undefined | Better HN

0 pointsgruez2y ago0 comments

> FWIW I used WeChat a few years ago and at that point it definitely asked for local network access (which is what this article is about; a mechanism for collecting SSIDs which can then later be correlated to locations).

Is that what "local network access" means? I thought that was for controlling network connections to LAN ips and/or to send multicast packets (eg. mdns).

0 comments

anileated2y ago

> there was a VPN app I used that didn't have the "local network access" permission, but was still inexplicably able to get a list of wifi networks I connected to

It is different from continuously getting a list of all SSIDs within your Wi-Fi range, even those you never connected to. This is what allows shady apps infer location (this, and massive databases of SSID matched to coordinates).

What you described is also a feature of WireGuard iOS, and it needed no permission.

lxgr2y ago

As far as I can tell, Wireguard does it the other way around (i.e. you provide it with a list of SSIDs you want to always enable VPN for, it provides that to the OS, and the OS then only tells the VPN that it needs to get connected).

But according to this [1] post (by an Apple employee?), having an enabled VPN profile seems to indeed be opting the app in to receiving the current SSID without the location permission, at least for some time and since iOS 14.

[1] https://developer.apple.com/forums/thread/679038

anileated2y ago

I may have mixed up WireGuard versions, it does it on macOS but doesn’t on iOS (or this feature was removed).

Either way, being able to get a list of networks user connected to is unrelated to the feature under discussion.

j / k navigate · click thread line to collapse

0 pointsgruez2y ago0 comments

Is that what "local network access" means? I thought that was for controlling network connections to LAN ips and/or to send multicast packets (eg. mdns).

0 comments

anileated2y ago

> there was a VPN app I used that didn't have the "local network access" permission, but was still inexplicably able to get a list of wifi networks I connected to

What you described is also a feature of WireGuard iOS, and it needed no permission.

lxgr2y ago

[1] https://developer.apple.com/forums/thread/679038

anileated2y ago

I may have mixed up WireGuard versions, it does it on macOS but doesn’t on iOS (or this feature was removed).

Either way, being able to get a list of networks user connected to is unrelated to the feature under discussion.

j / k navigate · click thread line to collapse