---
title: "If you connect to the internet over WIFI, you need to pay attention…"
date: 2017-10-16
source: facebook
type: Archer T. Ships shared a link.
---

# If you connect to the internet over WIFI, you need to pay attention…

*October 16, 2017 · Facebook*

::::: {}
::: {}
[https://arstechnica.com/information-technology/2017/10/severe-flaw-in-wpa2-protocol-leaves-wi-fi-traffic-open-to-eavesdropping/](https://arstechnica.com/information-technology/2017/10/severe-flaw-in-wpa2-protocol-leaves-wi-fi-traffic-open-to-eavesdropping/){target="_blank"}
:::

::: {}
If you connect to the internet over WIFI, you need to pay attention to this. There is a vulnerability in the software your computer uses to connect to WIFI that allows anyone who is within physical proximity of your WIFI network to potentially:\
\
\"\...steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on. The attack works against all modern protected Wi-Fi networks. Depending on the network configuration, it is also possible to inject and manipulate data. For example, an attacker might be able to inject ransomware or other malware into websites.\"\
\
Here\'s what I recommend:\
\
\* Don\'t panic! The attacker must be physically close enough to connect to your wifi network. If you\'re a home network user, you\'re probably not at high risk of attack. (Though you should fix the problem\--it\'s the internet equivalent of leaving your front door unlocked.)\
\
\* Install the HTTPS Everywhere browser plugin ([https://www.eff.org/https-everywhere](https://www.eff.org/https-everywhere){target="_blank"}). The HTTPS Everywhere plugin forces your browser to make encrypted connections (https://) instead of an unencrypted connection (http://). Most websites that handle sensitive information already enforce this policy, but this plugin makes sure that it happens.\
\
\* Install and use a VPN service on each of your computers. NordVPN ([https://nordvpn.com/](https://nordvpn.com/){target="_blank"}) is a reasonable choice\--they have a large network, and support multiple devices on a single account. A VPN will encrypt all of your incoming or outgoing traffic, so that even if an attacker compromises your WIFI network, they won\'t be able to read anything of value.\
\
\* Update your computer\'s operating system to patch the vulnerability as soon as it becomes available. (i.e. don\'t put off installing the system updates your OS is nagging you about).\
\
\* Update your router\'s firmware as soon as the manufacturer releases a patch. You can track announcements about firmware patches here:\
\
[https://www.reddit.com/r/KRaCK/](https://www.reddit.com/r/KRaCK/){target="_blank"}\
\
[https://arstechnica.com/information-technology/2017/10/severe-flaw-in-wpa2-protocol-leaves-wi-fi-traffic-open-to-eavesdropping/](https://arstechnica.com/information-technology/2017/10/severe-flaw-in-wpa2-protocol-leaves-wi-fi-traffic-open-to-eavesdropping/){target="_blank"}
:::
:::::