Security researchers have found a new critical security flaw dubbed "Krack" (Key Reinstallation Attacks) that affects literally every WiFi router and smart phone in use today. The reason? The security flaw resides in the WiFi standard itself, rather than in a third-party product.
In addition to being vast in scope and scale, Krack is a particularly nasty, versatile flaw, allowing hackers to intercept credit card numbers, passwords, photos and a whole host of sensitive personal information.
It works like this: A hacker finds a vulnerable WPA2 network, and then makes an exact copy of it, including impersonating the MAC address. This clone then serves as a "man in the middle" allowing the hacker who controls it to intercept everything passing through it.
WPA2 encryption requires a unique key to encrypt each block of plain text, but because Krack attacks make a copy that's indistinguishable from the original, they're able to use the same encryption key.
As bad as that is, it gets worse for Android and Linux users. Thanks to a bug in the WPA2 standard, these devices don't force the client to demand a unique encryption key with each use. Instead, they allow the key to be "zeroed out," literally creating an encryption key containing all zeroes, which interferes with a key part of the handshake process.
In addition to that, hackers can deploy specialized scripts that can cause the connection to bypass HTTPS, which leaves passwords and other normally protected data exposed.
If there's a silver lining, it is that the attack can't be used to target routers directly, but honestly, that's not much of a silver lining, because the potential damage this new vector could cause is virtually without limit.
Unfortunately, until a patch is released, there's not much you can do, short of turning off WiFi altogether. This may work for smartphone users, but it is simply impractical for routers.
There's some good news, though. The fix should be relatively easy to implement, although no ETA has been given at this point.
Late last year, Yahoo announced that it was the victim of the largest data breach in history. It impacted, by their initial estimates, fully one third of their user base, some one billion users.
As it turns out, Yahoo’s estimates were wildly inaccurate. Literally every person who had a Yahoo account in 2013 was impacted, making the total in the neighborhood of three billion accounts (yes, that’s billion, with a “B”).
If you’re a Yahoo user, and have had your account since 2013 or before, then your account was impacted, regardless of if you received a notification from the company.
You may be tempted to simply delete your account, especially if it’s one you no longer use on a regular basis, but don’t. Yahoo’s policy is to recycle defunct accounts after thirty days, meaning your account can be hijacked by anyone if you delete it.
The best bet is to change your password immediately and enable two-factor authentication to provide an added layer of protection.
Also, if you’re in the habit of using the same password across multiple websites, be sure to change any that share your Yahoo.com account’s password. One of the first things a hacker will try is to use compromised credentials on other accounts. If you don’t take immediate action, you’re essentially handing the hackers the keys to your digital kingdom and opening yourself up to identity theft, compromised bank accounts and credit cards and more.
In fact, this would be a great time to simply get out of the habit of using the same password across multiple web properties. It’s a bad habit, and if it’s one you’ve developed, then it’s time to make a change. True, it’s not as convenient, and having to remember multiple passwords can sometimes be annoying, but isn’t your digital security worth it? And the best way to maintain different passwords for each site is to use a password manager. I recommend LastPass. Click the link for a free month of premium.
Welcome to PC Tech for Hire, Montgomery Alabama's affordable residential and small business computer repair and service provider.
A wireless router is quickly becoming one of the most critical pieces of electronic equipment in most homes. Serving as a virtual gateway to both the home network and the internet, we have become increasingly more dependent upon this device than ever before. Whereas just a few years ago the only things connected to a router were one, or perhaps 2 computers, in many homes today we have gaming consoles, smart phones, tablets, printers, smart TV’s and streaming media devices (e.g. Roku, Apple TV, etc.), appliances, as well as laptop and desktop computers all requiring access to the internet. An older router can become a bottleneck as all of these devices compete for bandwidth. If your router is more than a few years old, you may want to consider replacing your device with one which will better serve your home networking needs.
What is a router and why do I need one?
Quite simply a router allows information from devices on one network (e.g. your home network) to connect to devices on another network (e.g. the internet), either via wires (Ethernet cable) or wirelessly. A home router may be a separate piece of equipment from the modem (the appliance which actually connects you to the internet), or the router and modem may be combined into one unit. If you have multiple devices which need to access each other or the internet, you need a router.
Your First Consideration: Buy or Rent?
Many folks choose to use whatever piece of equipment that is supplied by their Internet Service Provider (ISP). What they may not be aware of, though, is that there is usually a monthly charge of between $8.00-$10.00 to “rent” this device. While that might not seem like a lot of money, over time those monthly charges accumulate and supersede the actual value of the device many times over. The good thing about this arrangement is that if the modem/router exhibits problems or stops working, customers can usually get a replacement at no charge. However, most home modems and routers have fairly basic settings, do not offer the latest features and cannot always be configured the way that the customers may prefer. Therefore, it may be a good idea for home users to purchase their own equipment. Routers, like many other electronic gadgets, have come down in price significantly over the past few years. However, it can be a little intimidating for many folks to know just what to buy, especially since routers range in price from $40.00-$250.00. Let’s take a look at the differences.
