ESP8266 Community Forum

- Sat Jan 17, 2015 1:18 pm #7526 I found this video and it is interesting to see how wifi being configured. Can we implement this in ESP8266?

https://www.youtube.com/watch?v=fxP9hnZysgo

- Sat Jan 17, 2015 2:08 pm #7534 Well, TI are obviously very proud of their 'SimpleLink' TM - and say they have patented it. So that's one barrier to implementing it right there.

Secondly, just watching that video made me sick. I mean, you have to craft a 15-20 character 'special-string' that includes your access point ssid and password, and then send that over the air?

Oh - but no - following some obvious criticism of this 'KISS' - so simple we didn't bother with security - now they have got some modest amounts of encryption (so long as the bad guys don't try to reverse engineer the initial config apps to get the key).

So my understanding is that the process in the video has been replaced with a dedicated app you have to run. Then you need to press a button on the device to initiate pairing!!

You can read more about it here: http://electronics.stackexchange.com/questions/61704/how-does-ti-cc3000-wifi-smart-config-work

A much better approach would be for the ESP to create an AP - something the CC3000's seem unable to do - then you visit that AP and configure your wifi from there. No crazy 20 character strings to compose - no dodgy beacons with security by obscurity!!

We're working on this and have some code that now - creates an access point, scans available stations, presents a list of stations to join, accepts a password and then programs the ESP and reboots. see https://github.com/hamishcunningham/fishy-wifi/tree/master/joinme for our code.

We'd like the page to be made available over https and also to act as a captive portal - but as it is, it works.

UNLIKE TI, I would like to make it absolutely clear that (at the moment) there is no security on this process, and anyone sniffing traffic would be able to see your ssid and password sailing by in plain text.

But I think it is already quite a bit more simple than other, more heavily trademarked, approaches.

G

- Sat Jan 17, 2015 2:27 pm #7537 It should be fairly easy to implement on ESP, just scan and search for a specific string in the AP name, if available then parse the name and save it then connect.

EX: My AP Name:::Password and search the names for :::

I would say this approach is much better than creating an AP with ESP, imaging you have 10 sensors that needs to be updated, how will you know their DHCP IP? and if they are all on they will all use the same IP as far as I know. so if you connect to 192.168.1.4 which ESP would you see? I think you will need to turn them on and configure them one by one .

With smart link you should be able to let them all join at the same time without any hassle.

Also for bit securing your password, you can put them in reverse and organize them through code, or maybe do some find and replace techniques.

- Sat Jan 17, 2015 2:48 pm #7540

It should be fairly easy to implement on ESP, just scan and search for a specific string in the AP name, if available then parse the name and save it then connect.

I think you (or I perhaps) have misunderstood the process (remember this is now obsolete - they have replaced it with the smartconfig application). In this old process, the ssid and password were put into the AP name for a hidden access point discovery. So you need to sniff for beacon traffic that's broadcast - quite different from doing a scan of access point names.

Yes, there are cases (such as multiple sensors configured all at once) where TI's approach (once it is secured) can be better perhaps.

Don't forget that if you did have a dozen sensors to configure, then they would all be creating their own access points. They all create DHCP servers and all have the same IP, just one per network. So you could join them one by one, select the wifi network and enter the password. Or you could script it using command line tools and nc or use Selenium etc.

The great thing about wifi in general and using a browser as well is that these are standards that aren't owned by any one company and aren't going away any day soon. I'd far rather have a method that works in the browser than have to use some app, maybe I don't trust to install on my device, maybe I'm in a corporate network where I'm not allowed to install random apps and give them the wifi passwords!!

Also for bit securing your password, you can put them in reverse and organize them through code, or maybe do some find and replace techniques.

Erm, well, lets just say that I don't think this is much security