"Wi-Fi has a big security flaw - and you need to act now"
will start after this message from our sponsors.
CNET News Video
CNET News Video
Wi-Fi has a big security flaw - and you need to act now
A major new security flaw has been discovered, and it affects practically everyone that uses WiFi.
It' called KRACK, short for key reinstallation attack, and it's a way for hackers to spy on anything you do online.
That includes seeing any passwords you type in or any conversations you're having or documents you're sending.
A researcher from a Belgium University discovered the flaw, and published a paper on it.
What makes it particularly nasty is that it's not tied to a certain machine.
It has to do with a weakness and how WPA2 security was designed.
That's the encryption method used by pretty much all WiFi networks.
The researcher shared a video demonstrating the attack.
If a hacker is near the WiFi access point.
They can execute a script that tricks the system to bypass the security, then the hacker can see everything that is being sent and also infect the machine with malware.
Here's where it gets worse, you're not even safe if you go to a website that's normally secure with https You see, this hack will disable that security so that little green lock icon is suddenly gone.
Always pay attention to that icon.
The demo shown was with Android, but it's also possible it could be done against a number of other systems including Apple and Microsoft.
However, the researcher says it is easier to attack Android and Linux operating systems.
So now that you know how bad it can be, here's the good news.
This is fixable with patches, and the researchers warned companies of this flaw months ago before going public with the discovery.
So Many vendors have been working on fixes.
Google is expected to patch its products in the coming weeks.
Now all the average person needs to worry about is making sure all laptops and smartphones are updated.
Changing your password doesn't matter.
This is about downloading software updates as soon as possible for any device that uses wi-fi.
That includes a smart watch, a TV, maybe even your car.
And if you have a device that is not patched, well you should be extra cautious.
Any information sent over that device could be compromised.
The Wi-fi Alliance says there's no evidence that this attack has been used maliciously, at least not yet.
I'm Bridget Carey, and you can find more details and tips on the crack attack at cnet.com.
Microsoft CEO on using tech for good, not evil
Jeff Bezos details space ambitions
Jeff Bezos discusses challenges facing big tech
Instagram CEO on why he left
AT&T will come out with yet another streaming service
iPhone XS vs. Pixel 3: What's the difference?
Watch the highlights from Google's Pixel 3 event
Google's Pixel 3 Top Shot feature picks the best photo
Google reveals the Pixel Stand for wireless charging
Google debuts the Pixel Slate tablet with detachable keyboard