News roundup: Why this week was bad Krack for Wi-Fi

News roundup: Why this week was bad Krack for Wi-Fi

A roundup of the week’s technology news including Greenpeace, AlphaGo Zero, and tech treehouses.


Wi-Fi security suffers from some bad Krack

Another week, another massive vulnerability found. This week it seems Wi-Fi security is officially broken.

Researchers from the University of Leuven found a number of vulnerabilities which affect Wi-Fi Protected Access (WPA) and Wi-Fi Protected Access 2 (WPA2), two security protocols which are used in billions of devices. Dubbed Krack (Key Reinstallation Attack) by its discoverer Mathy Vanhoef of Belgian university KU Leuven, the attack manipulates cryptographic handshakes and allows information sent over Wi-Fi to be easily intercepted, including credit card numbers, passwords, chat messages, emails, photos, and more. Packets can also be forged and injected.

However, any attacks must be within the range of the targeted Wi-Fi, and the attack isn’t very easy to do. Backwards-compatible fixes are becoming available, and HTTPS & VPNs would help mitigate the attack. Fixes have been issued by Apple, Aruba, Cisco, Microsoft, NetGear, and others, along with the Wi-Fi Alliance for vendors. But as is the case with these large attacks, expect some massive company to not patch and be hacked in the near future.

Some outlets blamed the IEEE standards body for not being open enough about the protocol’s specifications. The Wi-Fi Alliance – the organisation that developed the protocol - said the flaw can be “resolved through straightforward software updates” and there is “no evidence” that the vulnerability has been exploited in the wild.

CNET is suggesting that the NSA may well have known about this (or a similar) vulnerability as long ago as 2010, but failed to disclose it. The NSA reportedly refuse to comment.


Chinese phone makers fall foul of Greenpeace

Greenpeace released its annual Green Guide for electronics this week. The report, which rates companies on their environmental credentials, gave Fairphone top marks, while Apple also scored highly.No company, however, recieved an A grade.

While there was the usual pop at Amazon for their lack of transparency – despite the company opening a wind farm this week - Chinese brands Oppo, Vivo and Xiaomi, and Huawei came under fire for a lack transparency around their suppliers.

“Tech companies claim to be at the forefront of innovation, but their supply chains are stuck in the Industrial Age,” said Gary Cook, Senior IT Campaigner at Greenpeace USA.



AlphaGo Zero

Remember when Google’s AlphaGo Artificial Intelligence system beat the world’s best Go player and it was heralded as a major milestone in the development of AI? That’s now old hat. The company’s new and improved program, AlphaGo Zero, beat the original AlphaGo 100 games to zero.  Published in Nature, AGZ was told the rules of the game and nothing else, and taught itself how to best play the game in just three days by playing 4.9 million games against itself.

In other AI news, Sony is rumoured to be bringing back it’s Aibo robot dog, complete with some sort of virtual assistant technology embedded. Yandex has released its own Russian-language assistant called Alice. Garmin has made a tiny Alexa device for your car, and the ‘modular’ Moto phone has an Alexa speaker add-on that costs more than an Echo.


Samsung’s new stuff

Despite its CEO quitting amid a bribery scandal, Samsung has plenty of good news to tell you about from its Samsung Developer Conference.

There’s Bixby 2.0, which looks to emulate its rivals by being in as many devices as possible, and offering an SDK so others can embed the virtual helper in their own devices. As well as shoving Bixby into appliances such as fridges, and any dumb speaker using a new dongle.

Nokia has announced it is ceasing production of its OZO VR camera, but luckily Samsung is stepping in with its 17-lense 360 Round. It’s Continuum-like DeX dock will run a Linux desktop, its Galaxy phone will support  Google’s ARCore. And finally, the company will be uniting all its IoT services – including SmartThings, Samsung Connect, and ARTIK - under the SmartThings Cloud banner.


Facebook looks at LinkedIn and says, “we can do that”

Not content with bleeding Snapchat to death with a thousand imitating cuts, Mark Zuckerberg’s company now seemingly have their sights set on LinkedIn too. The Social Network is testing Resume/CV features for some users that expands on the ‘About/Work’ section and turns it into a fully detailed work history. FB told TheNextWeb: “We’re currently testing a work histories feature to continue to help people find and businesses hire for jobs on Facebook.”


Amazon is striking so much fear into the heart of businesses that there is a whole symposium dedicated to which industry the tech conglomerate might disrupt next. A survey from the symposium suggests dollar stores, auto parts providers, and home improvement shops are the most immune to the relentless advance of Jeff Bezos & co.

