Tiny Core Extensions > TCE Q&A Forum

wifi.tcz security concerns...

(1/4) > >>

nitram:
New TC-6 user here. Just installed wifi.tcz, runs well.

- After connecting wifi saves the ESSID and password in a plain text wifi.db file in the home folder. This happens to be my secured home router and i would prefer that this information NOT be stored in plain text on my system. Anyone know how to disable the wifi.db text creation, as i would prefer to re-enter my password manually at boot.

- This query is likely not possible with wifi, but i prefer my wireless router NOT broadcast an ESSID (hidden network). Is there anyway for wifi to pick up a hidden network?

Thanks in advance for any feedback.

Juanito:
At the moment the wifi extension will not connect to networks that do not broadcast the ssid - if you'd like to propose a change to the script, please feel free  :)

coreplayer2:
Is this really a security concern?  Or a matter of comfort?
Anyone who had access to the file system is already inside your local network.  iptables should be enough protection from casual exploits. Anyone smart enough to access you password is most likely not living within reach of your WiFi range. So it appears a moot point?

If it's that important then perhaps a more secure connection manager would be appropriate?  Would be cool to encrypt the password file, though seems to much like overkill for the threat posed..?


Sent from my iPad using Tapatalk HD

nitram:
Juanito - A script change would be great but i've already bugged bmarkus enough this week and i don't have the necessary skills to figure this stuff out yet.

coreplayer2 - Thanks for the response. Both a matter of comfort but also a bonafide security concern. Of course someone who hacks your wifi already has access to your local network anyway - understood. But having plain text network connection information in a home folder seems like asking for trouble if a laptop is ever lost/stolen and recovered by someone nefarious. Upon realizing the theft i would change the network ID/password asap so maybe you're right, maybe i am making more out of it than necessary.

Guess i'm just used to a more secure system (no network broadcast, encrypted connection information, no sudo, very restrictive root user usage, etc). I can see how TC can be more secure in many use cases (run from RAM, fresh system at every boot, etc) but in some ways maybe less secure. I'm still trying to figure out the system and need to read up on TC security.

Since my wifi.db file is stored in the home folder and is backed up upon exit into mydata.tgz, is there a way to automatically password protect this tgz file to prevent someone from unzipping?

Or...if i'm that paranoid, maybe just manually delete the wifi.db file before exit/backup if i plan to take the laptop out of the house.

curaga:
Yes, the "protect" bootcode will enable 448-bit Blowfish encryption for your backup file.

Navigation

[0] Message Index

[#] Next page

Go to full version