Hello,
Is there a way to disable the ability to show statusbar while device locked?
Is a security flag due to any can enable WiFi then scan the networks you've stored then replicate the name of one of them then "invitate" the device to connect to him and access your comms (via a Man-in-the-Middle attack).

    [deleted] A fake access point won't know the pre-shared key of the real one, so your device won't associate (you'll be prompted for a password, which you won't know).

      I just tested on my fully updated P7.
      Only things I can change without unlocking are: Flashlight (both on and off), Do Not Disturb (On only), and Night Light (both on and off)
      No network functions - Airplane, BT, WiFi, etc are accessible when locked

      de0u pretty sure that is possible to use a pinneAP to accept all connections without checking the password, that is send from the client to the AP not from the AP to the client.

      • de0u replied to this.

        de0u Well, I read. Following this article isn't unsecure to maintain WiFi toggle always on if I don't wrong. Is that correct?

        • de0u replied to this.

          [deleted] Depends on your threat model.

          If you are concerned about the Wi-Fi firmware maybe having a bad buffer-overrun vulnerability (or some other RCE), then having Wi-Fi off more often might be good.

          Or if you're worried about somebody fingerprinting you by guessing your home AP SSID and confirming the guess if your phone tries to associate...

          Personally I leave my Wi-Fi on. I'm sure others don't.

          It might be good to write down a list of your concerns and non-concerns. Many countermeasures cost convenience/attention, so if a countermeasure protects against a threat you're not worried about, you might be wasting effort (which might be better spent on something else).