back to article UH OH: Windows 10 will share your Wi-Fi key with your friends' friends

A Windows 10 feature, Wi-Fi Sense, smells like a security risk: it can share access to private Wi-Fi networks with the user's friends. higglty piggeltey that makes good sense Wi-Fi Sense has been on Windows Phone since 8.1 Those friends include their Outlook.com (nee Hotmail) contacts, Skype contacts and, with an opt-in, …

  1. Saint Gerbil
    Facepalm

    Nothing new here

    Wifi Sense has been in windows phone since windows 8 and it shares your wifi password with your laptop.

    You can share it with your contacts if you want to its not that hard and its quite hard to share it with your local takeaway shop like the article states.

    1. Anonymous Coward
      Alert

      Re: Nothing new here

      Wifi Sense has been in windows phone since windows 8 and it shares your wifi password with your laptop.

      Yes, it mentions this in the article. If the "sharing" of credentials happens via a USB cable between phone and laptop as part of a phone-sync consciously set up by the user, I have no problem with it.

      It's when it shares it with complete strangers (i.e. Microsoft HQ) that I object!

    2. asdf

      Re: Nothing new here

      >Wifi Sense has been in windows phone since windows 8

      Oh that explains why this is news to almost everyone outside Redmond.

    3. TheVogon

      Re: Nothing new here

      "In theory, someone who wanted access to your company network could befriend an employee or two, and drive into the office car park to be in range, and then gain access to the corporate wireless network."

      Only if you have incompetently configured corporate WiFi. A normal corporate WiFi setup would use 802.1X and you wouldnt even know a WiFi password to share.

      1. Anonymous Coward
        Anonymous Coward

        Re: Nothing new here

        802.1x can be configured to use different authentication methods, including some using passwords. And it may happen to be your domain password also - which you may need to input if your device is not domain-enabled. And not every device supports WPA(2) Enterprise

        1. TheVogon

          Re: Nothing new here

          "802.1x can be configured to use different authentication methods, including some using passwords."

          All of which can stil support NAC. No sane corporate would rely on password only except in a mode that can't be shared (for instance an 802.11x login via AD authentication can't be shared via WiFI Sense, and usually would also require certificate based NAC).

          "And not every device supports WPA(2) Enterprise"

          Then they wouldn't be able to connect to a secure corporate environment...

      2. Meerkatjie

        Re: Nothing new here

        The office I work in has wired and wireless networks - to get access to the wireless network you use your windows login details.

        1. Youngdog

          Re: Nothing new here

          You are probably running a certificate-based NAC to make sure only Domain (i.e. work) devices can connect

        2. TonyHoyle

          Re: Nothing new here

          I would really hope that it didn't apply to WPA Enterprise, otherwise it'll be sharing windows login details all over the place.

          In small companies it's not uncommon to use a single password (smaller companies rarely have the requisite radius server setup or the experience to run one).

          At home of course, it's all passwords. That said, from what they're saying you can detect wifisense users - it's saying they can't access local resources somehow.. in which case you can configure a network to break access for such users (for example redirect the first request outgoing to a local portal... if they don't click OK on that - which wifisense users won't be able to do - then no access).

    4. Anonymous Coward
      Anonymous Coward

      Re: Nothing new here

      When I set my phone up, it asked did I want to turn wifi sense on. But can't remember if it defaulted to off.

      And is this going to be turned on by default in the production version, or is this from the latest build?

    5. I ain't Spartacus Gold badge

      Re: Nothing new here

      As stated, it's in WinPho 8.1 already. I believe it's defaulted to on when you get the phone, but it's one of the setup questions you have to answer, so you can turn off the switch. I'd imagine that's what they'll do in the production version of Windows 10 as well.

      It's more of a security risk than Apple holding your WiFi passwords when you cloud back-up your iThings. Does Android do cloud backup now (I'm out of date)?

