MAKE YOUR WI-FI SAFER
Upgrade your security
You can take a few simple steps to prevent undesirables from accessing your Wi-fi network. Your router’s website will offer a selection of encryption protocols that should include WEP (Wired Equivalent Privacy), WPA (Wi-fi Protected Access), and WPA2 (Wi-fi Protected Access 2). There might be more letters after each one (WPA2-PSK[AES], for example, see screenshot below), but you don’t need to worry about those. The standard you need to be using is WPA2 – anything else is too easily beaten.
Protect against the Krack Wi-fi flaw
WPA2 is the strongest protocol these days, used by most operating systems and devices. But last October Belgian researchers discovered that it contained a serious vulnerability known as Krack (Key Reinstallation Attacks), making it possible for hackers to eavesdrop on Wi-fi traffic (see ‘What’s all the Fuss About?’, Issue 515).
Shortly after this news broke, Microsoft announced it had already released a security update to fix the vulnerability in Windows. To check you received it, open Settings (Windows key+i), select ‘Update & security’, Windows Update, then ‘Update history’. Look for updates numbered between KB4041600 and KB4042900 and an installation date between early and mid-october.
A fortnight later, Apple issued an update for its devices. Google wasn’t in quite such a hurry – it waited until the start of December to release an update for Android. But this was applied only to its own devices: Pixel and Nexus phones and tablets. It will take longer to arrive on Android devices made by other manufacturers, such as Samsung or LG. We’d advise checking with their customer-service department (see box below), then checking for updates by tapping Settings, ‘About device’, then ‘Download updates manually’.
As for routers, check the Department of Homeland Security’s list at www. snipca.com/26194. Look for your router’s name, then click ‘Affected’ to see the latest information (see screenshot above). If you’re in doubt, contact your router manufacturer (see box below).
Share your Wi-fi safely
If someone asks for your Wi-fi password you should think twice before giving it. If you trust that person implicitly it’s probably safe enough, but there are better, more secure ways to share access.
Your router will let you set up a guest network on either the 2.4GHZ or 5GHZ bands. Log into your router’s settings screen, then tick the Enable First Guest Wireless Network box (or similar, see screenshot below). You’ll then need to specify the network’s SSID and create a password for it that you can share. This network is isolated from the rest of your devices, so you don’t need to worry about snooping guests.
There’s also a new feature in IOS 11 that lets you share your Wi-fi with friends and family using iphone and ipads. Make sure the person you want to share your connection with is in your contacts, and that you both have Bluetooth enabled. When your friend tries to connect to your network, a Share Password message will pop up on your device. Tap this, and they’ll be able to join your network without needing your password.
Check for router vulnerabilities
Your router is the gateway to your network so it’s important to make sure it’s as secure as you can make it. Bitdefender’s new, free Home Scanner tool ( www.snipca.com/26532) scans your wireless network, shows connected devices on a map, and checks for weak passwords and vulnerable or poorly encrypted communications.
Once the scan is complete, it offers detailed security advice that will help you shore up your network. Just install and run it, click the Start Using Home Scanner button, and confirm you’re running it on your home network.
Ideally, every result will be a green ‘No risk found’. If you see an orange ‘Potentially at risk’ result (see screenshot right) this means Bitdefender has found at least one of four possible security flaws: insecure authentication, weak login credentials (passwords and usernames), poorly encrypted communication, or hidden backdoors. Select any at-risk network, then click the Vulnerabilities tab. Select the flaw you want to fix to see Bitdefender’s advice, which includes choosing stronger passwords. For more help, refer to Bitdefender’s excellent manual: www. snipca.com/26533.