WIFI is secure. Really really secure. Definitely no vulnerabilities here. Oh no siree-bob. Secure is what it is. Yep yep.
Nevertheless, the WiFi Alliance, which is the umbrella group responsible for administering the whole very, definitely very safe protocol and certifying its products has announced that WPA3 is coming later in the year to make the already definitely very safe thing safer.
WPA3 follows on from WPA2 (natch) and although it was cracked last Autumn via the KRACK exploit (but is still definitely very safe) it was 14 years old, so that’s not bad in not-being-hacked terms.
New features will include extra protection for people who come up with stupid, short, guessable passwords, a better way of configuring devices that don’t have a display (but a lot safer than WPS), better privacy in hotspots and other open environments by individualising the encryption.
Perhaps most interesting is a 192-bit security suite designed to conform to the US Commercial National Security Algorithm (CNSA) – or “best practice”. In other words, if that gets cracked, there’s a lot more at stake than kitty photos. Or to put it another way ‘military-grade encryption’.
“Security is a foundation of Wi-Fi Alliance certification programs, and we are excited to introduce new features to the Wi-Fi CERTIFIED family of security solutions,” said Edgar Figueroa, president and CEO of Wi-Fi Alliance. “The Wi-Fi CERTIFIED designation means Wi-Fi devices meet the highest standards for interoperability and security protections.”
Given the number of network devices that will be announced or on show at CES, there’s likely to be a certain hubris amongst those whose equipment is going to be able to conform to the new WPA3 standard with a firmware upgrade (nothing will do so out of the box) and a despair amongst any manufacturers that haven’t. And we can all probably guess which is which in the list.
As for all your existing stuff, the good news is that this isn’t going to affect anything hugely. It’s all going to be backwards compatible and fluffy and lovely. But with WPA2 then Pandora is out of the box, it’s very likely that a lot of wifi equipment in homes isn’t upgradable and the fact that there’s a hard target been announced in WPA3 automatically makes WPA2 equipment a soft target.
In other words, don’t worry, but do your research if you’re going to be buying between now and the rollout of WPA3 later this year. µ
Source : Inquirer