Windows 10 Wi-Fi Sense is a bad idea
-
Another scenario to consider.... multiple device locations. How do you cut off someone from getting access to a network when you have several devices that might be sharing the connection? Remember, don't think like an IT pro, think like an end users. How do you find and identify every device that may be sharing out password information. Given that, I assume, there is a natural and almost instant cascade of access once a password has changed, you might literally get into a scenario where you aren't sure how to cut off access to someone without either removing them from other systems (Facebook, Skype, etc.) or turning off WiFi completely. I could easily see end users getting into a situation where the literally can't figure out how to stop someone having access to their network.
In this age, many people have no access except for WiFi. Not us, not IT Pros, but normal people depend on it pretty heavily.
-
All the examples given here are a long shot at best.
-
@anonymous said:
All the examples given here are a long shot at best.
Most big hacks were socially engineered long shots.
-
@anonymous said:
That will never hold up in court. You are responsible for everything downloaded and uploaded.
That's not true. Being hacked is not a crime. Being careless is, potentially. You can't really think that someone breaking into your house or splicing your cable and using your connection is your responsibility in court. It just isn't. You might need to prove it wasn't you, but no court has ever held someone accountable for being a victim unless there is no reason to believe that they were. If you are aware of any case where that is not true, let me know, but it goes against all US laws and makes no sense.
-
@anonymous said:
@JaredBusch said:
@anonymous said:
Me too, but isn't the risk the same? How do you know they can't use the Guest wifi to access your main network? What if they torrent? Seems like you would be safer to just not let anyone on your network.
I monitor my AP like any trained person would do. Yes, user will not, but I do. I don't care if they torrent. I have logs and proof that just because it was my IP, it was not my device on my private network.
That will never hold up in court. You are responsible for everything downloaded and uploaded.
Actually, it will. That is the point of logs. I can PROVE the MAC address and such of the device and what local IP it had at the time, etc.
Also, as I said I monitor my AP. SO I can show that I blocked said device also. -
@anonymous said:
All the examples given here are a long shot at best.
No, I gave one that happened. Only thing that kept it from being a problem was that it wasn't Windows 10. Literally, only thing.
Not long shots, actual scenario in the last two months. Just the first one that I thought of.
-
@JaredBusch said:
@anonymous said:
@JaredBusch said:
@anonymous said:
Me too, but isn't the risk the same? How do you know they can't use the Guest wifi to access your main network? What if they torrent? Seems like you would be safer to just not let anyone on your network.
I monitor my AP like any trained person would do. Yes, user will not, but I do. I don't care if they torrent. I have logs and proof that just because it was my IP, it was not my device on my private network.
That will never hold up in court. You are responsible for everything downloaded and uploaded.
Actually, it will. That is the point of logs. I can PROVE the MAC address and such of the device and what local IP it had at the time, etc.
That's how hotels and other open services handle it. Otherwise we could also say that we can never be responsible because the ISP is responsible. It is through this exact same process that they pass the buck on to you. And then you on to others.
-
@JaredBusch Aren't you concerned that Microsoft is still storing your password somewhere?
Just because you stop sharing it, doesn't mean it wasn't already exposed.
It seem to me the only way to make sure your secure, is to change your wifi password.
-
As a technical hack, it looks like this is a hard one to break, but certainly possible, like anything. The fears here, I think are this:
- it makes social engineering much easier. A focused social engineering attack is made easier by this being just another tool for social engineers to use.
- It makes it trivially easy to accidentally give away access to things you shouldn't be giving away (like access to the wifi at a lakehouse you rented, to your neaighbours house, your parents, etc.) Things that you would never give away broadly, but you wanted to share with family members or your other devices or you just click "share" out of habit.
-
@anonymous said:
@JaredBusch Are you concerned that Microsoft is still storing your password somewhere?
Just because you stop sharing it, doesn't mean it wasn't already exposed.
It seem to me the only way to make sure your secure, is to change your wifi password.
And that was my other point, is that reliable now that there is an automatic cascade of your new password to all kinds of devices and people? I'm not sure how this works and end users certainly won't. Automatic sharing from multiple devices might cause exposures that they aren't expecting or can't find.
-
Let's remember that You have to manually opt into every Wi-Fi network that you want to share.
For every network you join, you'll be asked if you want to share it with your friends/social networks.
By default, if you choose Express Settings during the installation process, Wi-Fi Sense is turned on in Windows 10.
