The latest news about the KRACK gave me a nice flashback from the 2005’s and 2006’s. Back then almost nobody used Wireless encryption, nor the HTTPS as default for web traffic. Those were the days ….
We have survived the 0ld days on clear-text protocols with some hiccups sure, and most of us had a lot of fun abusing it.
Back in 2005/2006 I remember that it was not uncommon to transmit unencrypted WIFI data of blood test diagnosis labs (included names of patients, “SocialSecurityNumbers” and the medical results of each blood test)
I remember reading mails from the blood testing diagnosis lab nurses complaining about Syphilis tests that showed all prostitutes in the area as positive, requesting new sets of tests as these were most probably false positives. Next batch showed all negative results … As well as seeing all the pr0n requests made by the admins of such organizations.
Also it was pretty much standard stuff to run unencrypted “Peer WIFI” network that used “Home-Made WIFI Antennas ” so all that was really needed was to get on top of the flat rooftop collect “Unencrypted” wireless data.
All these we already went through, so I think there is no need to panic about the KRACK, just patch your systems and keep on truckin’
