Security → Windows 10 feature, Wi-Fi Sense

"A Windows 10 feature, Wi-Fi Sense, smells like a security risk: it shares WiFi passwords with the user's contacts. higglty piggeltey that makes good sense

Wi-Fi Sense has been on Windows Phone since 8.1

Those contacts include their Outlook.com (nee Hotmail) contacts, Skype contacts and, with an opt-in, their Facebook friends"

»www.theregister.co.uk/20 ··· i_sense/

Words fail me.

Did someone at Microsoft suffer a head injury to allow this?

I could understand a share button so if a firend is at your home it could toss the key over securely and give the storage of the key an expiration, but just sharing it.

As they say in the South, this is just dumber than dammit.

No Win10 for me.

MS_optout; Read about this lovely feature a while back and it gave me a chuckle. MS will wind up with a goldmine of wireless info, businesses and homes alike. So has this been occurring in the current Win10 builds as well?

When will Google release something equivalent in nature to tie together the Googlesphere?

»www.technologyreview.com ··· -tablet/

They have to get in on the cash cow.

That's irrelevant because nobody owns a Windows Phone. Microsoft could push out an OS update that turned every Windows Phone into a bomb and nobody would be around to care.

Problem is, this feature impacts people who don't even use Windows 10. Let a friend onto your WiFi with a Windows 10 laptop? Congrats, all his Outlook, Facebook, and Skype mutual contacts just got entry onto your network.

You can "optout" your network: »www.windowsphone.com/en- ··· fi-sense

A feature like this should be on an opt-in basis, not opt-out!

Looks like Microsoft is trying to make Windows 10 fit in to the whole social networking, sharing, mobile scene.

Personally, I'd rather the OS not have such functions by default, and add them in if desired through add-on apps (these could even be official apps made by Microsoft).

Now the fun begins when another service defaults to Opt-In, but needs a separate string in the SSID to Opt-Out. Maybe my future SSID will be

Henry_optout_notrack_leavemealone_goaway_amazonsuperprime

What a pathetic website, it's secure, but the feedback form is non-secure so it gets blocked by real browsers. Another brilliant move by Microsoft.

Edit: Correction, across the board it was blocked. Firefox, Chrome, IE, and Edge all blocked the feedback form.

You can disable the option during the initial install process if you don't go the "Express Setup" route. It's pretty painless. Surely there is a way to disable it post-install as well.

For your computers, certainly. Now, how does one guarantee that all friends/family/etc. that visit & use WiFi on your network don't have that feature off the recommended default?

True

Edit: Although ArsTechnica offers this bit of information: »arstechnica.com/gadgets/ ··· -scared/

Ed Bott from @ ZDNet.com dispels some of the FUD.

quote:

---

Yesterday, tech sites went full Chicken Little over a Windows 10 feature that allows you to share your wireless connection without having to give away your Wi-Fi password. If only those alarmists had actually used the feature first...[...]

---

»www.zdnet.com/article/no ··· ty-risk/

»twitter.com/edbott/statu ··· 47076098

Regardless of what Ed Bott has to say about this feature, it still makes me wary.

I have to reinstall the OS on my husband's laptop and was thinking about "upgrading" to Windows 10 but am not sure now.

I'm confused about having to add _optout to my multiple SSIDs and the actual Windows 10 settings for the Wifi Sense feature. Does one have to add _optout to the SSIDs AND disable the Wifi Sense feature in Windows 10 settings to fully disable this feature? And what if there are no Windows 10 computers on my network, do I still have to add _optout to my SSIDs? Sorry if these are silly/stupid questions, I am just really confused right now.

If you don't have any Windows 10 or Windows phone systems accessing your network, you have no no Wifi Sense feature, so you shouldn't have to add _optout to your router's SSID.

I'd add another question;
Will turning off SSID broadcast cripple this 'feature'?

You can opt-out of sharing your WIFI to your contacts when you do the upgrade. Choose customize setup then pay attention to the options it presents. One of them is sharing your wifi to contacts, I just don't remember the exact words but its there.

Bluepoint, can you clarify for me when having to add _optout comes into play? Since we can optout during the upgrade process. Still a little confused.

The "_optout" appended to the wireless SSID name supposedly triggers WiFi Sense to ignore using the WiFi Sense feature on that wireless connection. Here is how Microsoft puts it with respect to the Windows 8 Phone:

However, you might decide that you don't want Wi-Fi Sense to be able to do these things on your Wi-Fi network. To opt your network out of Wi-Fi Sense, you can change your network name to include the phrase _optout in it-for example, mynetwork_optout. (The network name is often called the SSID.)

Really? Instead of turning off that new Windows feature in Windows OS itself now we have to mangle our SSID names in our routers?.. Who is that arrogant idiot, who has deigned that feature?

