Windows 10 - "WiFi sense"

[ZenTree]

http://www.howtogeek.com/219700/what-is-wi-fi-sense-and-why-does-it-want-your-facebook-account/

This seemed like a cool idea for the first five seconds but then the security implications hit me. Basically if one of your friends decides to share the password they have for your wifi then it goes to all their friends.If those friends decide to share, it will again get shared out. That's already one hell of a lot of people who know my WiFi password.

Surely that will quickly spiral out of control with the number of wifi passwords your computer is holding, unless you have to know someone with X degrees/hops.

You cannot determine which friends have access, it's all or nothing.

The bit that made me laugh though was this:

"What If You Don’t Want Your Wi-Fi Connection Passphrase Shared?

You might not want to use Wi-Fi Sense. Bear in mind that the sharing is indiscriminate — if you use it, it will share access to your Wi-Fi with all of your Facebook friends without letting you pick and choose who gets access.

If someone connects to your network with a Windows 10 device, they can choose to share the connection details with all their friends — at least those friends using Windows 10. You can choose to opt out of this by changing your wireless network name, or SSID, to end with _optout. In other words, if your network name is currently “HomeNetwork”, Microsoft would like you to change the name to “HomeNetwork_optout” to opt out."

 

[JoeTech]

It sounds like the guy who decided users don't need a start menu thought this idea up as well. What is the point of having a password in the first place if you use this?

 

[glennd]

WTF?!?! is this one of the more insane, ridiculous ideas that microsoft has come up with?? They've spent how many millions of dollars in recent years trying to secure their operating system and then they do this? So if i read this right, once I let someone on Windows 10 into my network I lose total control over the security of my network?

 

[JustMe]

It is already a feature of Windows Phone 8.1... I've had it turned "OFF" since the upgrade earlier this year. I do not need nor want this feature.

 

[NETWizz]

Thanks I learn something new... it seems crazy in that it doe snot appear to have some sanity controls in place. A person should be able to securely share his or her WiFi credentials with select friends who NEVER need to know his key to use it, and it should NOT be something that can be re-shared.

 

[nlinecomputers]

Automatic Facebook Wardriving. Thanks Microshaft.

 

[nlinecomputers]

Damn so this means that Kevin Bacon will know my wifi password.

 

[HCHTech]

Damn so this means that Kevin Bacon will know my wifi password.

Thanks for the morning laugh - you are funny!

 

[nlinecomputers]

I just posted the article to my facebook page warning users that Kevin Bacon will know your wifi passwords. I hope the tag line is good clickbait.

 

[cypress]

I just posted the article to my facebook page warning users that Kevin Bacon will know your wifi passwords. I hope the tag line is good clickbait.

LMAO!!

 

[mraikes]

I'm astounded. I just can't imagine this feature actually surviving.

The developer that came up with this idea should be dope-slapped. The boss that approved it should be fired.

This re-enforces more than ever that Microsoft is actually run by twelve year olds.

 

[AliceKlaar]

Is MS trying to establish a "Windows Club" wifi MESH network using w10 as the infrastructure? Never mind the insecurity just think of the convenience

At what point does using a password shared by friends of friends of friends to connect to the original owner's AP become "unauthorized access"?
Reminds me of the bad ol'Everyone" access permissions that included anyone who could connect

 

[nlinecomputers]

This is why you need a guest mode on your router. If your router doesn't offer that ditch it and get a new one. And change the password once a month on it.

 

[A/CPC]

MS and WH (White House) must have collaborated. Something this stupid has to be WH policy.

This is why you need a guest mode on your router

I have the wireless on my main router turned off and use the wireless on one of several subnet routers I have for outside machines. I've never liked the idea of a wireless nw that has access to my business nw.

 

[A/CPC]

At what point does using a password shared by friends of friends of friends to connect to the original owner's AP become "unauthorized access"?

And this is the really stupid part...a stupid idea that completely ignores the solid principle of user-retained control of his own pw. Nope. It's all in. Everyone can access your nw. It's either presidential level stupidity or a plot of the same sort. No middle ground there.

 

[ohio_grad_06]

Thinking what I may do is to connect a second router that will be secured only with a simple password that is wired to my main router. I'll simply turn the secondary router off much of the time, but if someone comes over, flip it on, give them that password. When they leave, turn that router off again so that network does not exist any longer.

 

[Markverhyden]

Is MS trying to establish a "Windows Club" wifi MESH network using w10 as the infrastructure? Never mind the insecurity just think of the convenience

Yep, I'm sure there are many that would be thrilled at the simplicity it presents. LOL!!!

 

[unclemarv]

Also remember that Comcast is letting anyone with a Comcast account connect to any Comcast wifi modem. I'm sure all the other providers will follow soon. So at some point it won't matter... unless you get your own router... your on access point...

 

[nlinecomputers]

Also remember that Comcast is letting anyone with a Comcast account connect to any Comcast wifi modem. I'm sure all the other providers will follow soon. So at some point it won't matter... unless you get your own router... your on access point...

Really? Sh-t. We don't have comcast here, thank God but that really sucks.

 

[Markverhyden]

Also remember that Comcast is letting anyone with a Comcast account connect to any Comcast wifi modem. I'm sure all the other providers will follow soon. So at some point it won't matter... unless you get your own router... your on access point...

I saw this early last year. When they started they were installing a separate AP for the "public" access part. Now they do not even bother with that. They just have a second WLAN on the same device. Based on my previous conversations there is nothing a EU can do about it. Part of their new T&C's.