Enabling Wi-Fi on First boot

Michael Richardson mcr at sandelman.ca
Tue Jul 6 13:57:24 PDT 2021


Alberto Bursi <bobafetthotmail at gmail.com> wrote:
    > "unique" per-device passwords like most vendors are doing are low security
    > and relatively easy to brute force once someone has disassembled the firmware
    > and learned the algorithm used to generate them. They rely on obscurity for
    > most of their security, which is not really a thing for an open source
    > project.

If they devices are shipped with such derivable passwords, then they violate
the California (now US) regulations, and also the come UK ones.
We can do better, and we are doing better.

    > They are also completely useless for DYI users that are just flashing a
    > couple devices.
    > With much less effort you can just ship a pre-made wifi config file with your
    > own settings and passwords, and that's what many are already doing.

Many devices have USB ports, and I'd suggest having a standard names .json
file that can be fed into uci in some way.  I think that this solves a lot
problems.  Have to make sure that vfat support is included in the base image
because... users.

--
]               Never tell me the odds!                 | ipv6 mesh networks [
]   Michael Richardson, Sandelman Software Works        |    IoT architect   [
]     mcr at sandelman.ca  http://www.sandelman.ca/        |   ruby on rails    [
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 487 bytes
Desc: not available
URL: <http://lists.openwrt.org/pipermail/openwrt-devel/attachments/20210706/d58f1fc3/attachment-0001.sig>


More information about the openwrt-devel mailing list