There has been a lot of noise and hype about the WiFi WPA2 encryption vulnerability and I must admit I didn't really understand what the implications were or how worried we should be.
In a nutshell, the vulnerability is with the encryption handshake a device makes to the WiFi router.
In simple terms the handshake is a series of messages a device (phone, laptop etc) needs to connect securely to a WiFi router. It goes like this:
1. hello world, I'm the WiFi router and anyone with the right password can connect.
2. Hello router I'm a trusted phone, can you send me the encryption key.
3. No probs phone here is the key.
4. Thanks Router got it, lets send lots of data securely.
The Krack Attack is where it makes the router resend message 3 (the encryption key) by inserting some noise, so the router thinks the phone didn't get message 4. At this point the router will reset the encryption variables which is where there is the potential for another device to decrypt or insert code.
In reality, few people really care about your home network, or even your office network. The real threat is more likely to be in public WiFi spots such as coffee houses, garages while you get your car serviced, libraries etc. But as with any public network common sense and basic security will serve you well.
Don't browse or look at anything that's sensitive in a public network. eg don't do your online banking in the Coffee Shop!
If you want to learn more about it and fancy going a bit techy, there is a great video to watch below.