Two major cryptography vunerabilities in one day

Dan Goodin’s been busy


So, talking about KRACK, it would seem to me that even with such a terrible vulnerability, a SAFE user would be protected, no? Nothing leaves the client machine un-encrypted, and that encryption would not be vulnerable to key reinstallation, as there is no plain text involved.

Yes. They even mention that using https sites is safe.

What concerns me is them joining your network (at home) effectively behind your NAT which typically protects you from many attacks.

But its fixable and so all the companies should be updating their wifi software and they better do it quickly.