[quote=“Drezil, post:10, topic:34194, full:true”]As a side-note: Also update ALL of your router and WiFi-Devices. They are most likely affected as well.
Only upside to the recent bug: An attacker has to be physically present within the area of your WiFi (up to 100-200m around the AP with proper equipment).[/quote]Nope, APs are not affected. All you need to do is update every WiFi client. Routers or modems (which are routers) are typically APs. The AP part of the handshake isn’t compromised.
The only exception is repeaters (example). Repeaters typically serve as AP and client. They’re a client to the modem/router which is an AP, and they’re an AP to the area they’re being extended to. The former is the issue. (They also cause a lot of noise, but that’s not the point ). I recently started using a repeater because my ISPs modem can only serve in either 2,4 GHz or 5 GHz and I wanted to have the 5 GHz speed for devices which support it. Turns out my partner’s smartphone and our e-readers don’t support 5 GHz. So I plugged in a repeater. However, its plugged in via ethernet and is therefore actually only an AP; not a WiFi client.
The sad truth is, there are a lot of repeaters out there which won’t get fixed…
Same for clients. Luckily I have my e-reader WiFi off most of the time though I expect some updates from Kobo. I think having WiFi off when you don’t need it is a good compromise for the time being, and generally good practice as well. It saves you battery and it gains you privacy because it goes against tracking (although I think Android 7, like iOS, randomises MAC address when not connected?). There are also some programs which enable or disable WiFi based on GPS location. IIRC I used that with Tasker on a rooted phone before, but I don’t remember how well it worked. At the very least you’re not using WiFi for positioning anymore.
PS: Recommend to not broadcast list of known APs via WiFi Privacy Police by UHasselt.