home bbs files messages ]

Forums before death by AOL, social media and spammers... "We can't have nice things"

   comp.mobile.android      Discussion about Android-based devices      236,147 messages   

[   << oldest   |   < older   |   list   |   newer >   |   newest >>   ]

   Message 235,594 of 236,147   
   VanguardLH to Theo   
   Re: Auto connect to hotspots? Seems iffy   
   22 Jan 26 13:05:52   
   
   From: V@nguard.LH   
      
   Theo  wrote:   
      
   > VanguardLH  wrote:   
   >   
   >> In a new phone (Android 16), there is a setting:   
   >>   
   >>   Hotspot 2.0 (enabled)   
   >>   Automatically connect to Hotspot 2.0 Wi-Fi networks.   
   >>   
   >> I don't think I want this as I wouldn't know anything about the   
   >> operators of the hotspots.  I prefer to find what wi-fi networks are   
   >> available when I visit someplace, and choose which one to use that I   
   >> decide is probably trustworthy.  Seems I should disable this setting.   
   >   
   > In theory, this is a more seamless and secure way to connect to access   
   > points than either having them open (and thus unencrypted) or having   
   > a publically-shared wifi password you might have to ask someone to   
   > obtain.   
   >   
   > I've used Eduroam which is a similar idea and I've had it 'just work'   
   > and give me connectivity while waiting for a tram in Zagreb, as it   
   > got a sniff of signal from an Eduroam access point across the street.   
   >   
   > If you're using TLS for everything there's a limit to what they can   
   > do.  If you're using DoH (Android's 'private DNS' setting) then they   
   > can't see or forge your DNS which takes out one way to profile you.   
   > They can see the IPs you connect to but there's not a lot they can   
   > get from that.  If you are worried about profiling, connect using a   
   > VPN.   
      
   I did enable Android's private DNS.  However, the automatic setting   
   means to use DoH via port 443/HTTPS if the nameserver supports it; else,   
   fallback to port 53/DNS for lookups in the clear.  So, you can't be sure   
   how you're connecting to the DNS server unless you first test, like   
   visit 1.1.1.1/help, but who want to keep testing before surfing.   
   Instead, for Android's private DNS setting, I specified a secure server   
   (one.one.one.one) to make sure I'm actually using DoH/DoT.   
      
   >> I do want automatic connect to my wifi cable modem, but not to other   
   >> networks that may be available wherever I happen to be.   
   >   
   > I don't think this is as big a risk as you make it out to be. I think   
   > more of a risk is auto-connecting to networks that are broken, and   
   > stop your phone falling back to cellular.   
      
   I'll have to read up on Hotspot 2.0.  As for wifi hotspots, I do not   
   automatically connect to any of them except for the SSID for my home   
   cable modem, and that's locked with a long strong password.   
      
   Does Hotspot 2.0 somehow prevent wifi spoofing where some joker uses a   
   SSID that matches a trusted one, like he sits at a Startbucks   
   broadcasting their public (open) SSID, so you don't end up connecting to   
   a hacker's wifi hotspot?   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)   

[   << oldest   |   < older   |   list   |   newer >   |   newest >>   ]


(c) 1994,  bbs@darkrealms.ca