No protection against "evil twin" (same-named) wi-fi networks
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
indicator-network (Ubuntu) |
Triaged
|
Wishlist
|
Matthew Paul Thomas |
Bug Description
Currently the indicator only shows whether or not a wireless network is secured, by showing a padlock.
In a situation where we have two accesspoints which both have the same ESSID (name) but different encryption (e.g. WEP vs. WPA) they provide two separate networks. Now the indicator shows two identical items and the user has no way of figuring out which is which.
Above scenario is a very rare one, but still completely valid.
Neither nm-applet or macosx networking menu bother to deal with this situation, they just show two identical networks, but Android is always showing the encryption scheme beneath the network name.
We can either
A) do nothing
B) always have the encryption type visible somehow
C) be smart about it and only show the encryption type when we detect that the name and padlock is not enough
Changed in indicator-network: | |
assignee: | nobody → Matthew Paul Thomas (mpt) |
importance: | Undecided → Low |
Changed in indicator-network (Ubuntu): | |
assignee: | nobody → Matthew Paul Thomas (mpt) |
importance: | Undecided → Wishlist |
status: | New → Confirmed |
no longer affects: | indicator-network |
summary: |
- show wireless encryption type + No protection against "evil twin" (same-named) wi-fi networks |
Changed in indicator-network (Ubuntu): | |
status: | Confirmed → Triaged |
Changed in ubuntu-ux: | |
assignee: | nobody → Matthew Paul Thomas (mpt) |
status: | New → Triaged |
summary: |
- No protection against "evil twin" (same-named) wi-fi networks + [System Settings] No protection against "evil twin" (same-named) wi-fi + networks |
Changed in ubuntu-ux: | |
importance: | Undecided → Wishlist |
summary: |
- [System Settings] No protection against "evil twin" (same-named) wi-fi - networks + No protection against "evil twin" (same-named) wi-fi networks |
no longer affects: | ubuntu-ux |
My first instinct is just to use "{network name} ({encryption type})" whenever there's more than one network with the same name.
I wonder if we can do anything here to protect against social engineering attacks. I could camp outside a company office and set up a network with the same name but different encryption method. A device connecting automatically to the previous network would be safe. But a new employee, told to connect to "Yoyodyne" and confronted with a choice between "Yoyodyne (WPA2)" and "Yoyodyne (LEAP)", could easily try the wrong one -- and now I've captured the password to the company's real network. Has this problem been dealt with before?