Google has made a double swoop for Relay Media and podcast app 60dB, Accenture has made a one-two for Altima and IBB Consulting, Splunk has hoovered up both SignalSense and Rocana.

Facebook now owns teen app tbh, Cisco’s 200th acquisition is Perspica, Akamai has nommed Nominum, DXC has acquired Logicalis’ consulting business, Coupa has bought Deep Relevance, Adobe has snapped up KyleBrush, lockmaker Assa Abloy now owns smart lock startup August Home, and Belgian Post Group (aka bPost) has purchased Radial (formerly eBay enterprise).

Apple reportedly considered buying Crossover Health to make a deeper push into healthcare. AOL Instant Messenger (aka AIM) is finally closing down, years after everyone stopped using it.


Kaspersky still under fire

Russian security firm Kaspersky is still facing troubles. The NYTimes reports that Israeli intelligence officers hacked Kaspersky and watched Russian government hackers search and steal information from US intelligence computers in real time. The Daily Beast is reporting that companies are dropping Kaspersky’s services in droves. Eponymous CEO and founder Eugene says he is a victim of ‘intense, fierce, and persistent media attacks’:

“The steady stream of media leaks seem intentionally designed to damage our reputation without providing us with any real opportunity to address any concerns – because action is being taken before we can engage.”

Symantec’s CEO Greg Clark says he will no longer allow governments to review its source code, while US Senator Jeanne Shaheen asked what the US government is doing to prevent similar code reviews of US companies by the likes of Russia.

In other security news, a man sold his company, hacked it, then tried to sell the company back its own data in the guise of a new startup. And the Shadow Brokers – aka the group who leaked the Eternal Blue vulnerability used in the WannaCry attack – is reducing the price of its leaks.


Android wars: Java vs Kotlin

In recent years Swift has become the de facto programming language of choice for iOS apps. Is Android due a similar overall? A new report from mobile development platform Realm claims that 2018 will be the ‘year of Kotlin’ and the upstart programming language will overtake Java as the default language for Android apps as soon as December 2018. Kotlin might have gained the official support of Google earlier in the year, but one expert told IDG Connect that it would take something “supersonic” to usurp Java. We’ll be taking a closer look at this story next week.

Also, someone created a BDSM-based erotic programming language for some reason. 



During a tour of GitHub’s offices in San Francisco recently I saw dogs, pool tables, a library, and pressure sensitive hammocks. But you know what it didn’t have? Tree houses. Microsoft revealed this week that it spent the summer building “two enclosed treehouses and one elevated roost called the Crow’s Nest” at its headquarters in Redmond, Washington. These new spaces are “helping employees benefit from what science shows is the powerful impact of nature on creativity, focus, and happiness,” according to the company’s blog.


Snap Inc. moves into a new market

Halloween is nearly upon us. And some of you might be thinking, “I really want to dress up like a low-level meme.” Well, fear not. The people behind Snapchat have got you covered. For the low, low price of $80 you can buy the ‘Dancing Hot Dog Costume’, apparently made by Snap Inc. themselves. I guess the company thought that meme costumes were the natural progression after painfully hipster spyglasses. The reviews are pretty special, too.




So that company that makes a scented candle with that ‘new Mac’ smell is back with a new version. The new Inspire [mac candle N°2] comes in a sleeker, more Apple-like container, and “strong notes of bergamot, lemon, and tarragon - scent profiles that clear your mind of clutter and stimulate creativity”. It’s also $30. If tempted to buy it, don’t. Give the money to charity. Or just burn it. The smell of burning currency might clear your mind.


«What can we learn from Reserve Bank of India’s security best practices?


Three unique security solutions to take note of»
Dan Swinhoe

Dan is Senior Staff Writer at IDG Connect. Writes about all manner of tech from driverless cars, AI, and Green IT to Cloudy stuff, security, and IoT. Dislikes autoplay ads/videos and garbage written about 'milliennials'.  

  • twt
  • twt
  • Mail

Our Case Studies

IDG Connect delivers full creative solutions to meet all your demand generatlon needs. These cover the full scope of options, from customized content and lead delivery through to fully integrated campaigns.


Our Marketing Research

Our in-house analyst and editorial team create a range of insights for the global marketing community. These look at IT buying preferences, the latest soclal media trends and other zeitgeist topics.



Should the government regulate Artificial Intelligence?