Windows 10 Wi-Fi Sense is a bad idea
-
@anonymous said:
@JaredBusch said:
Do not try to push it on the user. That is a cop out long the lines of "Just blame the user for not reading the EULA."
If you ran someone over would you blame the car?
This is being run over by someone who wasn't driving the car but once drove a car in the same parking lot that this one was in last week.
-
@anonymous said:
Me too, but isn't the risk the same? How do you know they can't use the Guest wifi to access your main network? What if they torrent? Seems like you would be safer to just not let anyone on your network.
I monitor my AP like any trained person would do. Yes, user will not, but I do. I don't care if they torrent. I have logs and proof that just because it was my IP, it was not my device on my private network.
-
Cars are things that people generally understand. At least at a high level. Computers are not. You never drive a car without knowing that hitting a person with it will run them over. If you don't understand that you aren't allowed out in society at all. But easily 90% of the population has no idea how a computer works and certainly not how this works. Already, just in this discussion, three active IT professionals are not in agreement as to the security implications. If it isn't completely clear to professionals in the field, it's out of the question that end users can be accountable for it.
And think about what I was talking about earlier on the other thread, the kinds of crazy being posted tonight in another community. Thread after thread of IT pros doing things that are so "not understanding what the computer is doing" that understanding something like this is a full order of magnitude more complex.
Nearly all end users and at least more than half of IT professionals rely not on understanding how something works but on a summary of "it's safe" or "turn it off".
-
Overall, I think that there is some merit to this idea. But my primary concerns are that it is too easy to share something that the person doing the sharing does not understand and the security implications of it are very complex.
When you share a password with someone, it is incredibly and tangibly obvious that you should own that password and share it only when you mean to share it. It is also very obvious that when you change the password, access to the network stops until you regrant access.
This changes the safeties that have been in place for end users since the dawn of WiFi. It is far more abstract and the triggers of "this is granting someone access", "I should not give away something that is not mine to give away" and "changing a password breaks other people's access" are all gone. It makes security more complex and as we well known, security and complexity are enemies. True security requires simplicity.
-
@JaredBusch said:
@anonymous said:
Me too, but isn't the risk the same? How do you know they can't use the Guest wifi to access your main network? What if they torrent? Seems like you would be safer to just not let anyone on your network.
I monitor my AP like any trained person would do. Yes, user will not, but I do. I don't care if they torrent. I have logs and proof that just because it was my IP, it was not my device on my private network.
That will never hold up in court. You are responsible for everything downloaded and uploaded.
-
Another scenario to consider.... multiple device locations. How do you cut off someone from getting access to a network when you have several devices that might be sharing the connection? Remember, don't think like an IT pro, think like an end users. How do you find and identify every device that may be sharing out password information. Given that, I assume, there is a natural and almost instant cascade of access once a password has changed, you might literally get into a scenario where you aren't sure how to cut off access to someone without either removing them from other systems (Facebook, Skype, etc.) or turning off WiFi completely. I could easily see end users getting into a situation where the literally can't figure out how to stop someone having access to their network.
In this age, many people have no access except for WiFi. Not us, not IT Pros, but normal people depend on it pretty heavily.
-
All the examples given here are a long shot at best.
-
@anonymous said:
All the examples given here are a long shot at best.
Most big hacks were socially engineered long shots.
-
@anonymous said:
That will never hold up in court. You are responsible for everything downloaded and uploaded.
That's not true. Being hacked is not a crime. Being careless is, potentially. You can't really think that someone breaking into your house or splicing your cable and using your connection is your responsibility in court. It just isn't. You might need to prove it wasn't you, but no court has ever held someone accountable for being a victim unless there is no reason to believe that they were. If you are aware of any case where that is not true, let me know, but it goes against all US laws and makes no sense.
-
@anonymous said:
@JaredBusch said:
@anonymous said:
Me too, but isn't the risk the same? How do you know they can't use the Guest wifi to access your main network? What if they torrent? Seems like you would be safer to just not let anyone on your network.
I monitor my AP like any trained person would do. Yes, user will not, but I do. I don't care if they torrent. I have logs and proof that just because it was my IP, it was not my device on my private network.
That will never hold up in court. You are responsible for everything downloaded and uploaded.
Actually, it will. That is the point of logs. I can PROVE the MAC address and such of the device and what local IP it had at the time, etc.
Also, as I said I monitor my AP. SO I can show that I blocked said device also. -
@anonymous said:
All the examples given here are a long shot at best.
No, I gave one that happened. Only thing that kept it from being a problem was that it wasn't Windows 10. Literally, only thing.