      To be honest, if you're going to go to the trouble of parking in the corporate car park, can't you just sniff some packets and break the WiFi security anyway? I thought that only took a few minutes nowadays?

      1. Kimo

        Re: Nothing new here

        You can do cloud back-up to Google, but when I replaced my phone I still had to re-enter user names and passwords for the phone and all of the apps on my device.

      2. Anonymous Coward
        Anonymous Coward

        Re: Nothing new here

        It's more of a security risk than Apple holding your WiFi passwords when you cloud back-up your iThings.

        AFAIK, Apple cloud stuff does client side encryption. Not so much for benevolent reasons, more because Apple doesn't want the liability of your stuff being disclosed through them (that's also why they were all of a sudden so astonishingly active to fix the whole iTunes password problem - which they then overcorrected before things settled down). I wish us security people could inspire that much fear, so we could get things done.

      3. Anonymous Coward
        Anonymous Coward

        Re: Nothing new here

        Breaking WPA2 Enterprise is not so easy - PSK networks are more at risk, especially if they still use pre-WPA2 technology (and short keys). And it's not uncommon either, a neighbour of mine is still using WEP... one day I'll break into his network and leave a message to upgrade it...

        1. Fred Dibnah

          Re: Nothing new here

          Wouldn't a nicer way to tell your neighbour be to knock on their door, say hello, and explain why their network is insecure and offer to show them a way to better secure it? Just wonderin'.

          1. asdf

            Re: Nothing new here

            >Wouldn't a nicer way to tell your neighbour be to knock on their door, say hello, and explain why their network is insecure and offer to show them a way to better secure it? Just wonderin'.

            As an added bonus that route as long as your polite unlike the other if in the US has a zero chance of winding up in pound you in the butt prison.

          2. Frank N. Stein

            Re: Nothing new here

            In a perfect world, sure, but this isn't a perfect world, and rather than do some sort of face to face risky "hand shake", you can achieve the end goal of advising them to secure their network better, by doing it anonymously. That way, if they are a nut job, they won't know you're identity and won't know who to attack for "snooping" on their weakly protected network.

  2. Panicnow

    It must be intentional!

    After the disaster of Active controls, Passwords that are checked on the local system, and now this. Microsoft must have a direct line to the malware over-lords.

    To do something stupid once is unfortunate, Twice is foolish, Three times is a conspiracy!

    1. Anonymous Coward
      Anonymous Coward

      Re: It must be intentional!

      Every little helps - the NSA

    2. Anonymous Coward
      Anonymous Coward

      Re: It must be intentional!

      Sigh, will Microsoft ever change from making crass decisions on security for the sake of convenience ?

  3. John Bailey
    Coffee/keyboard

    If you can't be a good example..

    And people say Microsoft don't care any more.

    Here they are, demonstrating for all the world to see, at no doubt, great expense, exactly why one does not let the marketing people do product design.

    1. JLV
      Facepalm

      Re: If you can't be a good example..

      shades of circa 2000...

      'Yes, our users need VBA auto-run for incoming Outlook messages' scripts. Not having it would be a major loss of functionality".

    2. dlc.usa

      Where Were The Lawyers?

      Wasn't their legal staff involved in looking at the liability exposures the design could potentially allow? Do they believe MS is immune here? Or is there no defensive legal section? These decisions are not making good sense from a shareholder's perspective.

  4. Your alien overlord - fear me

    Place your bets please, plasce your bets ... on how long it takes someone to decrypt Microsoft's security and see in plaintext the wifi password.

    On a similar topic, what if I use just WPA, how could I get access to a WPA2 network or via versa?

    1. Mephistro

      @ Your alien overlord - fear me

      "On a similar topic, what if I use just WPA, how could I get access to a WPA2 network or via versa?"

      On most devices I see nowadays -including smart TVs, WiFi routers and WiFi network cards- you can configure both protocols to work at the same time, i.e. looking for both kinds of WiFi networks and choosing the right set of parms. ..

