Is Windows 10 WiFi Sense Nonsense?

Category: Windows-10

A storm of FUD (Fear, Uncertainty, and Doubt) swept the tech media world this month. The rumor is that Windows 10 will include a new feature called WiFi Sense which gives all of your contacts the keys to your WiFi networks. There's a kernel of truth here, but let’s separate facts from fiction…

What is Wifi Sense?

At least one report claimed that Wifi Sense, in addition to "sharing" your wifi login credentials with your contacts, would then cause them to automatically share your WiFi keys with their contacts – people you don’t know even casually. So how much of this story is true?

First, WiFi Sense is not new; it’s been part of the Windows Phone 8.1 operating system for two years. That’s probably why most people, even tech journalists, have never heard of WiFi Sense. Globally, 96 percent of smartphones are powered by iOS or Android, according to figures from IDC. None the less, we haven’t heard any reports of WiFi networks being comprised via WiFi Sense.

Here is how WiFi Sense works, if you leave it enabled. The keys (passwords) to WiFi networks that you store on your device are encrypted and stored on a remote Microsoft server. If one of your contacts comes within range of one of your WiFi networks, that network’s key is automatically fed to the WiFi access point to grant the contact access to that network.
WiFi Password sharing

But unilateral sharing wouldn't be fair. In return, you have reciprocal WiFi Sense access to your contacts’ WiFi networks.

The purpose of WiFi Sense is to make sharing WiFi Internet access easy, according to Microsoft. You don’t have to give the WiFi key to a visitor to your home or office (assuming they are in your Contacts list), and the visitor doesn’t have to enter it in his/her device. WiFi Sense is more secure than the usual person-to-person sharing method because your contacts never see the actual key, argues Microsoft.

Access is Limited

Think twice before giving just anyone access to your Internet connection via WiFi. It could have unpleasant legal consequences. See Is Your Wireless Router REALLY Secure? to learn how one guy almost got framed for something his neighbor did while connected to his WiFi.

It’s important to note that only Internet access is shared via WiFi Sense. Guests cannot rifle through shared folders and files on your local network, or use shared devices such as printers. They can only surf the Web, check email, and do other things “out there” on the Internet.

Password sharing via WiFi Sense is enabled by default for Outlook/Hotmail and Skype (both owned by Microsoft) contacts. You do have to give permission to make it available to your Facebook contacts. Your contacts in any of those three services who are using Windows Phone or (soon) Windows 10 can access your WiFi networks via WiFi Sense.

Obviously, your contacts must also be within range of one of your WiFi networks. They must also have WiFi Sense enabled, sharing their WiFi networks with you and their other contacts.

WiFi Sense can be disabled completely in one of two ways. You can go to the Windows WiFi Settings menu and uncheck the box labeled, "Share WiFi networks I Select" option. Alternatively, you can add the string “_optout” (note the underscore) to the end of your WiFi access point’s SSID.

You can also disable WiFi Sense on selected individual WiFi network profiles stored on your device. The key to a deselected network won’t be available to your contacts.

WiFi Sense will not let you be so selective about the contacts with whom you share WiFi network keys. Your only choices are very broad: all of your Outlook contacts or none; all Skype contacts or none; all Facebook contacts or none.

Too Much Sharing?

That’s another security weakness. It’s one thing to share WiFi keys with family and close friends, and quite another to share with a Facebook “friend” who could be a hacker in real life. I have hundreds of Facebook "friends" that I don't personally know, and I would be nervous if any of them could park in front of my house and tap into my Wifi.

Some of “your” WiFi networks probably belong to someone else, like a coffee shop, client, employer, or relative whose WiFi key is stored on one of your devices. None the less, WiFi Sense will allow your eligible contacts access to the WiFi Internet of people who have no relationship to your contacts.

WiFi Sense will not work with the 802.11x protocol, a WiFi authentication scheme typically run on a RADIUS or EAP server. Many enterprises and WiFi service providers (often used by coffee shops and other small businesses) use 802.11x, so the utility of WiFi Sense will be limited in some business environments.

But plenty of small businesses take a do-it-yourself approach to providing wifi to customers. It might never occur to them that by "friending" one patron, they've given access to 100 other people. And just think how this could spiral out of control in a household with Mom, Dad and several children sharing a WiFi access point. How many people would have access to your WiFi if each family member used WiFi Sense? "Honey, why is there always a line of cars parked in front of our house at night?"

Overall, WiFi Sense poses too many security risks for my liking. Managing it or opting out completely is too complicated for the limited benefits it provides. I'm surprised that it's turned on by default in Windows 10, and my advice is to disable it using one of the methods above.

Your thoughts on this topic are welcome. Post your comment or question below...

