He who is William Unruh said on Sun, 29 Oct 2017 14:47:35 -0000 (UTC):

No, whose interception point is close enough. Thus your wirelessly
connected fridge, which usually has attrocious security, could possibly
be used as an interception point for an attacker who is in Mongolia say.

Interesting point. Thank you for that observation.

I think what you're saying is that if they can get to *any* of your
devices, over the Internet, then, *from those devices*, they can intercept
your traffic to, for example, your Linux laptop or Android smart phone.

But I'm confused about the risk in that case.

Are they only intercepting from the refrigerator-to-the-client-device?
Or are they then able to get from your router-to-your-client-device?

(The latter would be more dangerous.)

All wifi is susceptible, including Windows. The problem with Android and
Linux is they all use wpa_supplicant and it has a problem that, for
security, it zeros the password after using it. But that means that when
the replay occurs it uses that 0 password. Thus fixing wpa_supplicant
fixes the problem, and it has in principle been fixed. Of course one needs
to get that fixed version into the devices.

Here is a writeup I made for my family that others can use which shows just
*one* example of fixing a WiFI device. In this case, it's a Ubiquti radio
set up as an access point and only going about a half kilometer, but it
could be set up to go for miles (as some of my other radios are set up).

(0) Log into your radio
http://wetakepic.com/images/2017/10/29/00_PB400_firmware_update_krack.jpg

(1) Check the firmware version (noting the board revision, e.g., XW)
http://wetakepic.com/images/2017/10/29/01_PB400_firmware_update_krack.jpg

(2) Hit the "Check Now" button to see if you can update from here
http://wetakepic.com/images/2017/10/29/02_PB400_firmware_update_krack.jpg

(3) If not, go to the manufacturer's web site to locate the firmware file
http://wetakepic.com/images/2017/10/29/03_PB400_firmware_update_krack.jpg

(4) You may have to agree to the manufacturer's updated EULA
http://wetakepic.com/images/2017/10/29/04_PB400_firmware_update_krack.jpg

(5) Download the file to a known location on your computer
http://wetakepic.com/images/2017/10/29/05_PB400_firmware_update_krack.jpg

(6) Save the file in a logical location on your computer for future use
http://wetakepic.com/images/2017/10/29/06_PB400_firmware_update_krack.jpg

(7) Then in the radio, press the "Upload Firmware Choose File" button
http://wetakepic.com/images/2017/10/29/07_PB400_firmware_update_krack.jpg

(8) Wait for the firmware to upload (it may take a minute or two)
http://wetakepic.com/images/2017/10/29/08_PB400_firmware_update_krack.jpg

(9) Once uploaded, press the "Update" button to update the firmware
http://wetakepic.com/images/2017/10/29/09_PB400_firmware_update_krack.jpg

(10) Wait for the firmware to be updated (it may take a minute or two)
http://wetakepic.com/images/2017/10/29/10_PB400_firmware_update_krack.jpg

(11) Do not power down while you are waiting for the firmware to update
http://wetakepic.com/images/2017/10/29/11_PB400_firmware_update_krack.jpg

(12) When done, the radio will reboot; log back in to check results
http://wetakepic.com/images/2017/10/29/12_PB400_firmware_update_krack.jpg

(13) You should note that the firmware should now be updated
http://wetakepic.com/images/2017/10/29/13_PB400_firmware_update_krack.jpg

(14) Doublecheck now that everything is updated that it is working fine
http://wetakepic.com/images/2017/10/29/14_PB400_firmware_update_krack.jpg

So, 4 is the only thing you really need to say. Of course how you are
going to update your fridge or your toaster is a bit obscure. Do you
really want a "owned" wifi device anywhere on your internal network?

I have over a dozen WiFi devices in my house.... so I'm updating them one
by one. I'm more worried about my grandchildren not knowing how to update
*their* devices, and my older siblings, etc.

But I agree, it's a PITA to update *every* WiFi device in the house.
I have over a half-dozen access point radios, for example, and a few on the
roof, etc., some of which connect by WiFi to homes that are 10 miles away,
so it's a pain for any of them.