Hi Marcel, 2013/5/22 Marcel Holtmann <mar...@holtmann.org>: > Hi Chengyi, > >>>> I'm not sure we want the capability of hiding the SSID when tethering, >>>> let's figure out that one as well. >>> >>> I do not think this is a good idea in the first place. Hidden SSID is the >>> most stupid concept invented. It does not provide any extra security. >>> Especially not if you have actual clients connected. The SSID will be >>> resolved eventually if you do an air trace. And if you do not connect to, >>> then instead of hiding it, rather disable it and stop wasting power. >>> >>> There is a reason why we are forcing WPA2 for Tethering access points and >>> do not allow insecure Tethering. With that in mind the hidden SSID is not >>> useful whatsoever either. >>> >>> Keep also in mind that features like WPS, P2P and even Bluetooth >>> High-Speed are forcing the SSID to be broadcast. So hidden WiFi is so >>> 90ties ;) >>> >>> >> I agree with you that strict security control is very important, >> but this specific request is from Tizen mobile develop group, >> and the other also includes open Wi-Fi Access points. > > neither Android nor iOS supports hidden AP for Tethering. So what is your > point here?
Android(Samsung release) supports hidden AP for Tethering. > >> The hostap or wpa_spplicant supports almost all of the security features, >> so I think that security can be selected by the user or APP developer, >> and we can provide instructions and recommendations in the interface file. > > This is not a valid argument. The Linux kernel still supports DECnet network > protocols, but that is pretty much a dead technology. No sane distribution > would try to enable support for it. > > The takeaway from this is that enabling every single possible low-level > option all the way to the user is not useful. Especially if this leads to > false sense of security. You would have to spent more time to explain to the > user that hidden does not mean actually secure. That makes the UI design and > interaction design more complicated. And still most normal users will not get > it. So it is better to not just do it at all if there is not a single benefit. > > And hidden WiFi falls exactly into this category. Upstream can not support > such an option. > Thank you very much for your analysis. I have gradually known the specified standard of ConnMan security, and I think this is very valuable thinking or opinion. So I don't plan to submit this patch to Upstream, and I will only submit it to downstream product. Best Regards Chengyi _______________________________________________ connman mailing list connman@connman.net https://lists.connman.net/mailman/listinfo/connman
