If your device supports Wi-Fi, it is most likely affected by a newly discovered weakness in the Wi-Fi standard by using a key re-installation attack, referred to as “KRACK.” This type of attack works against all secure Wi-Fi networks, and exploitation of these vulnerabilities could allow attackers to decrypt information being passed over secured networks.
Read more about this discovery at www.krackattacks.com.
If you use a TU-managed device to connect to Wi-Fi
The Office of Technology Services (OTS) takes care of patching all University-managed devices; no action is required. If you have any questions, submit a TechHelp service request or contact OTS at 410-704-5151.
If you use a personally-owned device to connect to Wi-Fi
When browsing the web on-campus or at any other location offering Wi-Fi, here are some steps you can take to protect yourself against this vulnerability:
- Always look for the secure padlock icon, the word secure in green, and “https://” in the address bar to protect your privacy.
- Apply all updates when they become available. There are some patches available as of the time of publish, but you should always confirm availability with your provider to make sure you have the latest version.
- Microsoft: Patch released 10/10/2017
- Apple: “The fix for the KRACK Wi-Fi vulnerability is currently in the betas of iOS, macOS, watchOS and tvOS and will soon be rolled out to customers.”
- Android: Will be included in Nov 6 Security Patches
- Wi-Fi Routers and Access Points: Check with your manufacturer for updates and patches