 
Ask Your Computer or Internet Question

  (Enter your question in the box above.)

It's Guaranteed to Make You Smarter...

AskBob Updates: Boost your Internet IQ & solve computer problems.
Get your FREE Subscription!


Email:

Check out other articles in this category:



Link to this article from your site or blog. Just copy and paste from this box:

This article was posted by on 20 Jul 2015


For Fun: Buy Bob a Snickers.

Prev Article:
Yes, The Feds Can Read Your Email (and more)

The Top Twenty
Next Article:
Tech to the Rescue for Insomnia

Most recent comments on "Is Windows 10 WiFi Sense Nonsense?"

(See all 23 comments for this article.)

Posted by:

Bob
20 Jul 2015

YIKES! I didn't know this and I'm turning off my WIFI Sense on my Nokia Windows Phone as I write this and also I'm going to check to see if it's on my laptop with Windows 10 preview I've been testing since February!!!!
Thanks for the info!


Posted by:

Jay R
20 Jul 2015

I have a different approach. I am sticking with Win7. Before my computer was fried by a virus some years ago, I was sticking with WinXP, SP3. Sigh. Thank you, Bob.


Posted by:

Lucy
20 Jul 2015

Thank you Bob for bringing this to our attention, your vigilance is appreciated.

Another concern of mine is that some providers allow reciprocal wireless access to any of their customers who happen to be nearby other customers who rent their modem/router from the provider. They can just go ahead and use the wi-fi at that home whenever they wish to.

I don't want anyone outside my home to have unfettered access to my wireless service.

When I start to use Windows 10 I will disable this "feature" for sure.


Posted by:

RandiO
20 Jul 2015

P'haps what is meant by "your contacts" needs to be contextually defined...
B'cuz I am wondering if Microsoft is actually contacting NSA on my behalf and appropriating "my contacts" directly from NSA servers [who may possibly even know all my other 'metadata'; including my shoe-size and if I put my right sock on before the left one!] Okay, maybe I am exaggerating a bit, since NSA ONLY knows my data prior to the past 6 months, unless there was an official court request for my recent data, that I am not aware of.


Posted by:

InLionSk8r
20 Jul 2015

Between our SSID (not broadcast) and our WiFi key, there are 192 characters that I regularly give out to friends and family, if they want to join our network. Thinking there might be some security there somewhere, it never dawned on me that might be considered a problem, requiring attention from Microsoft. Since we also have MAC-filtering turned on in our router settings, until I enter users' specific device-numbers into our white-list, am guessing many of our Microsoft-enabled "Friends" will still be outside, looking in.


Posted by:

Bumbojas
20 Jul 2015

Thanks for the warning Bob . I am using W10 as part of the Insider Program and had not appreciated this feature. I only wish to give access to my wifi network personally to people I know and trust. Ok they can then keep it to use again or even pass it on but that is part of the trust element.


Posted by:

billyD
20 Jul 2015

I don't trust Microsoft any more than I trust the government. If the keys are stored on a remote Microsoft server, then the government will also have free access to them.


Posted by:

Charles MacDonald
20 Jul 2015

So just to clarify, EVERYONE (including those of us who would never think of allowing a Microsoft device into our home) who would perfer to not want to offer their Wi-fi to every tom dick and harry has to change their Wifi network name from for example "FredsHouse" to "FredsHouse_optout" and then systematically change that string on all their devices (probably by setting everything Wifi up again as the network name can't be changed in most software) just to get back to the same security and functionality that they had before? Then explain what the -optout nonsense is all about?

EDITOR'S NOTE: If you have no devices in your home running Windows 10 or Windows 10 Phone, then you don't need to do anything.


Posted by:

Linda
20 Jul 2015

Like a previous poster named Bob, I also have a Nokia Windows phone, which I absolutely love,BTW, running Windows 8.1. I have always operated it with the WiFi Sense turned OFF though. Mainly, this was because I didn't really know what WiFi Sense was or what it did. So thank you, Bob Rankin, for your excellent explanation, as always. Now I am even happier that I never enabled WiFi Sense on my phone. I am currently running Win7 on my laptop, but I will certainly be disabling WiFi Sense on my laptop too, once Windows 10 is installed.


Posted by:

Bob Hill
21 Jul 2015

ARE YOU KIDDING ME?! If I give my business wifi passphrase to someone, now I have to trust them to disable this "service" on all of their devices? As of right now, I'm advising all of my clients to get rid of all WiFi access points that allow access to their network. Tell me how this doesn't kill WiFi for business use?


Posted by:

Daniel Wiener
21 Jul 2015

I was skeptical of Windows 10 before. Now I'll definitely avoid installing it on our computers. We paid extra to get Windows 7 instead of Windows 8.1 on our new computers, and I intend to keep it that way.


