Ubuntu
knetworkmanager package

automatic connect to _unsecured_ network should not be possible

Asked by Henning Moll

Im not sure whether to file a bug (or enhancement) for the following issue:

Suppose you are normaly connected to a _secured_ AP with SSID "XYZ". Fine.
Now - for any reason - this AP is not running/visible/..., but another _unsecured_ AP "XYZ" is available.

Knetworkmanager automatically connects to that unsecured network, while the user is still thinking using the normal secured network. A security problem?
I don't know, if it is possible to "overlay/hide" a network (using more power, another channel...).

Question information

Language:
English Edit question
Status:
Expired
For:
Ubuntu knetworkmanager Edit question
Assignee:
No assignee Edit question
Last query:
Last reply:
Revision history for this message
Henning Moll (drscott) said : 		#1

I tested this behaviour with the same AP: first i created a WPA2 secured AP and connected to that. Then i changed to AP to be unsecured. After a reboot of my computer, knetworkmanager connects without any warning.
So in my test scenario "both" APs are using the same MAC addresse. But for a real "attack" this should be no problem.

Revision history for this message
Olivier (olivier-lacroix) said : 		#2

Hi !

NetworkManager connects automatically to a network only if you already have ask once to connect to this network.

I think that maybe a popup saying "the network your connected to is not longer secured" or something like that should be enough. You should contact directly the NetworkManager Project and ask them for it.

This should only need to add the level of security of a network to give it a unique id. Does that make sense ?

Your concern is a corner case, but I think you are right : I see no reason for not implementing it !

Revision history for this message
Henning Moll (drscott) said : 		#3

Thank you for your response.

As long as knetworkmanager is not running, the problematic connection is not automatically established. Also the data is saved in .kde/share/config/knetworkmanagerrc. So is this an issue of NetworkManager or knetworkmanager?

Revision history for this message
Launchpad Janitor (janitor) said : 		#4

This question was expired because it remained in the 'Open' state without activity for the last 15 days.