Windows 10 Wi-Fi Sense is a bad idea
-
@JaredBusch said:
@anonymous said:
@JaredBusch said:
@anonymous said:
Me too, but isn't the risk the same? How do you know they can't use the Guest wifi to access your main network? What if they torrent? Seems like you would be safer to just not let anyone on your network.
I monitor my AP like any trained person would do. Yes, user will not, but I do. I don't care if they torrent. I have logs and proof that just because it was my IP, it was not my device on my private network.
That will never hold up in court. You are responsible for everything downloaded and uploaded.
Actually, it will. That is the point of logs. I can PROVE the MAC address and such of the device and what local IP it had at the time, etc.
That's how hotels and other open services handle it. Otherwise we could also say that we can never be responsible because the ISP is responsible. It is through this exact same process that they pass the buck on to you. And then you on to others.
-
@JaredBusch Aren't you concerned that Microsoft is still storing your password somewhere?
Just because you stop sharing it, doesn't mean it wasn't already exposed.
It seem to me the only way to make sure your secure, is to change your wifi password.
-
As a technical hack, it looks like this is a hard one to break, but certainly possible, like anything. The fears here, I think are this:
- it makes social engineering much easier. A focused social engineering attack is made easier by this being just another tool for social engineers to use.
- It makes it trivially easy to accidentally give away access to things you shouldn't be giving away (like access to the wifi at a lakehouse you rented, to your neaighbours house, your parents, etc.) Things that you would never give away broadly, but you wanted to share with family members or your other devices or you just click "share" out of habit.
-
@anonymous said:
@JaredBusch Are you concerned that Microsoft is still storing your password somewhere?
Just because you stop sharing it, doesn't mean it wasn't already exposed.
It seem to me the only way to make sure your secure, is to change your wifi password.
And that was my other point, is that reliable now that there is an automatic cascade of your new password to all kinds of devices and people? I'm not sure how this works and end users certainly won't. Automatic sharing from multiple devices might cause exposures that they aren't expecting or can't find.
-
Let's remember that You have to manually opt into every Wi-Fi network that you want to share.
For every network you join, you'll be asked if you want to share it with your friends/social networks.
By default, if you choose Express Settings during the installation process, Wi-Fi Sense is turned on in Windows 10.
However, it doesn't actually do anything until two things occur:
-
First, you need to sign in with a Microsoft account. Wi-Fi Sense won't work with a local account.
-
Whenever you connect to a new W-Fi network, it asks if you want to share it with other people.
-
-
@JaredBusch said:
@anonymous said:
@JaredBusch said:
@anonymous said:
Me too, but isn't the risk the same? How do you know they can't use the Guest wifi to access your main network? What if they torrent? Seems like you would be safer to just not let anyone on your network.
I monitor my AP like any trained person would do. Yes, user will not, but I do. I don't care if they torrent. I have logs and proof that just because it was my IP, it was not my device on my private network.
That will never hold up in court. You are responsible for everything downloaded and uploaded.
Actually, it will. That is the point of logs. I can PROVE the MAC address and such of the device and what local IP it had at the time, etc.
Also, as I said I monitor my AP. SO I can show that I blocked said device also.The difference with getting breached through this WiFi Sharing is that you actually gave out the password voluntarily.
-
Most people give out their Wi-Fi keys freely. You could even argue that Wi-Fi Sense is more secure: if I ask Adam for his Wi-Fi password, I am free to give it away to anyone. If I receive the password via Wi-Fi Sense, I can still connect to Adam's network, but I can't tell anyone else the password.
-
@anonymous said:
Most people give out their Wi-Fi keys freely. You could even argue that Wi-Fi Sense is more secure: if I ask Adam for his Wi-Fi password, I am free to give it away to anyone. If I receive the password via Wi-Fi Sense, I can still connect to Adam's network, but I can't tell anyone else the password.
Yes, that's what I said.... this is so insecure that the justification for it in the article was to point out that most people already are insecure, so the vulnerabilities exposed here just don't matter. To me, this is the same as admitting that it is a horrible idea or else they would have no need for this argument. This isn't stating that it is secure, nor even suggesting it, it is just saying that most people screw up security so badly that this doesn't really hurt anymore.
But that's only talking about their home networks. As the same article points out one line above this quote, if that same treatment happens with a business network it would be really bad.
You just quoted the same line that I used a page back to show how the article didn't wind up being positive in their take on the technology. They try to spin it well, but ultimately they have no faith in it either by way of having no faith in the people who will use it.
-
-
It's basically like saying "most people are such bad drives and won't use seatbelt anyway so the fact that we didn't include working brakes really doesn't matter.... for those users."
