Open Radar

 
Summary:
Enterprise environments that use 802.1x configurations are unable to configure their devices to automatically ignore previously joined wifi SSIDs where the security settings do not match.

Steps to Reproduce:
1. Configure a device with a com.apple.wifi.managed profile and specifying Auto Join as True
2. Have the device connect to your real SSID at least once so it appears in the "Preferred Networks" list
3. Create a rogue SSID that has the same name but is open/without encryption
4. Wait for device to attempt to auto-join the network

Expected Results:
As our profile dictates the security settings for the network and Auto Join is true, then a network with the same SSID but different security settings should be silently ignored. Additionally when the user attempts to manually join the network from the menubar, they should be presented with a dialog stating it’s disallowed by their system administrator.

Actual Results:
Users are presented with a dialog stating: "<SSID> was previously joined as WPA/WAP2 Enterprise, not <wrong security setting>. Are you sure you want to join this network?" and given a "Cancel" and a "Join" button with Join marked as default.

This is an insecure option. If the rogue SSID is configured as "WPA2 Personal" for example, the average end user doesn't understand the difference between that and "WPA2 Enterprise" and is completely unaware that they are potentially under attack by someone attempting to monitor their network activities.

There should be a configuration option like "Don't join remembered networks if the security options have changed" which is manageable via a profile that will allow for silent ignoring of rogue SSIDs of this fashion plus disallowing if user manually attempt to join the network.