I have an access point using PSK encryption. NetworkManger works as expected. The key has been saved and after every system startup NM automatically established a connection to the encrypted network.

Now it happens that i completley switched of encryption by mistake. After the next reboot, NM established the connection to the unsecured network without any warning. In my opinion this is a security problem. I can think of two scenarios:

* You are allowed to connet to a secured network and trust all other participants on that network. Now, by mistake, the encryption is disabled by the network administrator. You still send confidential data over the network without knowing that everybody can evesdropping.
* Maybe this problem is also usable for an active attack: Is it possible to provide an access point with the same ssid / (MAC?) in a way, that it 'shadows' the proper access point?

Once a connection was established to a encrypted network, there should at least a warning if that encryption no longer exists (changed?).