This is: http://www.berklix.com/~jhs/src/bsd/fixes/FreeBSD/src/gen/usr.sbin/wpa/wpa_supplicant/wpa_supplicant.conf.5.REL=13.2-RELEASE.diff *** 12.3-RELEASE/src/usr.sbin/wpa/wpa_supplicant/wpa_supplicant.conf.5 Sat Jun 10 12:51:35 2023 --- new-generic/src/usr.sbin/wpa/wpa_supplicant/wpa_supplicant.conf.5 Sat Jun 10 12:54:45 2023 *************** *** 139,144 **** --- 139,154 ---- technique 1. Beware that this technique can cause scanning to take longer to complete, and exposes the list of configured network SSIDs to eavesdroppers. + .br + Security Caution: If you assert scan_ssid=1 (Instead of default scan_ssid=0): + .in +2 + Instead of just sending a broadcast Probe Request frame, + FreeBSD would also send directed Probe Request frames with specific names. + Those network names would be observable to hostile 3rd parties, + & could be abused as per + http://www.bbc.com/news/technology-28891937 + http://lists.freebsd.org/pipermail/freebsd-wireless/2014-October/005097.html + .in -2 .It Va bssid Network BSSID (typically the MAC address of the access point). .It Va priority