Kintsugi is an ancient Japanese art of repairing cracked and broken ceramics by filling them with lacquer and mixtures of gold, silver, or platinum. Often, the repaired item will be even more beautiful and valuable than the original pristine pot.
Unfortunately, weaknesses in your Android and Linux computers’ “WPA supplicant” (and related code and infrastructure that helps deliver your Wi-Fi service) may not be more beautiful after the widespread use of the vulnerability referred to as “Krack”.
Repairs will come in the form of patches and upgrades, where available (not gold or platinum!), but for millions of devices now outside of their upgrade cycle, your Wi-Fi privacy must be regarded as permanently lost.
Krack takes advantage of vulnerabilities and coding errors to allow attackers to very quickly penetrate the passwords and security implemented in one of the major Wi-Fi implementations. It achieves this by tricking devices to reset their configurations and to use potentially known passwords and security to decrypt all traffic, spy on your communications, jeopardise the Internet of Things and pretty much every other device that implements Wi-Fi.
As ever, we encourage users to implement multiple forms of security and to assume a state of mild paranoia when using open or uncontrolled or unsecured Wi-Fi and networks.
Consider the use of end-to-end encryption wherever possible, along with two factor authentication and secured (https) access to websites, especially when using potentially Krack’d connections.
As for how widespread the issue was, it appears almost any device that uses Wi-Fi is affected. "The weaknesses are in the Wi-Fi standard itself, and not in individual products or implementations. Therefore, any correct implementation of WPA2 is likely affected.