install/57026: Sysinst "Configure network" connects to random open WiFi when connecting to the desired network fails

To: install-manager%netbsd.org@localhost,gnats-admin%netbsd.org@localhost,netbsd-bugs%netbsd.org@localhost
Subject: install/57026: Sysinst "Configure network" connects to random open WiFi when connecting to the desired network fails
From: jan.danielzick%gmx.de@localhost
Date: Sun, 25 Sep 2022 18:15:01 +0000 (UTC)

>Number:         57026
>Category:       install
>Synopsis:       Sysinst "Configure network" connects to random open WiFi when connecting to the desired network fails
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    install-manager
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sun Sep 25 18:15:00 +0000 2022
>Originator:     BodgeMaster
>Release:        9.3
>Organization:
>Environment:
NetBSD  9.3 NetBSD 9.3 (GENERIC) #0: Thu Aug  4 15:30:37 UTC 2022 mkrepo%mkrepo.NetBSD.org@localhost:/usr/src/sys/arch/amd64/compile/GENERIC amd64
>Description:
When connecting to an encrypted wireless network fails (for example due to a wrongly entered passphrase), a connection to the next best open network is established instead - automatically without asking the user and trying to fix it is impossible without restarting because the existing connection is not disconnected before trying to configure the network again.

This is a potential security risk due to the installer using plain HTTP or FTP for downloads and definitely a privacy issue because nobody needs to know that there is a laptop running this or that uncommon operating system in the area. Not to mention that it is really inconvenient because many open networks won?t let you connect to the internet without opening their login page in a web browser so the connection is useless in many cases.
>How-To-Repeat:
Prerequisites:
- a computer with a WiFi NIC
- an encrypted WiFi network using a passphrase in range
- an open WiFi network in range

(basically have a laptop and live in a densely populated area)

Steps to reproduce:
- Boot up the installer
- Follow the steps until you can select `e: Utility menu`
- `c: Configure network`
- select the WiFi interface and enter the SSID of your desired encrypted network
- intentionally enter a wrong passphrase
- select yes when asked whether to perform auto configuration

At this point, a connection to the open network will be established. Trying to use `c: Configure network` again appears to just request a new DHCP lease.
>Fix:

Prev by Date: Re: install/57025: landisk sysinst should not installboot againstRAWPART
Next by Date: NetBSD Nightly Trouble Ticket Report
Previous by Thread: Re: install/57025: landisk sysinst should not installboot againstRAWPART
Next by Thread: Re: install/57026: Sysinst "Configure network" connects to random open WiFi when connecting to the desired network fails
Indexes:

Home | Main Index | Thread Index | Old Index