Insecure configuration of the eduroam WiFi:
TUM-access data can be read by Android
Here, the TUM-user name and password can be read out without the users noticing. Check your device’s “settings“ to check whether it has a vulnerable version installed. Depending on the manufacturer, you should be able to find the relevant information under menu items such as "About phone" / "About tablet" / " Phone info" or similar. If you are using a Samsung device, select the "Options" first to access the device information.
If you have Android 4.X installed, select the eduroam configuration-button to see whether "not specified" is selected for the CA certificate. If so, the necessary "Telekom Root CA certificate" is missing.
Important: protection by screen lock
If there is no active certificate, please proceed as described in this manual to install the "Telekom Root CA certificate ".
Note: In order to use certificates on an Android device, the device must be protected by a screen lock (PIN, pattern, etc.). If this is currently not the case, you will be prompted to set up a screen lock during the installation of the certificate. The lock can then only be disabled later if you delete all installed certificates.
The TUM’s IT-support can help
Eduroam is a free, campus-wide Wi-Fi network (also accessible in parts of the inner city) for all students. Click here for instructions on how to set up eduroam with earlier versions of Android or other operating systems.
If you have any questions or are unsure what to do, please feel free to contact our IT Support at firstname.lastname@example.org