  5. Pax

    So now all WiFi/router manufacturers should enable MAC filtering by default just to counter-act how loose MS is making security.

    1. borkbork

      better yet

      Built in RADIUS server with easy account creation and expiry, for WPA2 Enterprise. Want to use my WIFi? OK, here's your account, it will deactivate in 24 hours.

      1. Anonymous Coward
        Anonymous Coward

        Re: better yet

        Of little use, if your devices shares your own passwords - does your own account expires every 24h?

    2. TheVogon

      "So now all WiFi/router manufacturers should enable MAC filtering by default just to counter-act how loose MS is making security."

      Great until Microsoft use random MACs like Apple do...

      1. Gotno iShit Wantno iShit

        My router does MAC filtering, I've not bothered 'till now. I shall be switching it on this weekend.

        Not that I'm at risk yet, only one person I know has >7 and that's on a desktop. Still, the time to act is now.

      2. Anonymous Coward
        Anonymous Coward

        "Great until Microsoft use random MACs like Apple do..."

        That is only done during scanning for the network to avoid advertising snooping based around WiFi scans, i.e. as is commonly done in shopping centres now.

        The real MAC is used to connect to the network. At least that's how it was, I haven't heard of any change.

      3. Neil Alexander

        Apple only use random MAC addresses for Wi-Fi beacons/probes - once you connect to a known network, the primary MAC address is always used, so as to not cause a problem with MAC filtering.

    3. Uberseehandel

      MAC filtering is a waste of time

      Spoofing MAC details is more than simple to do, so filtering adds little, if anything security wise.

      More important, because the tracing of MAC information causes a whole new slew of security problems, there are changes underway to randomise MACs each time one is required. Some kit is already doing this

      1. TonyHoyle

        Re: MAC filtering is a waste of time

        MAC filtering is a waste of time against attackers.

        Against random windows 10 boxes connecting to your network because microsoft have given away all your passwords, it's quite effective.

    4. TheBigCat

      If security matters there should be another layer of authentication before connecting to the network.

  6. ZSn

    Off

    First thing that I turned off. Honest do people really just run with the settings that come out of the box? Are they really that stupid?

    Stupid question - of course they do...

    1. Ken Hagan Gold badge

      Re: Off

      If you don't know that it exists, how are you supposed to turn it off?

      Quick question: what's the list of things that have to be turned off as the first thing you do with a new Windows machine?

      1. Rich 11

        Re: Off

        That may be a quick question, but it's not a quick answer!

        1. captain veg Silver badge

          Re: Quick question

          > what's the list of things that have to be turned off as the first thing you do with a new Windows machine?

          The power switch?

          -A.

      2. Curious

        Re: Off

        Step 1.

        Refuse the demands to create a Microsoft account in windows 8/ 10, use a local computer account instead, and this won't operate, I think, on your one computer.

        As I understand it, the wifi sense shared configuration is supported to isolate them from the local network, allow me my doubts..

        Are there any low cost, non-techie, manageable radius server + GUI implementations for small offices that mix Mac, PC, android and high numbers of guests?

        That daloradius + freeradius software on a beaglebone or edgemax?

        http://lintut.com/install-freeradius-with-web-based-management-daloradius-on-centosrhel/

        Looks like a radius server can be added fairly simply to a Synology or QNAP small office device.

        1. Anonymous Coward
          Unhappy

          Re: Off

          setting up a RADIUS server isn't too time consuming or difficult, but for me, the time consuming/difficult part has been integration with LDAP..

          1. TonyHoyle

            Re: Off

            At home I found freeradius an absolute pig, but the LDAP I have using FreeIPA which does the trick for home.

            Most of my devices don't allow WPA Enterprise though... not even the xbox one which is fairly recent. Or chromecasts.. so I still need a password based network for those. I'll have to invest in other countermeasures to defeat wifisense.