Not long shots, actual scenario in the last two months. Just the first one that I thought of.
-
@JaredBusch said:
@anonymous said:
@JaredBusch said:
@anonymous said:
Me too, but isn't the risk the same? How do you know they can't use the Guest wifi to access your main network? What if they torrent? Seems like you would be safer to just not let anyone on your network.
I monitor my AP like any trained person would do. Yes, user will not, but I do. I don't care if they torrent. I have logs and proof that just because it was my IP, it was not my device on my private network.
That will never hold up in court. You are responsible for everything downloaded and uploaded.
Actually, it will. That is the point of logs. I can PROVE the MAC address and such of the device and what local IP it had at the time, etc.
That's how hotels and other open services handle it. Otherwise we could also say that we can never be responsible because the ISP is responsible. It is through this exact same process that they pass the buck on to you. And then you on to others.
-
@JaredBusch Aren't you concerned that Microsoft is still storing your password somewhere?
Just because you stop sharing it, doesn't mean it wasn't already exposed.
It seem to me the only way to make sure your secure, is to change your wifi password.
-
As a technical hack, it looks like this is a hard one to break, but certainly possible, like anything. The fears here, I think are this:
- it makes social engineering much easier. A focused social engineering attack is made easier by this being just another tool for social engineers to use.
- It makes it trivially easy to accidentally give away access to things you shouldn't be giving away (like access to the wifi at a lakehouse you rented, to your neaighbours house, your parents, etc.) Things that you would never give away broadly, but you wanted to share with family members or your other devices or you just click "share" out of habit.
-
@anonymous said:
@JaredBusch Are you concerned that Microsoft is still storing your password somewhere?
Just because you stop sharing it, doesn't mean it wasn't already exposed.
It seem to me the only way to make sure your secure, is to change your wifi password.
And that was my other point, is that reliable now that there is an automatic cascade of your new password to all kinds of devices and people? I'm not sure how this works and end users certainly won't. Automatic sharing from multiple devices might cause exposures that they aren't expecting or can't find.
-
Let's remember that You have to manually opt into every Wi-Fi network that you want to share.
For every network you join, you'll be asked if you want to share it with your friends/social networks.
By default, if you choose Express Settings during the installation process, Wi-Fi Sense is turned on in Windows 10.
However, it doesn't actually do anything until two things occur:
-
First, you need to sign in with a Microsoft account. Wi-Fi Sense won't work with a local account.
-
Whenever you connect to a new W-Fi network, it asks if you want to share it with other people.
-
-
@JaredBusch said:
@anonymous said:
@JaredBusch said:
@anonymous said:
Me too, but isn't the risk the same? How do you know they can't use the Guest wifi to access your main network? What if they torrent? Seems like you would be safer to just not let anyone on your network.
I monitor my AP like any trained person would do. Yes, user will not, but I do. I don't care if they torrent. I have logs and proof that just because it was my IP, it was not my device on my private network.
That will never hold up in court. You are responsible for everything downloaded and uploaded.
Actually, it will. That is the point of logs. I can PROVE the MAC address and such of the device and what local IP it had at the time, etc.
Also, as I said I monitor my AP. SO I can show that I blocked said device also.The difference with getting breached through this WiFi Sharing is that you actually gave out the password voluntarily.
-
Most people give out their Wi-Fi keys freely. You could even argue that Wi-Fi Sense is more secure: if I ask Adam for his Wi-Fi password, I am free to give it away to anyone. If I receive the password via Wi-Fi Sense, I can still connect to Adam's network, but I can't tell anyone else the password.
-
@anonymous said:
Most people give out their Wi-Fi keys freely. You could even argue that Wi-Fi Sense is more secure: if I ask Adam for his Wi-Fi password, I am free to give it away to anyone. If I receive the password via Wi-Fi Sense, I can still connect to Adam's network, but I can't tell anyone else the password.
Yes, that's what I said.... this is so insecure that the justification for it in the article was to point out that most people already are insecure, so the vulnerabilities exposed here just don't matter. To me, this is the same as admitting that it is a horrible idea or else they would have no need for this argument. This isn't stating that it is secure, nor even suggesting it, it is just saying that most people screw up security so badly that this doesn't really hurt anymore.
But that's only talking about their home networks. As the same article points out one line above this quote, if that same treatment happens with a business network it would be really bad.
You just quoted the same line that I used a page back to show how the article didn't wind up being positive in their take on the technology. They try to spin it well, but ultimately they have no faith in it either by way of having no faith in the people who will use it.
-
