On 2014 Sep 30 (Tue) at 14:37:08 +0400 (+0400), Vadim Zhukov wrote: :2014-09-30 14:27 GMT+04:00 Stefan Sperling <s...@openbsd.org>: :> On Tue, Sep 30, 2014 at 11:59:25AM +0200, Martin Pieuchot wrote: :>> Hey Vadim, I'm happy to see you've put some efforts into improving :>> how wireless networks are configured on OpenBSD. I have some questions :>> below. :>> :>> On 26/09/14(Fri) 21:38, Vadim Zhukov wrote: :>> > :>> > This is a proof-of-concept patch that implements network "profiles" :>> > in kernel, using IEEE 802.11 network name and/or BSSID. :>> :>> Why did you choose to put this in the kernel, did you encounter any :>> technical problem, or was it easier/better that way? :> :> Note also that there is an existing 'autoassoc' behaviour. :> The net80211 stack will try to automatically associate with :> an open wireless network as soon as the interface is brought up. :> I think it would make sense to try to keep this behaviour for :> encrypted networks for which the key has been pre-loaded into :> kernel memory somehow. The primary focus of the kernel should be :> on trying to get link on an interface, like it does with open wifi. : :Yes, I've seen that behaviour. And it actually bothers me - what if I :get associated with untrusted network, and my already opened :Ajax-enabled browser will start to transfer data via it without :notification?.. This can be avoided by forcing some unlikely nwid in :hostname.if, but this is not "secure by default". Or maybe I search :for security in the wrong place, dunno... :
If we have any network configuration, then we SHOULD NOT connect to any random wifi point. If there is no (or minimal) configs, then I am not too bothered by connecting randomly. However, I would cheer a change to not auto-connect to the first open wifi point. FWIW, OSX allows for a list of wifi points to connect to, and does not automagically connect to any open access point. -- Wasting time is an important part of living.
