Set Up Hotspot security issue
Closed this issue · 4 comments
Hi,
I'm not sure if this is intended or a bug, but when I set up a Hotspot via TrebleShot, the created Hotspot security is OPEN without any security whatsoever, which means any passerby can connect to my phone using that Hotspot!
And I don't seem to find any option in the settings to enable password protection (i.e. WPA2), am I missing something?
No, you are correct. The app creates open networks on devices prior to Android 8 because it is easier to create and connect to networks with no password protection. With Android 8, Android gained a new API that enforces password-protection.
Oh I see, that's unfortunate.. but, isn't there a way to mitigate this issue for devices running older versions of Android? Like for example toggling the phone own hotspot?
I'm asking this because on my phone I can't turn on the phone own hotspot while the phone is in Flight Mode, which I happen to have enabled often, but still want to send a file or two to my other devices.
Solid Explorer does this (enable the phone own/preconfigured hotspot even in flight mode), but I'm not fond of its FTP server implementation, I prefer TrebleShot for many reasons.
Thanks for the swift response.
Oh I see, that's unfortunate.. but, isn't there a way to mitigate this issue for devices running older versions of Android? Like for example toggling the phone own hotspot?
I'm asking this because on my phone I can't turn on the phone own hotspot while the phone is in Flight Mode, which I happen to have enabled often, but still want to send a file or two to my other devices.
The initial reason for going with open networks was the ease of use. Back then, the app looking for networks that are open and have the SSID with the initials TS_. However, that feature is no longer essential as the app now supports QR codes.
The only reason why it still uses unprotected networks is that they are more reliable. For some reason, password-protected networks sometimes fail to connect using QR codes.
As for a solution, you can modify the source code to make it use passwords when setting up a hotspot. The app should be passing a null value when invoking this method:
You can set a password by passing a non-null value.
In the meantime, I will think about implementing this as an option.
Glad to know that you're considering to implement this as an option in the future, in the mean time I'll look into it and see what I can do to workaround and mitigate this issue to hopefully be able to continue using TrebleShot securely.
Thanks again.