the primary attack exploits a four-way handshake that is used to establish a key for encrypting traffic. During the third step, the key can be resent multiple times. When it's resent in certain ways, a cryptographic nonce can be reused in a way that completely undermines the encryption. As a result, attackers can potentially intercept sensitive information, such as credit card numbers, passwords, emails, and photos. Depending on the network configuration, it is also possible to inject and manipulate data. For example, an attacker might be able to inject ransomware or other malware into websites. Note that the attacks do not recover the password of any Wi-Fi network, according to Vanhoef. They also do not recover any parts of the fresh encryption key that is negotiated during the four-way handshake. Websites properly configured with HTTPS have an additional layer of protection, but an improperly configured site can be exploited to drop this encryption, so Vanhoef warned that it is not reliable protection. Since the vulnerabilities exist

Wi-Fi Mesh System Luma Launches $5/Month Service With VPN, Priority Tech Support, and More

Similar to devices like Eero and Google Wi-Fi, Luma is a Wi-Fi mesh system that launched in 2015, providing users with whole home Wi-Fi, parental controls, and network security scanning. Today, the company announced a new optional subscription model is coming to its mesh router, called "Luma Guardian," and it introduces a privacy VPN, antivirus software, ISP speed monitoring, and priority tech support for $5 per month. According to Luma CEO Paul Judge, who spoke with TechCrunch, the reason behind the subscription service is related to all of the security issues that Luma discovered within its customers' networks over the years. Luma Guardian is a way for the company to dedicate time and resources to addressing those issues for the "thousands and thousands" of homes with its mesh Wi-Fi system. It was also one of the earlier home networking devices to bake IoT security into its system, and as a result, the company spotted security problems in around two-thirds of the “thousands and thousands” of homes that currently sport a Luma. “We’d been blocking them, and the next step was, how do we go to their devices and clean them up?” Judge tells TechCrunch. “How do we install antivirus and clean up the infections on those devices? For 15 years, we built networking and security equipment for companies. You can have the best equipment in the world, but at the end of the day, they had a team to manage it all. Having someone there who pays attention is key.” Luma's system already comes with a few security measures, including anti-malware, IoT cyber security, and new device

Eero Reveals 2nd Gen Router, Wi-Fi Extending 'Beacon', Internet Security Service, and iOS App Update

Whole-home Wi-Fi company eero today announced two new pieces of hardware, a refresh to its iOS app, and a new premium internet security service called "eero Plus." The new, second-generation version of eero is the same size and form factor as the previous version, but includes twice the power according to the company. Simply called eero (2nd generation), the new router includes next-generation mesh network technology, which eero calls "TrueMesh," to ensure that eero can adapt to any home in which it's placed. eero (2nd generation) and eero Beacon If users stock their home with three eeros, they can even gain access to tri-band Wi-Fi, which broadcasts on three wireless radio bands simultaneously, generating a multi-user experience that doesn't create lag for anyone in the home. As an example, eero said users will be able to download huge files, run a FaceTime call, or compete in a multiplayer game all at the same time, and the routers will provide the same Wi-Fi quality to each experience without compromise. Once an eero (1st or 2nd generation) is connected to a network's modem, users will be able to introduce the company's all new eero Beacon into their network. eero Beacon is a full-fledged access point which the company says has 30 percent better performance than the original eero, but the Beacon is built for portability and plugs directly into any wall outlet. Our vision for eero is to go beyond providing perfect connectivity by adding context and intelligence to our homes. As everything in our homes comes online, and we consume more and more content over