        2. Anonymous Coward
          Anonymous Coward

          Re: Off

          You could also use a "captive portal" which will handle the authentication itself, without a RADIUS backend (although you can use it as well with most captive portals). Some APs have captive portal support built-in, or fw/router software like pfSense offer it - adding also another layer of security.

    2. Evil Auditor Silver badge

      Re: Off

      do people really just run with the settings that come out of the box?

      Not people who read El Reg. Let's say they are on the nerd side of users. But for most other people -and that is most users-, they just want to buy a device and start doing whatever they want to do. Can't blame them.

      Yes, once their shit goes airborne they turn to us, again.

      1. Terry 6 Silver badge
        Coat

        Re: Off

        There are settings?

        Sorry,

        But I've worked the layer between out and out tecchies and ordinary users for so long that I'm only too aware that most of my colleagues won't even know that there are things you can change on a computer/smartphone etc. until something goes wrong and they have to be shown.

        But the marketing of devices as out-of-the-box commodities means that all sorts of settings are decided by the companies because you can't ask the public to spend hours going through installation of a device explaining and choosing dozens of options. And the implication of that is that there will be default settings that favour ease of use.

        (In fairness, the public don't buy devices because they are hard to hack, but because they are the fashionable shininess).

    3. Cynic_999

      Re: Off

      "

      First thing that I turned off. Honest do people really just run with the settings that come out of the box? Are they really that stupid?

      "

      Anyone who uses their computer as a means to an end rather than being involved with computers professionally or as a hobby might change the screen appearance a bit, but would not understand what most settings do. A person who was involved in the mechanics of cars may similarly wonder why people use the default engine management settings that were in the car when they bought it instead of tweaking everything as the petrolheads do.

    4. Anonymous Coward
      Anonymous Coward

      Re: Off

      The feature doesn't have to be turned off. Every network that you want to share has to MANUALLY be turned on. While the "feature" is on by default, all Wi-Fi networks are NOT SHARED by default.

      You would likely only turn on sharing if you were having a party at your house and didn't want to give the Wi-Fi password to your guests... and then you'd turn that network back to "not shared".

      So... by default... this feature does nothing. Stop spreading the FUD!

  7. mathew42
    Flame

    F**king Madness

    Sorry, but this just plain stupid. Having said that I'm still not keen on WPS.

    Friends of my kid's school friends having automatic access to my home network? WTF! After several discussions about not installing random games from the PlayStore that want access to everything, the kids have some concept of information security that was reinforced by 'Do that again and you won't be using that tablet!'

    MAC filtering by default is just painful especially with family visiting. Looks like it might be time to look at DD-WRT and sin bin all Microsoft OSes into a guest network.

    1. Anonymous Coward
      Anonymous Coward

      Re: F**king Madness

      Our solution, family only, is I enter the nightmare from Hell password and lock it in. Works for us (huge family, I'm sort of adopted). I'll have to scribble a note about this. No one's interested in 10, sorry MS, but damn, what idjit came up with this?

      1. VinceH

        Re: F**king Madness

        "Our solution, family only, is I enter the nightmare from Hell password and lock it in."

        I adopt the same approach - if a visitor (usually only family) needs wifi access, I enter the password for the guest network for them. They continue to have access with that device whenever they visit until, once in a blue moon, I change the password.

        Most of them use Apple iThings, and some Android - so no real problem there - but the first time I see a Windows device, I'll increase the frequency of those password changes to monthly. (Or I could add the _optout to the SSID - which is a stupid idea*. Or both.)

        * Because of the sheer number of people who simply won't know about this. Microsoft, you are idiots - the optout extension to the SSID is a token gesture, and nothing more.

        1. The BigYin

          Re: F**king Madness

          "I enter the password for the guest network for them."

          I have a QR code with the details on it as well. Android users can just zap the QR code, iPhone users and type it in.

