You may have heard of wireless security vulnerabilities like KRACK, but it looks like the Wi-Fi Alliance has finally developed a method to completely mitigate these sorts of problems. Developers from the organization announced in January that they were working on a new system of protocols that would be out later in the year. Extra security features are now available as of today, but they currently seem to exist only as documents rather than real hardware.
KRACK affected the WPA2 security protocol, which is what almost all Wi-Fi connections today use. While the new protocols aren’t necessarily perfect as no algorithm ever could be, they do prevent every single type of vulnerability that’s currently known.
Engineers took over ten years to move everyone to WPA2, and there are still a few devices that support only older protocols that should have been retired years ago. As a result, it’s going to take a long time to move hardware manufacturers and end users to the WPA3 standard. Since WPA2 won’t be abandoned, it should continue to power innumerable wireless connections for the foreseeable future.
End-users won’t really have to do anything. When the new security protocols are offered on their connection, they can switch over. While making them available on a large scale will take some time, users can switch over as soon as they find the option to do so.
Enterprise users will have more of a problem because of the use of embedded machines and other devices that won’t be easy to upgrade.
Fortunately, the Wi-Fi Alliance seems to be working with hardware manufacturers and drive developers in order to make this transition a bit more smooth. Alliance members include microchip vendors that are located in many different countries, so all enterprise-level users should be able to find a voice.
Operating system developers have been able to mitigate some KRACK vulnerabilities even without upgrading to WPA3 technology. Android, Chrome OS, iOS, Windows and macOS all have patches that should protect users from having all-zero encryption keys installed against their will.
Some enterprise-level users have taken to migrating back to Ethernet in order to ensure that no one could snoop on data without physical access to their equipment.