Linksys Debuts Its First 2-in-1 Cable Modem and Wi-Fi Router

Linksys today introduced its first 2-in-1 wireless router and cable modem. The emphasis should be on "cable" in that sentence, as Linksys already sells a handful of routers with built-in DSL modems for internet over a telephone line. The Linksys CG7500 supports many of the latest wireless standards, including 802.11ac Wi-Fi, IPv6, and beamforming technology. The AC1900-speed router has 3X3 internal dual-band 2.4 GHz and 5 GHz antennas, 24x8 channels, four Gigabit Ethernet ports for high-speed wired connections, and one USB 2.0 port. The modem is DOCSIS 3.0 certified, meaning it is compatible with Comcast Xfinity and Charter Spectrum in the United States, and many other major cable providers, for internet plans with theoretical speeds of up to 300 Mbps. Linksys says it can be used with 12+ devices at once without any lag or buffering. 2-in-1 modems and routers are often considered worse than a separate router and modem combination, but the CG7500 is worth considering for anyone that wants to stop renting a modem from their cable company. For most people, it'll likely provide good enough Wi-Fi in a medium-sized house or apartment. Linksys is accepting pre-orders for the CG7500 on its website for $199.97 in the United States. It'll be available from Amazon, Best Buy, B&H, Micro Center, New Egg, Office Depot, Target, Walmart, Fry's, and Meijer on May 15. Competing 2-in-1 options include the NETGEAR AC1900 Nighthawk for around the same price of $198.99, and the Arris SURFboard SBG6900-AC with a reduced 16x4 channels for a current sale price of $167.99 (regular

Caltech Accuses Apple of Violating its Patented Wi-Fi Technologies

Apple and Broadcom have been jointly named as defendants in a legal complaint filed by the California Institute of Technology last week over alleged infringement of its various patented Wi-Fi-related technologies. Caltech's patents, granted between 2006 and 2012, are highly technical and relate to IRA/LDPC codes that utilize simpler encoding and decoding circuitry for improved data transmission rates and performance. The technologies are implemented in both the 802.11n and 802.11ac Wi-Fi standards used by many Apple products. In the court filing with the U.S. District Court for Central California, Caltech accused Apple of selling various iPhone, iPad, Mac, and Apple Watch models, along with other Wi-Fi products, that incorporate these IRA/LDPC encoders and/or decoders and thereby infringe upon the four asserted patents in question.Apple manufactures, uses, imports, offers for sale, and/or sells Wi-Fi products that incorporate IRA/LDPC encoders and/or decoders and infringe the Asserted Patents. Apple products that incorporate IRA/LDPC encoders and/or decoders and infringe the Asserted Patents include, but are not limited to, the following: iPhone SE, iPhone 6s, iPhone 6s Plus, iPhone 6, iPhone 6 Plus, iPhone 5c, iPhone 5s, iPhone 5, iPad Air, iPad Air 2, iPad Pro, iPad Mini 4, iPad Mini 3, iPad Mini 2, MacBook Air [and] Apple Watch.Apple has at least temporarily pulled stock of its AirPort Extreme and Time Capsule Wi-Fi base stations from its U.S. stores, but it's unclear if the move is related. Broadcom, as one of Apple's main suppliers of Wi-Fi chips, is also

FCC Warns Hotels About Intentionally Blocking Wi-Fi Hotspots

The U.S. Federal Communications Commission on Tuesday issued a public enforcement advisory that warns hotel chains and other commercial establishments about intentionally blocking or interfering with Wi-Fi hotspots. The FCC's Enforcement Bureau claims that interfering with Wi-Fi hotspots is illegal and that it will take appropriate action against violators by imposing substantial fines. The warning follows an FCC investigation in which the government agency discovered a so-called "disturbing trend" where hotels and other commercial establishments were purposefully blocking wireless customers from connecting to their Wi-Fi hotspots. Marriott Hotels was found to have "deployed a Wi-Fi deauthentication protocol" to block customers from accessing Wi-Fi and agreed to pay a $600,000 fine. iPhone users have long resorted to Personal Hotspot to turn their cellular data connection into a Wi-Fi network for the purpose of tethering a Mac or other connected device. Apple made Personal Hotspot more convenient in iOS 8 with te">Instant Hotspot, a new feature that automatically detects when an iPhone is within close range of an iPad or Mac and displays the device in the list of available Wi-Fi