Unable to secure connection with WiGLE

Issues with the Android network detection software. Please include Software version, Android version, and device when reporting

41 posts • Page 2 of 3
That's half the problem - Google's not willing to distribute apps through the play store unless they target a new, moving requirement: that means Android 10 right now, Android 11 coming in the fall. (https://developer.android.com/google/pl ... target-sdk)

Because of breaking SDK changes (and in particular, location services changes), this results in us being unable to continue to distribute versions that work below Android version 24 (Nougat) via the play store - as of last fall. We can still build and sign a patched APK file that works on older versions (down to SDK 16, Jelly Bean according to the docs, and even SDK 15, Ice Cream Sandwich in testing!), but we'll never be able to publish it through the play store again.

This means that the change that would be required to allow I-J-K versions of Android (SDKs 15, 16,17,18, the only versions that don't do TLS 1.2 "out of the box") can't be pushed out through trusted mechanisms. The Play Store won't let us build for phones that old, and phones that old need a special patch to make secure connections to modern web servers.

I'll note that you can buy used "stumble" phones for around $20 USD that will happily support play-store updates - in the mean time, we'll do our best to keep "oldroid" working, but consider this a warning that we won't be able to keep phones lower than "N" updated, and things will continue to stop working with 10+ year old devices as Google continues to make changes and force upgrades.
I understand, but it is such a shame Google is creating such unnecessary e-waste out of still perfect functioning hardware. Last year I bought some new batteries for my Samsung S2 and XCover 2 and Ican stumble quite some time without recharching.

For now I just hope you will be able to oublish an apk file.
I think I get their position - for anything more sensitive than hobbyist network-finding, it would be very hard to rely on the security of those old phones (I wouldn't want to connect to my bank, or really anything that handled sensitive info over TLS1.0 today, and probably couldn't). Android is a diaspora rather than a single hardware-mfgr ecosystem, but this means the older a release gets, the more "orphaned" handsets there are on it. At some point the support burden becomes prohibitive; we even find this with WiWiWa - we finally got to perform a number of library upgrades we'd had to wait on when we were "forced forward" - so this is a more efficient and more secure build than we've been able to release in a while.
ok folks - this fix is under review. I'll post again when the APK is ready.
A few notes:

- we're into sideload territory now, the play store won't allow support like this - loading this will be at your own discretion. Look up how to sideload an APK.

- yeah, this can't guarantee oldroid support for FOSS-only handsets. That would require an ongoing maintenance process to keep building in new libraries at creation time. I'm genuinely happy to help/coach someone who wants to do that, but I can't commit to doing that myself for the indefinite future for 10+ year old handsets.

- I have ONE real device where I can test this, and I have. It's a little wonky in that there's no way to track and confirm the TLS 1.3 download - so you'll trigger the error, it'll start downloading (make sure you have a network connection) and eventually it'll start working. I can't be sure a restart isn't required, but it shouldn't be necessary.

- I would LOVE to help get the community involved in maintaining this - there are loads of PRs between release 2.67 and the current app that COULD be ported/applied and tested (and probably rough edges that could be sanded off this hack) - but I'm not going to continue to work on this indefinitely (I have to keep maintaining and improving the current version).


https://github.com/wiglenet/wigle-wifi- ... g/pull/601
For the past few months, I've just been using the file manager to find the CSV (clicking upload makes a CSV, or you can "export run to CSV" from the database settings) and uploading that via the built-in browser. It's still easier than Kismet on my laptop. Maybe this work-around will help a few folks.
https://github.com/wiglenet/wigle-wifi- ... 4dae6f9569 by the way, if you want a signed APK that MAY force upgrade!
Thanks! The provided APK seems to work fine on both my old phones. It only gives a "login error, check password?" message after uploading the results to wigle net (and after syncing/dowloading the csv's uploaded from another device).

In the end both the uploads and downloads complete succesfully. So it seems just to be something cosmetic.
oh weird - just the first-time post install or continuously?
At every up or download action.
I don't think it is "something cosmetic". Yes, I have the same problem but… Better watch video: https://disk.yandex.com/i/ISW2eRQNfKOiUA
Tried with on/off VPN but the result is the same. The entered password is correct.

Installed your apk over FOSS 2.67. Lenovo A3300-GV, Android 4.4.2.
Image
We won't be able to support this under the FOSS branch - that would require a much larger binary, a different code path, and frequent rebuild/repackages to keep the integration working. I'm afraid the the oldroid hack is exclusively for devices that can still access and upgrade their network libraries via the (non-FOSS) Google Play support.

I will note that many devices rooted for FOSS can probably simply be updated to a FOSS Android image such as Lineage or Cyanogen with a TLS support stack that wasn't deprecated 10+years ago and won't need to use this binary.
Yes Same Problem version 2.67 Wigle on Android 4 .4. 2 - Oct 2022 Exception Error Unable to Secure a Connection with Wigle as per start of thread

Its a real shame that you cant upload the file directly from the app , I tried retrieving the CSV file and upload it from the Upload Dash Tab on the PC side its uplooaded

but hey it was a great to be able to do this via Wifi from within the APP Hoping that old Tablets can still be supported its usually the way in cheap Tablet with early Android version gets a lot of people started and generates a lot of data

Hope a solution casn be found :-)
per thread, the solution is sideloading the olddroid branch APK from our official github repo:
https://github.com/wiglenet/wigle-wifi- ... st/release

There is no solution relying on the Play store (nor will there be) - Google will no longer allow us to list apps that support 10+year old devices.
Now I can not connect neither via app nor via Chrome because of "invalid certificate". The website works only on PC. I don't think I must put my phone with Android 7 on shelf.
Are the connection problems all on a pre-Android 5 phone? The certificate core for those older phones may just not be able to handle newer trust-chains

(the limitation is NOT just our app, but the whole SSL library for Android)

41 posts • Page 2 of 3

Return to “WiGLE WiFi Wardriving Bugs”

Who is online

Users browsing this forum: No registered users and 6 guests