Android - Android Smart Lock: Why is there no option to use WiFi?

Some forums state the risk for the WiFi network to be spoofed. I don't understand how the risk is different: an attacker could spoof a Bluetooth device as well.

The risk is different. It's not possible to spoof a paired Bluetooth device. The Bluetooth peripheral and the phone exchange keys as part of the pairing process, so both of them can securely identify the other. When the devices connect, they each challenge the other to prove they have the secret keys. If it didn't work this way, it would be trivial to "man-in-the-middle" attack the connection by pretending to be the peripheral. Then the attacker could eavesdrop your phone calls or music, or whatever it is you're sending over Bluetooth.

Authentication works a bit differently in Wi-Fi. See this question on our sister site Super User for more discussion on that. In open networks, and networks authenticated using WEP, WPA, or WPA2-PSK, the network doesn't authenticate to the phone at all. The phone has to prove that it has the secret key (the network password), but the network doesn't have to prove anything. There are no "trusted Wi-Fi networks" in this sense. Only networks authenticated with WPA2-Enterprise, which use a certificate pair, prove their identity to the phone, by showing a certificate signed by a certificate authority (just like HTTPS websites). Presumably, Google didn't think it was worth adding an option that would only work with the least common type of Wi-Fi network, and the confusion it would cause their users.

Interestingly, Wi-Fi spoofing is already a security issue for the "trusted place" option. The location system uses visible Wi-Fi networks as one input to determine where you are, and as we've seen, that can cause huge inaccuracies. Spoofing this deliberately means looking at the networks that are visible in your "trusted place" and spoofing several at once. Your neighbourhood phone-snatcher won't be able to unlock your phone this way, but government agencies and organised industrial spies probably can: especially if they also use a screened room to block GPS and cellular signals.


What you ask would certainly be possible, but it should be restricted to when a device is connected to a Wi-Fi network using sufficient security, i.e. WPA2 authentication/encryption. Probably it was left out because it would be hard to communicate to a non-technical user why they could use certain Wi-Fi networks for authentication but not others.

In contrast to what @DanHulme wrote in his answer, when using WPA2 authentication with pre-shared keys (WPA2-PSK), both the station and the AP have to prove that they know the passphrase in the four-way handshake. A rogue WPA2-AP cannot give access to a client by just "accepting" the client's password. On the other hand, everyone who knows the PSK could fake an AP (WPA2 Enterprise does have an advantage here over WPA2-PSK).

Tags:

Security

Bluetooth

Wi Fi

Smart Lock

Related

Android - Does Android have support for IPv6 tethering? Android - Installing .apk as system app directly (with root) Android - Removing apk of inbuilt apps completely (without rooting) Android - How can I prevent apps from going full screen and hiding the notification bar? Android - Prevent music players from auto play on bluetooth connect Android - How to find out which app is trying to open spam websites? Android - Notification icon that looks like 2 arrows inside a circle with leaf on Huawei device Android - How to assign default app to unlisted file type Android - How to flash Android O image in Moto G4 Plus Android - Why do Android phones have more cores than computers? Android - Scroll to a particular date in Whatsapp Android - How to check the current platform of Android OS?

Recent Posts