WPA3 is the magic number? Protocol refresh promises tighter Wi-Fi security

Re: ROFL

To be fair TP-Link do regularly update their routers, but as they demand everything be reset to defaults every time I tend to get grumpy (Might be because I have some cheap one and they want to punish cheap people like me).

Netgear do still provide updates (Based on a DGN2200, however most updates break at least one management interface link and if you click it a protection mechanism kills the web server rendering it useless)

Our ancient Draytek Router though still receives updates

Re: ROFL

But I bet Draytek are working on it for their routers, etc.

Yeah, it's not as though this is a brand new announcement - the proposed standard has been in the works for ages, it's just now finalised. I would expect responsible vendors like Draytek and Ubiquiti have already done the groundwork and have a provisional implementation that will get polished up and pushed out as a firmware update in the fairly near future.

Re: ROFL

Actually Sky update their routers quite frequently, my Sky Q Hub has had 4 updates this year already.

Re: ROFL

"Hands up how many of you run a separate (secure) router INSIDE of the ISP provided one that does get upgrades?"

We did, until an obscure bug in the Virgin (not-so)Superhub would drop our connection every fifteen minutes until we took it out of modem mode and removed the proper router.

It's probably fixed not, maybe I should have another go at setting it up.

Re: New hardware needed?

My understanding is that the only part of the standard that might require new hardware is a longer key length option requested by banks/defense, but that should not be something that would prevent updating consumer equipment that wouldn't be used in such environments.

I'm hoping to see upgrades from DD-WRT but I think they're dependent on the vendors since some binary only wifi drivers are used - i.e. nas for Qualcomm ARM based devices etc.

Since 802.11ax is around the corner, and that's the biggest upgrade wifi has seen since the introduction of the 5 GHz band, if I can't get my AC68Us upgraded I'll just stick with WPA2 for a few years until we start seeing 802.11ax routers for under $100. The security of WPA2 isn't perfect but it is good enough for most of us - not like I'm too worried about someone expending a lot of effort to specifically attack me.

Re: There are still easier ways to hack routers than WPA

That isn't the problem. The problem is that a dodgy ad submitting a form to:

http://defaultuser:defaultpass@192.168.0.1/turn-on-remote-access-plz

The router could prevent that, by checking you've been on an intermediary page immediately before the form submission, or web browsers could prevent is by refusing to submit forms from extermal ip ranges to internal ip ranges without some sort of confirmation.

Re: There are still easier ways to hack routers than WPA

Er, yes, precisely... by the time you see an admin interface you are a) already on the network, b) on a badly configured system.

Plus, things like UPnP and TR069 are the real risks.

Re: There are still easier ways to hack routers than WPA

malware on a site (likely in an advert) on your browser, and default password on the router.

I change default passwords on everything and use uMatrix on phone & laptop to block scripts.