Posted by:

Don
21 Jul 2015

Sure glad I have 4 Win 7 computers. Maybe by 2020 MS will come back to reality. If they are still in business.


Posted by:

Bob Hill
21 Jul 2015

This has made me realize something basic: WiFi "security" is a myth anyway, because a password that's shared among multiple people isn't secure to begin with; it might as well be shared with everyone. "A secret shared with one other person isn't a secret anymore." WiFi isn't secure unless and until it's based on a unique password for each user; a password that only that one user knows. But still, what possessed Microsoft to throw a grenade into the party?


Posted by:

johnnysue
21 Jul 2015

This sounds like very poor common sense on the part of Microsoft. One more reason to stick with Win 7 while learning to use Linux. It has been my opinion for quite some time that Microsoft fits the basic definition a bully. "You will do it my way or else. Why should we disclose something and make a plain and obvious way to disable it; or even turn it off by default, rather than on by default." As designed by Microsoft, WiFi Sense makes no sense!


Posted by:

Ray Bobo
21 Jul 2015

Thanks, Bob. THIS is exactly why I subscribe to your service. You are like the good friend who politely informs you that the back panel of your log johns is unbuttoned!


Posted by:

John
21 Jul 2015

Another reason why my computers are hard wired. I only have entertainment devices like Roku and Smart TV's connected to WiFi.


Posted by:

C.J.Brady
30 Jul 2015

Whilst I deem wifi to be 100% insecure yet am prepared to take that risk especially sitting in a cafe for a few minutes doing emails; my shock and horror right now is the realisation that with W10 Microsoft will now be creating a HUGE database of ip addresses, email addresses, SSIDs, and passwords etc., etc. No wonder they're giving out W10 for free.


Posted by:

Trevor Harrigan
03 Aug 2015

No surprise here!
Governments have been whining recently about encryption making their spying on citizens more difficult. Having MS give away Win10 and wifi-sense on by default gives them the perfect trojan way of having clipper version 2. Anyone who thinks the NSA does not have a hand in this is naive. When NSA friends you via one of their proxies, they don't even have to crack the MS stored password (assuming MS does not a plain text version for them anyway).
This is so plainly an NSA/GCQH/5Eyes ploy it is laughable.
Trevor.


Posted by:

Norman Rosen
05 Aug 2015

Thanks to your instructions, I was able to turn this stupid feature off immediately. I really am tired of people trying to improve my experience.


Posted by:

Bill Samuel
20 Aug 2015

You point out that users of your Wi-Fi don't have access to your network key or any of your files. What are the "too many security risks" which make you oppose Wi-Fi Sense. It's not evident to me what they are.

I see this as part of the general move towards making Wi-Fi more available, which seems to me to be a good thing. Comcast does this by giving you a separate, unsecured Wi-Fi network available to anyone within range. It is an additional network and does not affect your secured network and its security.

What companies like Comcast and Microsoft are doing are making wi-fi more available when you are out and about, with appropriate security safeguards. This should be encouraged.

EDITOR'S NOTE: You say "It's not evident to me what they (the risks) are." EXACTLY! The Heartbleed and Shellshock vulnerabilities existed for YEARS before they became generally known. All that time we thought it was safe to use HTTPS/SSL encryption, but it turns out it was easily subverted. The same thing could happen with WiFi Sense. People who login to your computer via WiFi Sense are not supposed to have access to your files. Fine. But how long will it take for clever hackers find a hole in that wall? See http://askbobrankin.com/is_computer_security_an_illusion.html


There's more reader feedback... See all 23 comments for this article.

Post your Comments, Questions or Suggestions

*     *     (* = Required field)

    (Your email address will not be published)
(you may use HTML tags for style)

YES... spelling, punctuation, grammar and proper use of UPPER/lower case are important! And please limit your remarks to 3-4 paragraphs. If you want to see your comment posted, pay attention to these items.

All comments are previewed, and may be edited before posting.

NOTE: Please, post comments on this article ONLY.
If you want to ask a question click here.

Free Tech Support -- Ask Bob Rankin
RSS   Add to My Yahoo!   Feedburner Feed
Subscribe to AskBobRankin Updates: Free Newsletter
Copyright © 2005 - Bob Rankin - All Rights Reserved
Privacy Policy -- See my profile on Google.


Article information: AskBobRankin -- Is Windows 10 WiFi Sense Nonsense? (Posted: 20 Jul 2015)
Source: http://askbobrankin.com/is_windows_10_wifi_sense_nonsense.html
Copyright © 2005 - Bob Rankin - All Rights Reserved