Breaking down the specs:
Single Band or dual band: Remember that routers are basically small radio transmitters and receivers. Most routers broadcast on either one or two frequencies: 2.4 Ghz and 5 Ghz. Older routers (802.11b/g standard) only use 2.4 Ghz band. Routers utilizing the N wireless standard can broadcast on both bands (sometimes called mixed mode). While many wireless devices, including things like baby monitors and garage door openers, can cause signal interference on the 2.4 Ghz band, it does offer greater coverage than the 5 Ghz band. Newer routers which use the 802.11ac standard only use the 5 Ghz.
Wireless standards: b/g, n, ac – The oldest wireless standard in common use today is the b/g standard. Most new devices (bought within the past 3-4 years), utilize the N standard. The ac standard has come out within the past couple year, though not all equipment (phones, computers, tablets, etc.) are using this standard yet. While this alphabet soup of standards can be confusing, just remember that the more recent standards offer better performance (faster data throughput, more devices communicating simultaneously) and greater coverage (i.e. you can be further away from the router and still connect.)
Mbps: The speed at which data travels over the network via the wireless signal is called Megabits per second. Older routers which utilize the b/g standard typically provided 54 Mbps throughput. However, this could be less the further away you are from the router. The newer standards, N and ac, are advertising 150 Mbps, 300 Mbps or even higher. However, whether or not you actually get these speeds will depend on whether or not the router and the wireless device you are using (phone, laptop, etc.) are both operating on this standard. That is, if you have a fast, new router, but if you have older wireless equipment on the other end, the connection will not be any faster.
Security standards: All new routers being sold today have WPS2 wireless encryption. This enables home users to “lock down” their wireless networks so that only users who have the password to the router can connect to the network.
Many of the differences in prices for routers are due to the extra bells and whistles that they offer. The higher-priced ones, of course, usually offer more features or provide greater coverage and performance. Many routers today actually allow two separate networks – a regular internal home network in which all of the devices (computers, printers, etc.) are permitted to “talk” to each other, and a guest network (with a separate password) which only grants users access to the internet. It can be helpful to offer guest network access to visitors in your home who only need internet access for a short time. Some routers include USB ports into which you can plug a flash drive or external hard drive. Router configuration settings can be saved to these removable devices and they can also be configured to share the storage space across the network. Likewise, some routers offer slots for SD cards (commonly used in cameras, phones, tablets, computers, etc.) to make sharing data on the network a little easier. For those who need their wireless network to cover a large area, such as two floors in a home, some routers offer a bridge mode which essentially allows them to re-broadcast the signal from another router, thereby extending the range of the wireless network.
Though router manufacturers have attempted to make setting up a new router less complicated, it can still be intimidating for many home users to navigate all of the various settings and connections. If you need some assistance to get the most out of your home router, or if you are thinking of upgrading your device and need some guidance, please send me a note or give me a call.
Want a discount? Like my Facebook page for 10% off your next service call. This includes any service I offer, including the Windows 10 upgrade special in this article. The discount is limited to one time per customer.
Welcome to PC Tech for Hire, Montgomery Alabama's trusted residential and small business computer repair and service provider.
Before getting to the topic, I want to encourage you to visit my blog next Thursday, the 27th of November, for a special announcement!
All About Net Neutrality
You've probably heard about something called net neutrality in the news. It sounds about as exciting as dry toast, right? But it’s an important concept and I’d like to explain why. This won’t take long, promise! (If you’re more of a visual person, here’s a quick two-minute video explaining it all: https://www.youtube.com/watch?v=L11kLmWha6o )
So what IS “net neutrality”? According to Wikipedia, “Net neutrality (also network neutrality or Internet neutrality) is the principle that Internet service providers and governments should treat all data on the Internet equally, not discriminating or charging differently by user, content, site, platform, application, type of attached equipment, and modes of communication.” Sounds pretty good, right? This is, more or less, the system the internet functions on right now. However, in May of this year, the Federal Communications Commission proposed rules that could change all that. Under the new rules, telecom giants like Comcast, Charter, AT&T and others could create a tiered-internet system--pay to play, if you will--where they get to pick and choose what you get access to for a price. Consider how your satellite or cable TV service works right now. Charter offers several packages to choose from, starting with the most basic tier. The basic one gets you a few basic channels (and a bunch of other ones nobody really wants) for cheap. Pay more and you get more channels. If there’s just one channel you want but it’s in a tier above what you have, you have to pay for that whole other level just for that one channel, like it or not. Or you may not be able to get that channel at all. Maybe your provider doesn't carry BBC America for whatever reason. You’re out of luck! So far the internet doesn't work like this. You can go to any site you like and your Internet Service Provider doesn't choose how fast you can get there, other than the limitations of your modem and copper/cable lines. “Net neutrality creates an even playing field among content providers — both large and small — to the web. And it's great for consumers because they can access everything they want online for no extra charge. Right now, consumers control what they see online — not Internet access providers — and that's thanks in large part to net neutrality,” says Business Insider. But again, all that could change if corporations like Comcast get their way. “Without net neutrality, the company that you pay for internet access could charge you more to visit certain web sites, or could block some sites altogether. Or they could also just slow some web sites down: for example the Comcast video site might work very well, while YouTube would be slow, etc.” says Business Insider.
If you don’t think this is a good idea, you’re not alone. Here are ways you can take action: http://www.savetheinternet.com/blog/2014/05/16/net-neutrality-so-now-what
Hi! I'm Ronnie, your PC Tech for Hire for the Montgomery, AL area! Let me know if you need my 25+ years of experience to help you with your computer needs.