SUMMARY When you type a WiFi password, sometimes the list of networks can rearrange while you're typing and the input field will "attach" to a different element in the network list. For example, lets say we have three networks with unstable levels of signal: Foo, Bar and Baz. The bug may then present itself like this: Networks > Networks > Networks -------- > -------- > -------- Foo > Foo > Bar Bar > [secret] > [secret] Baz > Bar > Foo > Baz > Baz Square brackets represent text input field and arrows represent state change (entering the password and networks rearranging). STEPS TO REPRODUCE 1. Press "Connect" button on one of the networks (preferably with similar signal quality to some other network). 2. Write something into the field. 3. Wait until the signal levels change and another network replaces the one you initially selected, with its password input field being active and what you entered previously - in it. OBSERVED RESULT Password is being entered for another network EXPECTED RESULT Either for the network not to change its position at all (while typing), or at least input field staying connected to the network, not its initial position. SOFTWARE/OS VERSIONS Linux distro: Arch Linux KDE Plasma Version: 5.21.4 KDE Frameworks Version: 5.80.0 Qt Version: 5.15.2
OMG can reproduce! I can anticipate it becoming a "throw the computer out the window" level of frustration...
Marking as critical since this can cause your wifi password to silently get to sent to the router of a different network controlled by someone else (possibly malicious).
(In reply to Nate Graham from comment #2) > Marking as critical since this can cause your wifi password to silently get > to sent to the router of a different network controlled by someone else > (possibly malicious). I'm working on a fix, I seem to find one. I just need to test it properly.
A possibly relevant merge request was started @ https://invent.kde.org/plasma/plasma-nm/-/merge_requests/55
(In reply to Nate Graham from comment #2) > Marking as critical since this can cause your wifi password to silently get > to sent to the router of a different network controlled by someone else > (possibly malicious). AFAIK, only password's hash gets transmitted, so it wouldn't be any different than sending the password to your own router, since most of WiFi-capable devices can intercept the handshake. You don't need an evil router :) So it's not that critical in terms of security. Maybe only if the network that gets selected is an open one - then if you didn't pay attention you might be sending private data on a public network. But I don't know how networkmanager would react to you providing a password for an open network - maybe that's an error.
Git commit d7846ecc8b01178a4a1eea34c616ca3ad75fc2e5 by Jan Grulich. Committed on 12/04/2021 at 05:48. Pushed by grulich into branch 'master'. Applet: delay model updates on expanded password field This should prevent random jumps between different connections while user is typing password to the password field M +8 -9 applet/contents/ui/ConnectionItem.qml M +69 -44 libs/models/networkmodel.cpp M +17 -1 libs/models/networkmodel.h https://invent.kde.org/plasma/plasma-nm/commit/d7846ecc8b01178a4a1eea34c616ca3ad75fc2e5
Git commit 64dc6234b6980172bb53084c16a0e4e693d6011a by Jan Grulich. Committed on 12/04/2021 at 05:50. Pushed by grulich into branch 'Plasma/5.21'. Applet: delay model updates on expanded password field This should prevent random jumps between different connections while user is typing password to the password field M +8 -9 applet/contents/ui/ConnectionItem.qml M +69 -44 libs/models/networkmodel.cpp M +17 -1 libs/models/networkmodel.h https://invent.kde.org/plasma/plasma-nm/commit/64dc6234b6980172bb53084c16a0e4e693d6011a
*** Bug 442749 has been marked as a duplicate of this bug. ***
This issue still occurs on KDE Plasma 5.23.5 under SteamOS.
Yeah, it's still an issue. Duping to Bug 389052 which is the baster bug report tracking it. *** This bug has been marked as a duplicate of bug 389052 ***