Remove aircrack-ng
I couldn't find traces on GitLab of us discussing the relevance of still including aircrack-ng in Tails.
I understand that we've included aircrack-ng (since the first commit) because it can help getting online by cracking a Wi-Fi password. In that sense, it wouldn't work as much to rely on Additional Software because it could stop being installed after some time when offline only.
aircrack-ng:
-
Was super effective cracking WEP password in the early 2000's (ah, those wardriving nights!). Since then, WEP was deprecated in 2004.
-
Can still be effective against WPA2 with weak passwords with quite more luck, time, and computing power (capturing the 4-way handshake).
-
Is not effective against WPA2 with strong passwords, which have become the default in all the domestic routers I've seen.
I found some stats on the encryption of Wi-Fi networks that say that WEP is still used in 2.7% of networks, but I'm not sure how these are calculated: https://wigle.net/stats.
Also:
-
Free Wi-Fi in general has become much more common in public places in my experience.
-
"Semi-free" Wi-Fi has become more common and less protected in private places like restaurants, cafés, and such.
-
Mobile data has become much cheaper and ubiquitous.
So I'm wondering in which scenario, a Tails user would have a better time (and the technical skills) to crack a WEP or weak WPA2 password than using an authorized Wi-Fi network or their mobile data.
Looking at the Git history we have had to remove and add back aircrack-ng a couple of times during Debian updates, so the maintenance cost has not be zero.
Removing and reinstalling aircrack-ng in Tails 6.17 asks for around 500 kB of download data. No big deal. So let's remove it only if it's an easy decision to make.