However, it doesn't actually do anything until two things occur:
-
First, you need to sign in with a Microsoft account. Wi-Fi Sense won't work with a local account.
-
Whenever you connect to a new W-Fi network, it asks if you want to share it with other people.
-
-
@JaredBusch said:
@anonymous said:
@JaredBusch said:
@anonymous said:
Me too, but isn't the risk the same? How do you know they can't use the Guest wifi to access your main network? What if they torrent? Seems like you would be safer to just not let anyone on your network.
I monitor my AP like any trained person would do. Yes, user will not, but I do. I don't care if they torrent. I have logs and proof that just because it was my IP, it was not my device on my private network.
That will never hold up in court. You are responsible for everything downloaded and uploaded.
Actually, it will. That is the point of logs. I can PROVE the MAC address and such of the device and what local IP it had at the time, etc.
Also, as I said I monitor my AP. SO I can show that I blocked said device also.The difference with getting breached through this WiFi Sharing is that you actually gave out the password voluntarily.
-
Most people give out their Wi-Fi keys freely. You could even argue that Wi-Fi Sense is more secure: if I ask Adam for his Wi-Fi password, I am free to give it away to anyone. If I receive the password via Wi-Fi Sense, I can still connect to Adam's network, but I can't tell anyone else the password.
-
@anonymous said:
Most people give out their Wi-Fi keys freely. You could even argue that Wi-Fi Sense is more secure: if I ask Adam for his Wi-Fi password, I am free to give it away to anyone. If I receive the password via Wi-Fi Sense, I can still connect to Adam's network, but I can't tell anyone else the password.
Yes, that's what I said.... this is so insecure that the justification for it in the article was to point out that most people already are insecure, so the vulnerabilities exposed here just don't matter. To me, this is the same as admitting that it is a horrible idea or else they would have no need for this argument. This isn't stating that it is secure, nor even suggesting it, it is just saying that most people screw up security so badly that this doesn't really hurt anymore.
But that's only talking about their home networks. As the same article points out one line above this quote, if that same treatment happens with a business network it would be really bad.
You just quoted the same line that I used a page back to show how the article didn't wind up being positive in their take on the technology. They try to spin it well, but ultimately they have no faith in it either by way of having no faith in the people who will use it.
-
-
It's basically like saying "most people are such bad drives and won't use seatbelt anyway so the fact that we didn't include working brakes really doesn't matter.... for those users."
-
The thing is, they could have easily made this technology work with a "share my password" technology that lets you do it, one time, with a tiny bit of effort and be really secure and leverage the good parts of this and avoid the bad ones. But they didn't do it that way.
-
CNN Money
Should you stop using it?
You're probably safe using Wi-Fi Sense.
All these nightmare scenarios are possible ... but farfetched. Even the worst-case scenario -- a stalker using Wi-Fi Sense to steal your naked photos -- would require that person to sit outside your house with a Windows 10 PC while he hacks into your network.
But if you do want to protect those naked photos and you shared your network via Wi-Fi Sense you can stop that. Windows 10 lets you do that in settings (it takes a few days to register). You can also opt your network out of Wi-Fi Sense entirely by adding the phrase "_optout" to the end of your Wi-Fi network's name.http://money.cnn.com/2015/07/30/technology/windows10-wifi-sense/
-
So actually this technology is a lot more invasive than might be realized at first. Here is a few things that need to be considered...
It does not share a wifi password "when you are in range." That's not what any of these things say. It shares ALL of your passwords with ALL of your contacts, always. It's a big many to many sharing of information.
Those contacts all have access to everything that you share. You can change the passwords of your devices to cut them off (in theory) but you can't cut them off individually, only be changing the password AND stopping all sharing to keep them from getting the update.
This is actually a bit riskier, in fact a ton riskier, than I had understood from the initial description. All of your data goes up to Microsoft and MS pushed it down to all of your contacts. They can then take themselves offline and stop you from telling MS or their devices that you don't want them to have access.
-
One has to ask, once you get to this point of sharing passwords and once you take the Ars Technica tact of saying "well, it isn't like you were secure anyway", why are we securing access points at all? Why not solve all of this and just not put a password on the devices?
I mean, people still need to be pretty close to use it. You only let people into your house that are friends. You would give out your password to anyone in your house anyway.
All of the logic that we would use to make this sound reasonable would also, by only a tiny step towards ease of use, make giving up on wifi passwords altogether, right?