科学美国人60秒 让你的Wi-Fi远离KRACK

（单词翻译）

It seems every week we find out that someone broke into a big company’s databases—like the recent Equifax data breach—and made off with millions of credit card numbers, passwords and other valuable info. And now a new kind of worry: someone could hijack¹ your wireless² home network and steal your info from under your nose.

似乎每周我们都会发现，有人入侵了某家大型公司的数据库——例如最近的Equifax(是一家美国知名的征信机构)数据泄露事件——导致数百万个信用卡号、密码和其他珍贵的信息被泄露。现在有这样一种新的忧患：有人会入侵你家的无线网络，就从眼皮子底下盗取你的信息。

That’s the possibility raised by a couple of cybersecurity researchers from the Catholic University of Leuven in Belgium. The problem, they say, is a flaw in the very protocol³ meant to make wi-fi secure. That protocol is called Wi-Fi Protected Access II, WPA2. And WPA2’s weakness could allow an attacker within physical range of your wi-fi network to make a copy of that network that they could then control. The researchers call their approach a key reinstallation attack, or KRACK.

比利时鲁汶大学的数位网络安全研究人员提出了这种可能性。他们表示，加密协议的漏洞是是让网络安全。这种加密协议成为WPA2. WPA2的缺陷是攻击者可以在你的Wi-fi覆盖范围内制作一个他们可以控制的网络副本。研究人员将这种方法称为KRACK。

It’s important to know that a KRACK attack remains⁴ a hypothetical for now. The scientists realized the threat while investigating wireless security. They’ll present this research on November 1st at the Computer and Communications Security (CCS) conference in Dallas and in December at the Black Hat Europe conference in London.

重要的是，需要知道KRACK攻击现在还只是一个假设。科学家们在调查无线网络安全时，意识到这种威胁。研究人员会将研究结果在11月1日在达拉斯举行的计算机与通信安全会议以及12月份在伦敦召开的欧洲黑帽会议上公布研究结果。

In their KRACK scenario⁵, wireless devices would be fooled into connecting to the bogus network. And the attacker would be able to access all of the info that devices send and receive while connected to that network—even if that info has been encrypted. Android and Linux would be especially vulnerable because of how their encryption keys are configured.

在研究人员虚拟的KRACK场景中，无线设备将会被误导去连接虚拟网络。这时，攻击者可以获取连接该网络设备收发的所有信息——即使这些信息已经被加密。因为安卓和Linux的加密方法，这两种系统特别的脆弱。

One measure of protection against such an attack would be to make sure they you’ve installed the most up-to-date versions of your apps, browsers⁶ and wireless router software. Updated software is most likely to include the security patches needed to avoid falling victim to a KRACK attack. Because chances are that KRACK won’t remain simply a proof-of-concept for long.

防止这种攻击的一种方法是确保你已经安装了最新版本的应用程序、浏览器和无线路由器软件。更新后的软件很可能包含避免KRACK攻击的安全补丁。因为KRACK攻击不会只以一个概念的形式存在太久的~