Key Wi-Fi security protocol is vulnerable to attack

All technology depends on technology that has gone before it.

Sometimes the former technology needs to be revisited, to check it is still fit for contemporary purposes.

Such is the case with the WPA2 security protocol, used to encrypt Wi-Fi traffic.

It seems that it has a vulnerability that can be exploited by the ‘KRACK’ attack to decrypt traffic, and in some cases even inject malware into the traffic.

Because the vulnerability is in a protocol that is part of the Wi-Fi specification, it can affect every device that uses Wi-Fi.

Fortunately, this vulnerability was found by researchers, so Wi-Fi equipment makers were made aware of it before it was made public.

Some have already provided fixes for the vulnerability, and some soon will.

However, some equipment will inevitably not get updated, even if the fix exists, so they will be an attack target for years to come.

More detail:

https://www.krackattacks.com/?utm_source=Ubiquiti+Newsletter+Subscribers&utm_campaign=b822866b42-UBNT%3A+WPA2+patch%2C+10-16-17&utm_medium=email&utm_term=0_1c1b02cb37-b822866b42-207883025&goal=0_1c1b02cb37-b822866b42-207883025

Are technological advances plateauing?

The background

Deepening specialisations, along with standardisation, have enabled increasingly sophisticated systems to be created.

People need and want things that require more sophisticated systems.

More sophistication entails more complexity.

Problems

  1. Self-evidently, one person’s ability to create increasingly complex but reliable systems, has a limit
  2. The more people engaged in an endeavour, the less productive they become at delivering it, until it becomes unaffordable, or progress halts

Problem 1: This cannot easily be much affected, because most people have a broadly similar ability.

Problem 2: Techniques exist to mitigate this, such as using a lower cost workforce, dividing systems into loosely coupled less complex subsystems, and changing work practices to more specialised roles with narrower tool sets. However, none of them actually prevent the declining productivity as teams grow.

Evidence

A recent article in The Register points to a recently published paper, which claims “… that research effort is rising substantially while research productivity is declining sharply.”

Possible reactions

  1. Accept this plateaux in technological advances for fields that have been highly developed
  2. Grow user bases to support the extra R&D staff required, although this reduces choice and competition
  3. Reduce the dependency on human effort of developing sophistication, using for example AI techniques