NetBSD-Bugs archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

install/57026: Sysinst "Configure network" connects to random open WiFi when connecting to the desired network fails



>Number:         57026
>Category:       install
>Synopsis:       Sysinst "Configure network" connects to random open WiFi when connecting to the desired network fails
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    install-manager
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sun Sep 25 18:15:00 +0000 2022
>Originator:     BodgeMaster
>Release:        9.3
>Organization:
>Environment:
NetBSD  9.3 NetBSD 9.3 (GENERIC) #0: Thu Aug  4 15:30:37 UTC 2022 mkrepo%mkrepo.NetBSD.org@localhost:/usr/src/sys/arch/amd64/compile/GENERIC amd64
>Description:
When connecting to an encrypted wireless network fails (for example due to a wrongly entered passphrase), a connection to the next best open network is established instead - automatically without asking the user and trying to fix it is impossible without restarting because the existing connection is not disconnected before trying to configure the network again.

This is a potential security risk due to the installer using plain HTTP or FTP for downloads and definitely a privacy issue because nobody needs to know that there is a laptop running this or that uncommon operating system in the area. Not to mention that it is really inconvenient because many open networks won?t let you connect to the internet without opening their login page in a web browser so the connection is useless in many cases.
>How-To-Repeat:
Prerequisites:
- a computer with a WiFi NIC
- an encrypted WiFi network using a passphrase in range
- an open WiFi network in range

(basically have a laptop and live in a densely populated area)

Steps to reproduce:
- Boot up the installer
- Follow the steps until you can select `e: Utility menu`
- `c: Configure network`
- select the WiFi interface and enter the SSID of your desired encrypted network
- intentionally enter a wrong passphrase
- select yes when asked whether to perform auto configuration

At this point, a connection to the open network will be established. Trying to use `c: Configure network` again appears to just request a new DHCP lease.
>Fix:



Home | Main Index | Thread Index | Old Index