[System Settings] Hotspot design unnecessarily makes key compulsory

Bug #1431876 reported by Matthew Paul Thomas on 2015-03-13
This bug affects 2 people
Affects Status Importance Assigned to Milestone
Ubuntu UX
ubuntu-system-settings (Ubuntu)
Jonas G. Drange

Bug Description

The current design for setting up a hotspot assumes that it must always have a key.

Tony Espy points out that this may be unnecessary and annoying where you, or people you trust, are the only people in range of the hotspot for usable periods of time. For example, when camping or on a road trip.

This could be fixed by making the key optional. For example, adding a "Require a key to connect" checkbox, where the "Key:" field is present only when the checkbox is checked.

UX Resolution:

The password field is now optional.

Related branches

Jonas G. Drange (jonas-drange) wrote :

Could we add to the spec what specific security schemes we support? Right now, this information is very implicitly communicated in the "When no hotspot settings are stored:" column.

Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in ubuntu-system-settings (Ubuntu):
status: New → Confirmed
Sebastien Bacher (seb128) wrote :

Needs design work, adding ubuntu-ux

Changed in ubuntu-system-settings (Ubuntu):
importance: Undecided → Wishlist
Changed in ubuntu-ux:
assignee: nobody → Matthew Paul Thomas (mpt)
importance: Undecided → Medium
status: New → Triaged
John Lea (johnlea) on 2015-07-30
summary: - Hotspot design unnecessarily makes key compulsory
+ [System Settings] Hotspot design unnecessarily makes key compulsory
Changed in ubuntu-ux:
assignee: Matthew Paul Thomas (mpt) → Femma (femma)
Jonas G. Drange (jonas-drange) wrote :

I don't think a key should be compulsory, but it needs to be the default. If a user creates an unsecured, shared Internet connection in a busy cafe, it can have unfortunate consequences:

* Nearby people may have clients auto-joining open networks, thus using the shared hotspot without even knowing it. This will create additional costs for the user.
* Malicious individuals can use the unsecured hotspot to do illegal activities. This will at worst incriminate the user.

I am sure there are more examples of why an unsecured shared wireless network is a bad idea.

Jonas G. Drange (jonas-drange) wrote :

Correction: “I am sure there are more examples of why an unsecured shared wireless network is a bad idea.” should be “I am sure there are more examples of why an unsecured shared wireless network by default is a bad idea.”

Femma (femma) wrote :

Jonas, in regards to your message as to whether the password field would be empty due to the password field becoming optional, the password field has never contained a generated password. The user has always had to enter their own password. The only change is that now the buttons will become sensitive on default.

description: updated
Changed in ubuntu-ux:
status: Triaged → Fix Committed
Jonas G. Drange (jonas-drange) wrote :

“The only change is that now the buttons will become sensitive on default.” It's a small change, yes, but it makes insecure networks a default without warning the user. Beyond the implications mentioned in #4 [1], it's also inconsistent not to warn the user when something pertains to insecure networks. If you connect to an insecure network we show a warning [2].

[1] https://bugs.launchpad.net/ubuntu/+source/ubuntu-system-settings/+bug/1431876/comments/4
[2] https://wiki.ubuntu.com/Networking?action=AttachFile&do=get&target=wi-fi-auth-wep.phone.png

Femma (femma) wrote :

Wireframes amended to include a 'warning'.

Matthieu James (tiheum) wrote :

I added a new hotspot mono icon to the Suru theme whose name is preferences-network-hotspot symbolic.
I will do my best to make this update landing asap.

Matthew Paul Thomas (mpt) wrote :

Following our discussion on IRC, I've added a "Require a password" checkbox, checked by default, so that an insecure hotspot isn't the default. <https://wiki.ubuntu.com/Networking?action=diff&rev2=295&rev1=294>

Changed in ubuntu-system-settings (Ubuntu):
assignee: nobody → Jonas G. Drange (jonas-drange)
status: Confirmed → In Progress
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package ubuntu-system-settings - 0.3+15.10.20150910.1-0ubuntu1

ubuntu-system-settings (0.3+15.10.20150910.1-0ubuntu1) wily; urgency=medium

  [ jonas-drange ]
  * [hotspot] allow insecure hotspot, hide hotspot for mako, make
    autopilot tests run on mako, and change packaging so we get a newer
    Connectivity API (provided by indicator-network). (LP: #1431876)
  * [system-update] deviceName now uses correct argument returned from
    system image backend. (LP: #1487432)

 -- CI Train Bot <email address hidden> Thu, 10 Sep 2015 19:01:48 +0000

Changed in ubuntu-system-settings (Ubuntu):
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers