Krack in simple terms

What is Krack? It's an attack that exploits all wifi devices.

Are you at risk? Yes, but not really.

Should you worry? Not really. To exploit your systems, someone needs to be at close range and even then they aren't able to exploit 'secure' content (websites with a padlock in the address bar).

What can this exploit do to you? Simply put, it can read (or inject into) insecure content in real time. In theory someone could inject a phishing form onto any unpadlocked page.

Should you do anything? Make sure all of your devices are kept up to date. Make sure there aren't any creeps sitting in your driveway on laptops. Avoid clicking things that seem dodgy. So business as usual. Keep an eye out for any devices left sitting around where they don't belong.

But my TV has wifi!? Okay, yes, so EVERY wifi device is 'at risk', but there is a point where it doesn't matter too much - what data is someone going to be able to steal from a TV? Is that data going to be worth wardriving for?

What is wardriving? Simply put, wardriving is where someone drives around a town with a laptop looking for unprotected wifi networks so they can steal data or just generally be dicks. This new exploit simply gives them another attack vector.

Do you need to change wifi password? No, the attack ignores the password and doesn't expose it.

The attack only exploits WPA - should you use WEP instead? No. Thats like saying "A keycutter saw my keys once, so he MIGHT be able to get in. Better just leave my doors hanging wide open!"