David Koff
2 min readNov 4, 2017


I very much appreciate the long and thoughtful response

. You clearly understand the depth and magnitude of the Equifax hack, which is good: that breach was and still is a killer for the very reasons that you’ve outlinesd and something I wrote about at length in a previous piece. Give that a read and let me know if you agree with my approaches there.

However, I’ll disagree that the “eavesdropping” you’ve referred to is any less dangerous than the Equifax for a few reasons:

  1. This isn’t a simple hack: it’s a full-on exploit that’s exposed the truth that the entire WPA2 protocol — what most of us use in our homes and at our businesses — is, at it’s core, insecure.
  2. That insecurity means that anyone — anyone! — with the right tools can eavesdrop. That means neighbors, co-workers, hackers or anyone with malicious intent.
  3. Given the carelessness with which most of us transmit sensitive information while online — including much of the same data exposed in the Equifax security breach — there is ample cause for concern here.

My partner articles (and the 10-part series which Medium is having me write) aren’t based on causing alarm or fear: they’re based on a logical examination of real-world digital threats and the solutions that can help minimize or eliminate them.

Is there a difference between gaining access to a massive amount of static data (Equifax) or being able to slowly, imperceptibly glean the same kinds of data from an unsuspecting public? Yes, fair enough. But that’s of little consequence to me. We had no power to stop the Equifax theft of data from happening: that’s entirely on Equifax. But we do have power to minimize or eliminate KRACK and, therefore, we should educate people how to be prepared to do so.

In my title, I didn’t say the exploit was worse than the Equifax hack, I said it was the most dangerous since the Equifax hack. I maintain that’s an accurate statement and therefore wouldn’t change my title.

Again, I really appreciate your well-reasoned response. Thank you for taking the time to do that: I wish others would as well!



David Koff

I’m a tech writer who focuses on digital privacy & security. Subscribe to my easy-to-read tech newsletter to learn more! https://www.technologytalk.net/