iOS Wifi-Security Question - Will iPhone attempt to connect to an AP insecurely?

Discussion in 'iOS 8' started by crellion, Feb 25, 2015.

  1. crellion macrumors member

    Joined:
    Oct 22, 2009
    #1
    Say I had an AP with WPA2-encryption set on my iOS device. Some other guy decides to setup a rogue AP with the same SSID as my own AP - but with encryption completely off.

    Will my iPhone get confused by this - or will it connect to only my WPA2-encrypted one with the correct Wifi password?
     
  2. iShorty macrumors regular

    iShorty

    Joined:
    Jun 23, 2010
    Location:
    Nottingham, UK
    #2
    I'm almost certain that it verifies other information like the Routers MAC Address etc, I wouldn't worry.
     
  3. Intell macrumors P6

    Intell

    Joined:
    Jan 24, 2010
    Location:
    Inside
    #3
    From what I recall, it will connect to the insecure one of it is the exact same SSID and no encryption. Apple may have changed this with a recent iOS version, but at one time it would do exactly that.
     
  4. C DM macrumors Westmere

    Joined:
    Oct 17, 2011
    #4
    If that's how connections are handled these days, or even were ever handled, that is just beyond wrong.
     
  5. crellion thread starter macrumors member

    Joined:
    Oct 22, 2009
    #5
    Don't have my AP with me right now - but is there anyone willing to do a quick test with their iOS device on this theory with their own AP?
     
  6. Intell macrumors P6

    Intell

    Joined:
    Jan 24, 2010
    Location:
    Inside
    #6
    There was an article about how some security researchers did testing on that. I forget where I read it, but it was fascinating. Many systems do connect to a similarly named SSID that has no encryption.
     
  7. swordfish5736 macrumors 68000

    swordfish5736

    Joined:
    Jun 29, 2007
    Location:
    Cesspool
  8. I7guy macrumors G5

    Joined:
    Nov 30, 2013
    Location:
    What Exit?/Saguaro Country
    #8
    So I did a quick test. I added an SSID to my home router with the same SSID as the corporate wifi network. I set the option for "no security".

    I then forgot all wifi networks and waited to see what would happen. With "ask to join known networks" set to "yes" my iphone did not connect to any network.

    However, when selected, the iphone happily connected to rogue SSID. I'll see if the phone automatically connects tomorrow morning to the corporate network.
     
  9. Intell macrumors P6

    Intell

    Joined:
    Jan 24, 2010
    Location:
    Inside
    #9
    Forgetting all wireless networks is a flaw in your test.
     
  10. gordon1234 macrumors 6502a

    Joined:
    Jun 23, 2010
    #10
    I'm pretty sure it will happily connect to any network with the same SSID. For instance, there are a ton of networks around here called either "attwifi" or "xfinitywifi." If I connect my phone to any of them once, it will automatically connect to all the others in the future. It's quite annoying, actually.

    Sadly, I think this is sort of the standard for most devices with WiFi right now.
     
  11. Lennyvalentin macrumors 6502a

    Lennyvalentin

    Joined:
    Apr 25, 2011
    #11
    Of course it connects to a "rogue" SSID when you tell it to... That's what you told it to do! ;) Next time you test this, don't forget your known networks first, just turn off encryption. You also might want to change the MAC of the router, to see if iOS verifies this first before connecting.
     

Share This Page