19.02.2017 13:10, Alberto Bursi:
After Mathias's commit (as noted by other mails above) the devices we
are talking about have wifi disabled by default but you can enable it
with the wps button.
https://github.com/lede-project/source/commit/bcfbeae79f799cf1087d692e4869589eb20d2080
Imho makes no sense as in most cases you will have to configure them
anyway to be of any use (you can't just place them in a network with
default config as they lack a ethernet port), so this "wifi off by
default" and "remapping wps button to rfkill" imho is only an annoyance
and removal of a potentially useful button that could be used for other
things (enabling/disabling something else with scripts after user setup).
I'm still the opinion that bringing up an unencrypted wireless without
user interaction is really bad idea.
The commit fixed the following problem: A user flashes one of the
mentioned devices and is not aware that the flash is finished or (s)he
get distracted in between. During this time period anyone can connect to
the AP and can do harmful things.
My assumption is that if the user has to proactive enable the wireless
(s)he will properly configure the wireless afterwards.
What you are describing as annoyance is from my point of view a
protection. It is the usual trade-off between security and usability.
Mathias
_______________________________________________
Lede-dev mailing list
Lede-dev@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/lede-dev
