WiFi auto-connect = ticket to jail
|Reported by:||ASoftwareHatingFurry||Owned by:||axeld|
|Component:||Network & Internet/Wireless||Version:||R1/Development|
|Keywords:||connecting open unencrypted default automatically automatic hacking security associating associated ssid||Cc:||HubertNG@…|
|Has a Patch:||no||Platform:||x86|
Neighbour is polishing the barrel of his shotgun, I'll keep this quick..
The automatic connection to the first open network Haiku sees at boot up is potentially very dangerous. My network is WPA. It is really easy to forget to select the correct network, and end up walking right into sticky situations:
- Checking e-mail: plaintext password has been splattered all over the RF spectrum.
- Checking FurAffinity, even more stuff splattered all over, and if the neighbour has logging enabled on their router I'm done for.
- Downloading ISOs, two and counting.
- Trying to FTP into my private server. Of course it fails, but if my neighbour happened to be watching, they could theoretically delopy an FTP server and trap me, taking my password as I attempt to log into it.
- Luckily the neighbour's network has not been used for private IRC chat yet. If that sort of stuff gets leaked, I'm just going to dig a hole and bury myself.
- May end up in prison or at least fined, connecting to a neighbour's network is technically illegal, especially if you steal gigabytes of their bandwidth.
Filed as an enhancement rather than a bug because there seems to be a workaround by using the commandline to connect, and putting it in the user boot script (I haven't tested this yet)
I do hope this behaviour will be changed before R1, I can't really see the utility of connecting automatically to some random network that you have no idea about, but clearly there is potential for harm by connecting.