This is a service announcement for my fellow members. What we call a "Day 1" flaw has been exploited in the WPA2 WiFi protocol. The term "Day 1" implies that the flaw is part of the basic design of the product - every WiFi Router is vulnerable, and every device that connects via WiFi is vulnerable. The vulnerability allows a 3rd party to monitor a WiFi session, read everything in both directions, and inject transactions, install malware, or simply copy things such as credit card numbers or bank account numbers.
A list of affected routers is here: https://www.bleepingcomputer.com/news/security/list-of-firmware-and-driver-updates-for-krack-wpa2-vulnerability/
If there is an available fix that is also listed. Typically, the fix will involve updated firmware for the WiFi chipset plus updated driver software for the router or the mobile device. Unless both of these have been modified since mid September 2017, you are vulnerable. If your router or device support line tells you you "don't have to worry", you definately do - nobody is immune to this until the fixes are installed, and most WiFi chipsets and device drivers do not yet (Oct.17, 2017) have available fixes. If your device is not on the above list, it is still impacted, and if it's older than 3 years, most likely will never be fixed.
Yeah, that's what I said, and I meant it. I own two "Nook" E-Readers that are several years old and the only way I will use them anymore is to read books and magazines. I will no longer trust E-Mail, Instant Messaging, or online purchasing on those old devices, and I never expect to see them updated. If your mobile devices are still being updated with new software, you may have lucked out - you only have to worry until a fix is released.
In case you are wondering, I have an older AT&T WiFi router and AT&T is among the venders not commenting on KRACK vulnerability. They face either updating or replacing millions of WiFi routers, with the resultant consequences to their bottom line.
I know you have lots of questions, but this is not the place for them. This thread can be locked by a Moderator. You can find help on the web. Until your device and your router are updated, avoid credit card transactions and online banking on your mobile devices.