cglavan

Comments

  • Okay. Is there a certificate that can be installed on end devices then so that they trust the connection? The issue is that if there's no configurable second phase and thus no way to store the network on the end device with a 'no certificate' option, then the end device has to re-verify the trust every single time it…
  • Hi Jay, This is a change that came in Android 11 due to the inherent MITM risks in not requesting and/or validating the server-side certificate on the client. Evil twin and other rogue AP attacks are commonplace and becoming ever more advanced. For enterprise-level security, not requiring the certificate check-- or worse,…
  • Hi Jay, Android devices running GrapheneOS will not retain network settings because phase 2 option 'none' was removed due to weak security.
Avatar