I think what a lot of people are confusing here is the client/network separation. A lot of people are saying "Well, it's available through this screen, that screeen, etc, it's this by default" but aren't looking at this from a network management standpoint.

One thing you learn quickly, especially in enterprise networking is that adhering to standards is important and critical to maintain a sane, stable network. Standards to implement authentication/crypto (e.g. WPA2), standards to establish the physical radios and how they communicate (802.11), things like that. When you start getting vendors all doing their own thing that do not comply with any kind of standard, it makes it very hard to maintain a secure network that you have control of. Wifi Sense is not a standard contrary to what Microsoft is attempting to convey, it's a propretary technology being imposed upon networks with users as the proxy.

When you own and have a wifi network, you implement and manage the network in a secure manner. It is your right as the network owner who purchased that hardware, and pay the service provider to be in control of how your clients authenticate and to be in control over authentication tokens, even if you hand them out like candy. What is Microsoft's right to process authentication tokens that they are not privy to? I'm sure there are many network owners who never agreed to the Windows 10 EULA and thus have no contractual obligation to Microsoft on the matter to allow them to process the tokens.

For all intents and purposes from the perspective of a network owner (not user), Wifi Sense is a form of thinly veiled keylogging of authentication tokens for wifi networks. A confused user who thinks "sharing is good" will opt to share networks they do not own, there's no controlling that when it becomes a central feature of the OS. As a network owner, it is my responsibility to treat Wifi Sense as an attack on my network and to treat Microsoft as the attacker and act accordingly.

Part of that "acting accordingly" is to treat WPA2 Personal/PSK as weak and to implement RADIUS, even on personal networks. Microsoft has drastically damaged WPA2's effectiveness by attacking it in such a manner.

This along with the p2p Windows updates tells me that Microsoft is trying to cut network owners/administrators out of the picture and itself is trying to strong-arm its views on how third party networks are to run. Microsoft no longer recognizes the authority of network owners over infrastructure that the owners paid for.

Microsoft has violated one of the core tenets of the Internet that makes it a decentralized network of networks: "Your Network, Your Rules". Microsoft thinks "Your network, run under our rules".

Here's the Wi-Fi Sense for Windows 10 FAQs.
»windows.microsoft.com/en ··· ense-faq

I like this question.

quote:

---

There are a few networks around me. How does WiFi Sense determine which one to connect to?

There are times when a few WiFi networks will be in range. When this happens, WiFi Sense will try to choose the best one to connect to based on several different factors. It considers if other people using WiFi Sense have connected to it, if it's a network that you've connected to on your own, whether it's password-protected or open (password-protected networks are given preference over open networks), if it's provided by your mobile operator, and if it's been shared by a contact. Along with those things, it considers the signal strength and quality of the network to try to give you the best WiFi connection at that time.

---

I think the way to do Wi-Fi is to share the password through the zero-knowledge messaging system, Wickr.

My concern now is does google parse the _nomap (»support.google.com/nexus ··· 32?hl=en) when it comes to a _? does it have to be at the end? does microsoft parse at the _ or the end? can I name the ap whatever_nomap_optout or should I name it whatever_optout_nomap...

If a Win10 user wants to connect to my network they are going to have trouble. Depending on how I feel at the time I will either refuse to give it or give the wrong password. If I have to get a Win10 device online the password will be changed later.

It's my network and I have spent time and effort securing it to the best of my ability and if MS want to play silly buggers they can but it doesn't mean I have to roll over and accept it.

Yeah preventing Win 10 access is one way to deal with it.

The problem with WiFi Sense isn't one giving out the password to someone they trust, its the other person giving the password to untold numbers of other persons while that one person is connected to your network. With WiFi Sense one can do so easily by ticking one check box, and from that point anyone on THEIR contact lists who happens by your network prior to you changing the password will have potential access thanks to WiFi Sense.

Obviously there are other ways for someone you give the network password to, to spread that password. And there are obvious ways to try and mitigate this potential security issue, but thanks to Microsoft who created this potential security issue it exists and its one more potential security issue some will have to deal with to control access to their network(s).

Right. Generally speaking I don't mind giving my WiFi password to guests, because I trust them to not deliberately tell anyone else. But I'm not sure I trust them to have set up their Windows system to not hand it over to a few hundred of their closest friends.

Before I let guest Win10 systems on, I suppose I'm going to have to create a separate VLAN/subnet/whatever for them.

Or I could just remember that the signal is not too strong at the bottom of my driveway

I'm over-reacting? Oh well, it's not the first time I've been called a control-freak and paranoid for wanting to protect my stuff.

Good read, but then I'm at the mercy of my friends connecting to the network not doing something silly like enabling that option. Typically the risk factor of letting guests onto your networks never included this new potential problem.