Enabling Wi-Fi on First boot

Alberto Bursi bobafetthotmail at gmail.com
Tue Jul 6 12:10:29 PDT 2021



On 06/07/21 16:26, Henrique de Moraes Holschuh wrote:
> 
> However, it is *not* a simple matter to just "enable wireless" at first 
> boot in OpenWrt (due to a "default password" issue), except maybe in a 
> home-and-enthusiast setting.  You cannot just do it for a device (or 
> firmware) you're going to deliver to third parties: it is *unsafe*, and 
> extremely strongly discouraged.
> 
> So, to safely and responsibly enable wireless by default in a device (or 
> firmware) you're delivering to a third-party, you need that "per-unit 
> unique wireless password" per device thing most vendors are doing.
> 

Every. Single. Discussion degenerates into a "how could we make it safe" 
party where wilder and wilder ideas are thrown around until everyone leaves.

"unique" per-device passwords like most vendors are doing are low 
security and relatively easy to brute force once someone has 
disassembled the firmware and learned the algorithm used to generate 
them. They rely on obscurity for most of their security, which is not 
really a thing for an open source project.

They are also completely useless for DYI users that are just flashing a 
couple devices.
With much less effort you can just ship a pre-made wifi config file with 
your own settings and passwords, and that's what many are already doing.

-Alberto



More information about the openwrt-devel mailing list