n: add hiddenssid.md

n/hiddenssid.md

@@ -0,0 +1,143 @@
+---
+title: On hidden WiFi networks
+excerpt:
+  Disabling SSID broadcast is not a security measure and may hurt your privacy.
+layout: mini
+permalink: /n/hiddenssid.html
+sitemap: true
+lang: en
+---
+
+# {{ page.title }}
+
+_{{ page.excerpt }} For opting out of location services, refer to
+[n/nomap](nomap.html)_.
+
+<!-- editorconfig-checker-disable -->
+<!-- prettier-ignore-start -->
+
+<!-- START doctoc generated TOC please keep comment here to allow auto update -->
+<!-- DON'T EDIT THIS SECTION, INSTEAD RE-RUN doctoc TO UPDATE -->
+<em lang="fi">Automaattinen sisällysluettelo</em> / <em lang="en">Automatically generated Table of Contents</em>
+
+- [The issue with hidden networks](#the-issue-with-hidden-networks)
+- [Connecting to a hidden network](#connecting-to-a-hidden-network)
+- [Seeing hidden networks](#seeing-hidden-networks)
+  - [Returning to normalcy](#returning-to-normalcy)
+  - [TODO](#todo)
+- [QR codes for hidden SSIDs](#qr-codes-for-hidden-ssids)
+
+<!-- END doctoc generated TOC please keep comment here to allow auto update -->
+
+<!-- prettier-ignore-end -->
+<!-- editorconfig-checker-enable -->
+
+## The issue with hidden networks
+
+When you hide your WiFi network, your access point (AP) will still announce its
+existence with the MAC (Media Access Control) address without name. Some
+location services, such as WiGLE will still records its existence
+([n/nomap](nomap.html)) and as the Service Set IDentifier (SSID) is required for
+connecting, your devices will shout around everywhere asking for it, so scanning
+around will make you identifiable and possibly trackable as not many people are
+likely to be broadcasting the same set of SSIDs.
+
+_I have said it before, but I am a fan of
+[openwireless.org](https://openwireless.org) and wonder if making that SSID
+hidden to not reveal myself so obviously on WiGLE (as hidden SSIDs are more
+common) would work for promoting it and those with the ability to see it, would
+be more likely to be interested in opening their network as opposed to people
+not seeing it._
+
+## Connecting to a hidden network
+
+_Please remember to replace `wlan0` with your actual interface name if
+applicable._
+
+SailfishOS displays the MAC addresses and I understand Windows to display
+"hidden network" or something similar as well. Android and iOS require entering
+the name through manual adding and warn about hidden networks, on Linux at least
+NetworkManager has a button "connect to hidden network".
+
+`iwd` provides commands `iwctl station wlan0 get-hidden-access-points` and
+`iwctl station wlan0 connect-hidden`, although they may require
+`iwctl station wlan0 scan` at first. In `/var/lib/iwd/<ssid>.<type>` there would
+be
+
+```toml
+[Settings]
+Hidden=true
+```
+
+## Seeing hidden networks
+
+Many platforms have apps for this, however Android prevents getting the hidden
+SSID, so I am focusing on Linux. The required Fedora package is `aircrack-ng`.
+
+1. Switch to monitoring mode through `airmon-ng start wlan0`
+1. If there are warnings about interfering services, stop them or
+   `airmon-ng check kill`. **_This will likely disconnect your network
