How can I protect my phone against Krack Attacks if no updates are forthcoming?

Today, there was disclosure about [Krack Attacks](krackattacks.com) that affect WPA2. The attacks are primarily executed against end-point devices (phones, laptops). In many cases, you can patch your router. The way the vulnerability works, according to the website author: > This means a patched client can still communicate with an unpatched access point, and vice versa. In cases where the router is patched, we're cool. But sometimes, I have access to WiFi networks outside of my control, and I can't guarantee they're patched. For these cases, it makes sense to patch my device -- but (based on the Linux driver source), for my specific phone (and I'm sure many others), I don't forsee updates ever becoming available -- we just don't get updates. In these cases, what can I do to minimize or mitigate the risk of this attack? Someone recommended using HTTPS Everywhere, which is (unfortunately) only available in Firefox on Android.