-
The thing is, they could have easily made this technology work with a "share my password" technology that lets you do it, one time, with a tiny bit of effort and be really secure and leverage the good parts of this and avoid the bad ones. But they didn't do it that way.
-
CNN Money
Should you stop using it?
You're probably safe using Wi-Fi Sense.
All these nightmare scenarios are possible ... but farfetched. Even the worst-case scenario -- a stalker using Wi-Fi Sense to steal your naked photos -- would require that person to sit outside your house with a Windows 10 PC while he hacks into your network.
But if you do want to protect those naked photos and you shared your network via Wi-Fi Sense you can stop that. Windows 10 lets you do that in settings (it takes a few days to register). You can also opt your network out of Wi-Fi Sense entirely by adding the phrase "_optout" to the end of your Wi-Fi network's name.http://money.cnn.com/2015/07/30/technology/windows10-wifi-sense/
-
So actually this technology is a lot more invasive than might be realized at first. Here is a few things that need to be considered...
It does not share a wifi password "when you are in range." That's not what any of these things say. It shares ALL of your passwords with ALL of your contacts, always. It's a big many to many sharing of information.
Those contacts all have access to everything that you share. You can change the passwords of your devices to cut them off (in theory) but you can't cut them off individually, only be changing the password AND stopping all sharing to keep them from getting the update.
This is actually a bit riskier, in fact a ton riskier, than I had understood from the initial description. All of your data goes up to Microsoft and MS pushed it down to all of your contacts. They can then take themselves offline and stop you from telling MS or their devices that you don't want them to have access.
-
One has to ask, once you get to this point of sharing passwords and once you take the Ars Technica tact of saying "well, it isn't like you were secure anyway", why are we securing access points at all? Why not solve all of this and just not put a password on the devices?
I mean, people still need to be pretty close to use it. You only let people into your house that are friends. You would give out your password to anyone in your house anyway.
All of the logic that we would use to make this sound reasonable would also, by only a tiny step towards ease of use, make giving up on wifi passwords altogether, right?
-
And I'm not trying to be silly there, I really mean for people who think this is a great idea because they really were going to give out that password anyway and really do feel that they trust anyone that is in their house anyway... why not have the AP be open?
If you live in a dense city where tons of people can see your wifi, I doubt having WiFi Sharing is going to fly. If you don't live in a place where twenty people can see your wifi at once, why lock it down at all? Are we really fearing someone hiding in our bushes to check the weather forecast?
-
Or to put it another way....
If we need to be truly secure, this doesn't cut it, at all, not without some serious effort and trusting of third party systems that are not designed or intended to be used this way and with trusting every person on those systems to understand the security you have entrusted to them.
If we aren't concerned about security, and I'm totally of this camp that nearly everyone gets oddly anal about security for no reason, then why bother with the passwords and all of this?
-
Take my dad as an example. He has a password on his wifi. But why? There is nothing on his network to secure and he owns a farm. You'd have to be in his garage or under the eaves to even maybe get a signal. Pretty much at that point you could literally cut into his ethernet cables and get access that way. There is a level of wifi protection that we often just assume needs to be there but we don't have with Ethernet. At some point it just doesn't make sense at all.
-
My guest network is completely open. I don't want to have to give out the password to guests.
I login from time to time, and take a look at who is using the guest network, and if I saw a bunch of people using it, I might have to lock it down.
I know I am lucky to live in a small town.
-
My wife's parents are similar. They live in the middle of a village but their wifi doesn't even extend to their yard. Yes someone leaning on the side of the house would get a signal, but they would also get the free village wifi much better. The only people that might have regular access are the next door neighbours on the one side and if they needed access my in-laws would have directly given them the password. They might have it for all that I know. The only other building nearby is a police station - they are probably to be trusted (and they are too far away to see the SSID.)
Just two cases but the first two. Almost anyone that I know first hand at home (that I use their wifi) has some crazy hard to use wifi password yet doesn't have good enough wifi for it to extend past their front porch for use.
-
@anonymous said:
My guest network is completely open. I don't want to have to give out the password to guests.
I login from time to time, and take a look at who is using the guest network, and if I saw a bunch of people using it, I might have to lock it down.
I know I am lucky to live in a small town.
Not really any different than my house nearly NYC or my one in Dallas. My wifi only goes so far and anyone that is in that range is either incredibly obvious because they are standing in my yard or is a person that I would have invited over for drinks and given my password to anyway. So the point is moot with them.
Big city, small town, out in the country. All have cases where wifi just doesn't need to be secured. And in all there are places where it does need to be. Even an apartment building out in the middle of a field (I actually know of one like this near @Minion-Queen ) would be an issue because the people have thin walls and live on top of each other.