Unable to secure connection with WiGLE

Issues with the Android network detection software. Please include Software version, Android version, and device when reporting

42 posts • Page 3 of 3
Are the connection problems all on a pre-Android 5 phone?
I have some different devices and can explain in details what's going on:
- Android 2.3.6 (you kidding?) well, let's skip :roll:
- Android 4.4.2. As mentioned above, WiGLE app is "Unable to connect". In Chrome there is an error "the site's security certificate is not trusted" but when I click "proceed anyway", the website loades as a plain text. In stock browser the situation is almost the same but I click "continue" twice, and the page is loaded. But I try to login and page just reloads.
- Android 5.1.1. App is "Unable to connect". When I try to open wigle.net in Chrome I got "err_cert_authority_invalid". There is no possibility to proceed (I can't remember if there are any other website I opened with Chrome on my phone with Android 7.0 and got this screen).
- Android 6.0.1. Same as 5.1.1.
- Android 7.0. In the app when I try to update news or uploads, I got empty screen, eternal loading or message "Download failed: result was not saved". In Chrome - as on 5.1.1.
- Android 7.1.2. The app works fine. The website is loading but my Chrome is buggy and crashes almost after opening :lol:
- Android 11. App is fine, website is fine.

When I try to open the website on Windows:
- Opera 12 (don't ask why I have it, dunno as well) returns "error (70) from server".
- Chrome 35 opens as a plain text. However, on Security tab in console I have "Certificate - valid and trusted", "Connection - secure (strong TLS 1.2)", "Resources - all served securely".
- Chrome 69, Chrome 104 and Chrome 119 open it normally. Security tab is the same.

P.S. Interesting stuff, "ping wigle.net" in cmd ends with 100% packets loss on both Win 7 and 10.
Image
This starts being a surprise at Android 5.1.1 and up (the earlier versions simply can't get the correct cert authority chains.)

1. Chrome versions matter here - I don't know how far back the Chrome versions could handle the newer cert chains, and when devices on those Android versions stop getting updates. If there's a chrome update available, that could make all the difference. Unless Google makes an exception for Chrome, they can't even list upgrades in the play store that can help versions before Android 7.
2. Check date and time on these devices - if the clocks are wrong, it's possible that even with a valid cert chain, they'd still reject.
3. After doing those two things, clear your cache.

You might also be encountering problems with CSP (content security policy), but I don't know that there's a good fix for this in old versions of Chrome.

Sadly, my last Android 5.1 phone won't boot anymore, can't seem to test the chrome problems there. The site loads fine for me under Android 7.
Chrome versions matter here
Updated Chrome on Android 5.1.1 fron v46 to v95. And the website now opens as it should be, even without cache cleaning. Couldn't do the update for Android 7 (this phone is slightly far away from me right now) but I think the result will be the same.

Based on this, I think there should be a fix for WiGLE app that allow Android from 5 to 7 work with new certificates since Chrome can do this?

Sure, I can "export run", then open Chrome and upload .gz via the website (like I used to do on 4.4.2) but, you know…
Image
The fix is the APK mentioned above in this conversation - when you upload, that will try and prompt Android to install the new cert chains (and updated Play libraries), but this is a short-term fix. Google has already stopped supporting these releases, and won't update the Play services indefinitely.

- There won't be a FOSS/F-Droid build that does it, since that would require continual upkeep effort - we'd have to make new builds to update the certs in perpetuity.
- We can't distribute a patched version in the Play store anymore- Google won't let us release software that supports these builds any longer. You have to load the APK yourself.
Glad I found this thread.

Having upload issues on android 5.0.2 for about a week.

Going to try olddroid now 🤞
Forgot to post back. The olddroid version is also not working for me. Looks like my only 5ghz phone needs to binned.

The positive is I was about to buy a new battery for it, so at least I haven't done that yet.
I have the FLOSS version currently installed [which can't successfully upload] on Android 7.x

Trying to install the above-mentioned APK results in "
Application not installed: Package seems corrupted.
" I guess F-Droid isn't able to install the APK (not sure how to force APK-opening with PlayStore btw)
oh... I also lost my local database by removing the FLOSS version in order to install the PlayStore one (for no gain since the later doesn't even allow me to log in : `api.wigle.net: Unsuccessful WiGLE Token request: Authentication failed: 999`)
ah shoot. a note here for everyone:

PLEASE, BACK UP YOUR LOCAL DATABASE BEFORE UNINSTALLING THE APP.

Part of Android's recent-ish filesystem requirement is removing all application files upon uninstallation. (they make exceptions for external storage, but they've limited that to docs and images now).

For what it's worth, you can re-incorporate the data at the address level using the "restore nets" in the database tab, or at the detail level by visiting the downloads page (and tapping each button to bring the file onboard) - but this works when and if you can log in. The error you're reporting doesn't look like an SSL error... have you tried using the QR code option to log in?

Postby gib » Wed Nov 29, 2023 11:20 am

Got the authentication to work (using QR Code, sorry for the noise), but attempting to "import found networks" leads to a CertPathValidatorException (Android 7.0)

Image

Other screens seems to fail ("news" and "stats" for example)
Attachments
a.jpg
a.jpg (97.44 KiB) Viewed 61251 times
The apk versionen is not working on my old samsung galaxy tab s2 either.
We appreciate the reports, but we're leaving this forum unlocked for the benefit of the community, and in case someone wants to devote time and effort to resolving some of these issues. Pull requests are always welcome (to the github "oldroid" branch in this case), but we just can't support phones so old that they can't patch security problems that were solved more than 10 years ago. ;)

practical summary:
  • the "oldroid" APK on github will try and install certificate chains on Android phones WITH GOOGLE PLAY support. This solves the problem for an increasingly narrow set of android 4-4.3 phones.
    the "oldroid" branch does NOT currently help with JellyBean and older "google-free" Android phones - to fix to do this would require a continual effort to update, package, and distribute certificate chain updates with the application, which isn't practical for us to do for this hobby project.

42 posts • Page 3 of 3

Return to “WiGLE WiFi Wardriving Bugs”

Who is online

Users browsing this forum: No registered users and 2 guests