        2. Steve Graham

          Re: F**king Madness

          Android stores the passwords in plaintext. There are apps which will display them, or you can hoke through the file system.

          So every time you enter the new password for a visitor, they take it away with them.

          1. VinceH

            Re: F**king Madness

            "Android stores the passwords in plaintext. There are apps which will display them, or you can hoke through the file system."

            Time to insult my family:

            When it comes to technology, they are utterly clueless - they wouldn't have the first idea how to look for them through the file system (let alone know what a file system is), and I'd be amazed if they had the wherewithal to go downloading apps to reveal the passwords.

            And the ones using iThings are even worse.

            1. dlc.usa

              Ignorant Users

              "When it comes to technology, they are utterly clueless - they wouldn't have the first idea how to look for them through the file system (let alone know what a file system is), and I'd be amazed if they had the wherewithal to go downloading apps to reveal the passwords."

              I think many script kiddies fit that description. Heroin addicts usually start by associating with a pusher.

    2. AlbertH

      Re: F**king Madness

      MAC filtering by default is just painful especially with family visiting. Looks like it might be time to look at DD-WRT and sin bin all Microsoft OSes into a guest network.

      That's exactly what I do. The guest network is deliberately throttled (after an incident with a relation's laptop that was spamming the world). It's trivially easy to do, and keeps the network usage sane

  8. Orv Silver badge

    myhouse_optout_nomap_dripdry_washwarm_nobleach

    This steady overloading of a text field is starting to remind me a lot of SPF in its later incarnations.

    1. Anonymous Coward
      Anonymous Coward

      Re: myhouse_optout_nomap_dripdry_washwarm_nobleach

      Require all IT executives involved in this kind of decision to append _nopunch to the end of their names. If you ever meet one who doesn't have _nopunch at the end, well, free pass.

      1. Anonymous Coward
        Anonymous Coward

        Re: myhouse_optout_nomap_dripdry_washwarm_nobleach

        If you ever meet one who doesn't have _nopunch at the end, well, free pass.

        Yes, but you have to have had _nocharge appended to your name, otherwise you get charged with assault and convicted.

  9. JP19

    Google

    already has half the WiFi passwords in the world, why shouldn't Microsoft try to catch up?

    1. Anonymous Coward
      Anonymous Coward

      Re: Google

      Google aren't giving them out to your contacts (yet).

      1. Anonymous Coward
        Anonymous Coward

        Re: Google

        "Google aren't giving them out to your contacts (yet)."

        Do Google *give* anything to anybody?

        There's another four letter word which is a better fit than "give",

        S**l.

  10. Anonymous Coward
    Anonymous Coward

    Yeah, like we don't have enough holes in net security as it is...

    So lets add some more....

  11. Mephistro

    Isn't this obvious that this method to disable WiFi Sense is designed for making the costumers fed up with opting out of every new network they visit, or they'll just forget about it.

    Must of us IT folks may understand the issue and put some remediation, but most persons out there are like sitting ducks regarding this issue.

    Thanks to this article, I'll advice all my clients, family and friends -again- to steer well clear of Windows phones.

    Thanks, ElReg. Some days I feel like the frecking Sisyphus!!!

    ;-)

    1. mathew42
      Flame

      > Thanks to this article, I'll advice all my clients, family and friends -again- to steer well clear of Windows phones.

      Steering clear of WIndows Phones is easy enough. Steering clear of windows laptops is more challenging.

    2. Curious

      And down the line, will the holders of these computers be encouraged to be tie into the Microsoft Wifi / Skype Wifi service as some sort of second-tier wifi partner?

      http://www.neowin.net/news/microsoft-wi-fi-now-included-with-windows-10

  12. Mephistro
    Mushroom

    Kill that WiFi Sense thing!

    WITH FIRE!!!

    1. MrDamage Silver badge

      Re: Kill that WiFi Sense thing!

