This week Belgian researchers discovered a major security flaw in WPA2, previously thought to be an unbreakable security protocol for WiFi networks and the devices that use them—including routers, desktop computers, streaming set-top boxes, connected appliances and, of course, smartphones.
The flaw is called Krack, or Key Reinstallation Attack, and can be exploited to read sensitive information like passwords or credit card numbers being sent through the network, or insert malicious code into websites as they are loaded onto devices.
The bad news for Nexus and Pixel owners is that they’ll have to wait for the next monthly security update from Google to get their devices patched; the really bad news is for users of other Android devices (Samsung), who will have to wait much longer than that. The good news? If you’re a modder and are running either LineageOS or OmniROM then your hardware is likely already patched. Android Police reports that official Lineage builds from October 17th onwards have been patched; ditto for Omni builds starting October 18th.
For anyone reading this who has ever questioned the value of custom Android firmware I’d say that this right here is a pretty good example of their worth.