Hi there, here's a strange one!
Yesterday I bought two Amazon fire 8 tablets for my kids.
They are brand new. Upon going through initial setup, one of the first thing it asks is WiFi details. Would anyone believe me if I told you that this device connected to my WiFi WITHOUT having to enter a passphrase/password. How on Earth can this happen?
And before you ask, yes I have wireless security enabled on my WiFi for both antennas - WPA2 Personal. Every other device I have can only connect with the passphrase.
I've only been able to reproduce this during the initial setup on the Amazon tablet. If I go into the device settings and remove the WiFi connection and re add it, I have to enter the minimum 8 chars.
My only conclusion so far, is this is one hell of a bug in openwrt WiFi security.
Happy to help out and provide more details.
I'm on latest openwrt 19.07.3. The devices are amazon tab 8 2020 kids editions.
Do you have other Amazon devices? Perhaps Amazon stores the wifi credentials from the devices you own, and links them to your Amazon account, to make it easier for you when adding new devices.
Yes I do have other Amazon devices.
However! The devices are brand new and won't have their Amazon credentials at this stage.
The first step in the devices setup is just like standard Android. Choose language then select/configure wifi then add accounts (like amazon). However the WiFi stage just went straight in.
It's as if the Amazon device is sending null/blank password and openwrt is accepting it. Normally devices force you to enter the minimum 8 chars for password.
When you purchase an amazon device via amazon's webpage, it actually links the device to your amazon account with zero manual intervention. This is enjoyable for grandmothers around the world, but questionable security practices for everyone else.
Firstly, it wasn't me who purchased the device, so they won't know which account to use.
Secondly, you're saying they physically put my account on the device before it ships? That's extemely unlikely? Also I had to manually put in the amazon account login details after it magically connected to WiFi.
Anyway the devices have had the latest updates applied, then factory reset and its now asking for WiFi password on setup.
Really bizarre! It did happen, honest!
Anyone know of any Windows or Linux tools which will let me try and connect to wpa2 without a password?
I've said some unlikely things before, but this isn't one of them. Anyways, good luck on finding that mythical vulnerability, you could be on to something.
Yep it definitely connected to my SSID and it had internet access. Also this occurred on both devices. I don't think my openwrt logs go back far enough to see what happened.
I reckon Amazon devices talk to each other, probably via Bluetooth and pass WiFi credentials to new devices. It's the only thing I can conclude!