      How about we just kill the Wifi Sense Project manager with a cricket bat instead? It will serve more as a warning to other project managers wanting to implement anything remotely similar.

      1. Alan W. Rateliff, II

        Re: Kill that WiFi Sense thing!

        Careful there, mate. Someone will read that and suddenly El Reg will have to hand over your personal contact information so someone can conduct an *cough* interview with you over your overt aggressive comments.

        Back on-topic, a lot of sites are migrating to WPA2-RADIUS (or WPA2 Enterprise) to eliminate this whole passphrase leak issue.

        1. Anonymous Coward
          Anonymous Coward

          Re: Kill that WiFi Sense thing!

          Just WPA2 Enterprise is a bit too complex for most home installations, especially those who simply use the router/switch/ap given by their internet provider. And not every device supports it - i.e. some printers, cameras, e-readers, etc.

          A good solution would be a multi-SSID capable AP with VLAN capabilites (but the latter requires also support all down the chain...) to segregate some less secure device, but not every user is a sysadmin with the required knowledge, for many wifi and internet is just a plug&play "experience", and without knowledge, they can't undersand the full picture...

          1. Nigel 11

            Re: Kill that WiFi Sense thing!

            A good solution would be a multi-SSID capable AP with VLAN capabilites (but the latter requires also support all down the chain...) to segregate some less secure device, but not every user is a sysadmin with the required knowledge, for many wifi and internet is just a plug&play "experience", and without knowledge, they can't undersand the full picture...

            Well, you can get a router with that hardware for about £15 and OpenWRT to enable the capabilities for free. So with a bit of luck, someone will package it all in a form that the only slightly clued-up can use and either open-source it or sell it (if it's a user-mode wrapper running on OpenWRT or similar, the GPL doesn't force you to give away your source, only OpenWRT).

            You don't necessarily need VLAN support in the rest of your hardware. You just need routing rules to segregate your subnet from the kids' one.

            1. LeeV

              Re: Kill that WiFi Sense thing!

              @Nigel11 "you can get a router with that hardware for about £15 and"

              Which router? I've looked at loads and most that run up to date versions of OpenWRT are a lot more than £15. Help!

              1. Nigel 11

                Re: Kill that WiFi Sense thing!

                Check out the OpenWRT Hardware list http://wiki.openwrt.org/toh/start

                The one I have is the Trendnet tew-732br

                http://wiki.openwrt.org/toh/trendnet/tew-732br

                installing openWRT Barrier Breaker was a piece of cake.

                The one problem is that AFAIK there are NO ADSL2+ All-in-one routers that can run Openwrt, so I'm using my ISP's Router to NAT everything onto a piece of wire connected to the Linux router. Double-NAT isn't perfect, but I can cope with it. Or you coudl buy a proprietary ADSL2+ box that can run in bridge mode (but apart from the Draytek PPPoA to PPPoE bridges, most are doing horrible things that a bridge really shouldn't be doing)

                1. LeeV

                  Re: Kill that WiFi Sense thing!

                  @Nigel11 Epic! Thanks for the tip.

                  Luckily I'm OK on the ADSL front, I moved to FTTC years ago!

                2. Jamie Jones Silver badge

                  Re: Kill that WiFi Sense thing!

                  The Talk-Talk ADSL modem (rebadged D-Link) does bridge mode - I use it with no issue to feed my asus rt ac68-u

                  As they give those things out like AOL CDs you should find them cheap-as-chips on ebay etc.

            2. Anonymous Coward
              Anonymous Coward

              Re: Kill that WiFi Sense thing!

              Just, buying the right device, re-flashing it with OpenWRT and configuring it is still outside the reach of many home users. As soon as you have the skills, maybe you don't want to go the "cheapest device" route and buy better hardware with better capabilities - and probably you also avoid the "all-in-one" device - that's why VLANs becomes useful so you can properly separate traffic and assign devices to the proper one depending on what they connect to.