+   connectivity, unless you have multiple NICs._**
+1. `airodump-ng wlan0`
+1. Wait patiently as ESSID `<length:  0>` gets replaced with the actual SSID
+   once devices connect. On the bottom you will see devices asking for specific
+   SSID.
+
+- This could be sped up by exploiting WiFi vulnerabilities, but that would no
+  longer be in the white hat territory and thus I don't concern myself with it.
+
+### Returning to normalcy
+
+1. Exit `airodump-ng` by `CTRL - C` as usual.
+1. Exit monitoring mode through `airmon-ng stop wlan0phy`
+1. Restart your network management (the `airmon-ng start wlan0` and
+   `airmon-ng check-kill` probably gave you a hint), for me it's
+   `systemctl restart iwd NetworkManager`, while `wpa_supplicant` would be more
+   common.
+
+### TODO
+
+_I should investigate and write about these:_
+
+- `man airodump-ng` may have nice flags as currently nothing is stored.
+  - Security people should have some data to compare to on what is normal in the
+    network environment and when changes happen. Then again with less data
+    stored, there is less chance of doing something illegal by accident, while I
+    think the passive listening this page focuses on is the same as VHF scan all
+    button.
+- I think `kismet` does the same as `airodump-ng`, while it may be more focused
+  on [wardriving](https://en.m.wikipedia.org/wiki/Wardriving).
+
+## QR codes for hidden SSIDs
+
+[zxing](https://github.com/zxing/zxing/wiki/Barcode-Contents#wi-fi-network-config-android-ios-11)
+and [Wikipedia](https://en.wikipedia.org/wiki/Wi-Fi#Securing_methods) agree on
+`WIFI:T:WPA;S:mynetwork;P:mypass;;` so my wondering would be:
+`WIFI:T:nopass;S:openwireless.org;;H:true;` where only `P:mypass` got omitted.
+
+<pre>
+# The capital H is the highest error correction, others are LMQ
+% qrencode -l H -t utf8 "WIFI:T:nopass;S:openwireless.org;;H:true;"
+█████████████████████████████████████
+█████████████████████████████████████
+████ ▄▄▄▄▄ █▀ █▀▀▀▀  ▀▄▄▀█ ▄▄▄▄▄ ████
+████ █   █ █▀ ▄ █▀▄▀▄█▄▄ █ █   █ ████
+████ █▄▄▄█ █▀█ █▄▀▀█▀▀█▀██ █▄▄▄█ ████
+████▄▄▄▄▄▄▄█▄█▄█ █ █▄▀ ▀ █▄▄▄▄▄▄▄████
+████   ▄ █▄ ▄ ▄█▄█  ██▀▀ ▄▀▄▀ █▄▀████
+█████  █▄▀▄▄  ▀ ▄▄▄▀▀▄▀▀ ▄▀ ▀▀▄█ ████
+████ ▀▄█▄█▄▄█▄▀▄▀█ ▄▄██▀▀▄ ▄▀▀   ████
+████▄▄█▀ ▀▄ ▀ ▄█▀ ▀█▄▄█ ▀██ ▀▀███████
+████▀   ▀▀▄▄ █ █▄▄▀▄▄▄▄█ ▄▀▄ ██▀▀████
+████ █▄█ ▄▄█▄▀█ ▄███▄▄█▀▀▄▀▀▀█▄▄▀████
+████▄█▄██▄▄█ ▄▄▄▀▀█▄ ▄▄█ ▄▄▄ ▀▄▄▄████
+████ ▄▄▄▄▄ █▄▀▄█▀ ▄▄▀  █ █▄█ ▀ █ ████
+████ █   █ █ ███▄█▄▄█▄▀▀   ▄ ▀▄ █████
+████ █▄▄▄█ █ ▄  ▄█▀▄  ▀ ▀▄▄▀▄▀  ▀████
+████▄▄▄▄▄▄▄█▄▄▄▄███▄▄▄█▄▄▄▄▄▄▄▄▄█████
+█████████████████████████████████████
+█████████████████████████████████████
+</pre>
+
+_While the above looks messy in my `jekyll serve -l`,
+[Binary Eye](https://github.com/markusfisch/BinaryEye) detected it regardless._

n/nomap.md

@@ -32,6 +32,9 @@ Microsoft has a separate
 [location services opt-out](https://account.microsoft.com/privacy/location-services-opt-out)
 which uses MAC addresses instead.
 
+**_Hidden SSID won't work for opt-out in some of those services. Refer to
+[n/hiddenssid](hiddenssid.html)._**
+
 <!-- editorconfig-checker-disable -->
 <!-- prettier-ignore-start -->