      2. Evil Auditor Silver badge

        Re: Kill that WiFi Sense thing!

        Maybe you are right about the project manager. It shouldn't have been the pm to set the requirements though. But to whoever came up with that brilliant idea: fuck off and die - and not in that order.

  13. Joe User
    Thumb Down

    Well, it looked like a good idea on paper....

    And that's where it should have stayed.

  14. Kanhef

    When your friends connect, do they share the key with all of their contacts? No matter how secure the keys are as they pass through Microsoft's servers, the plaintext has to be recoverable for their devices to make use of it, so is there any way to prevent it from being spread ad infinitum?

    1. dogged

      No, it doesn't extend to "friends of friends".

  15. Chairo
    Joke

    They couldn't possibly have known this

    Microsoft employees obviously have no friends and no contacts out of work and family, so how could they have guessed it's a bad idea?

  16. bazza Silver badge

    Oh that's just great.

    In most countries in the world, the owner of a WiFi network is legally responsible for the traffic flowing through it. Someone downloads dodgy porn, it's the owner the police will prosecute.

    So that's fine, you don't give out your WiFi password to all and sundry, least of all your kids.

    With WiFi Sense, most people will lose control of who has their WiFi password. May as well just run an open network.

    Sure, it's easy enough to stop it happening, but to do that first you have to know that it is happening and then take the necessary precautions. However most people will be utterly clueless about all of that, and most will be completely vulnerable to the inevitable consequences.

    1. mathew42
      Stop

      Re: Oh that's just great.

      It does raise the potential of legal defence that even a 'secured' access point may have a person you don't know connecting. It would be interesting to see that tested in a court of law.

      1. bazza Silver badge

        Re: Oh that's just great.

        It would be interesting for see it tested in court, though I would not want to the the one having to rely on it!

        The courts in the UK are notoriously slow to pay heed to what actually happens in the world of science and technology. Overturning established precedence is very difficult, especially if it has already been relied on to convict a bunch of people whose cases would have to be reopened. They just hate acknowledging mistakes. There would be a single opportunity to do so in the first relevant court case after Windows 10 goes on sale, after which it would become very difficult. As things stand it will be extremely difficult to persuade a judge that Windows 10 is in any way different or relevant.

        So a guest SSID it is, and the password will change after someone has visited.

        Sane law enforcement is becoming increasingly difficult with the tech that is being developed. It is becoming increasingly difficult to have both technology freedom and stopping bad people exploiting it to help them harm others.

    2. Nigel 11

      Re: Oh that's just great.

      In most jurisdictions, wilfully aiding and abetting a crime is a crime, and inducing a well-intentioned individual to commit a crime in ignorance of doing so is usually regarded as a worse crime.

      Watch out, Microsoft execs!

  17. Christopher Key.

    Password required?

    Do you actually need the password to authenticate? Would it not be possible to hand authentication off to MS, and just receive the session key afterwards?

    Of course, this means you need communication with MS whenever you want to connect, but unless Microsoft is going to have you maintain a local cache of wifi passwords for all your contacts, that would be the case anyway.

    1. Richard 12 Silver badge

      Re: Password required?

      So how do you talk to MS to get the password that you need in order to connect to the network to talk to MS?

      In order for this to work at all, then your Windows 10 machine already has a copy of all the WiFi passwords from all your "friends", ripe for an offline attack.

      - That wasn't necessarily true on the phone as they may be assuming cellular data, but laptops do not have cellular data.

  18. This post has been deleted by its author

  19. Arctic fox
    Windows

    The moment I saw that option I turned it off and it will remain off.

    It will a very cold day in hell etc....

    1. TonyHoyle

      Re: The moment I saw that option I turned it off and it will remain off.

      Problem is.. can you be certain that everyone who visits your house has it turned off? your kids' friends?

      I'm hoping there's some network based countermeasure that can be put in place to block devices with it enabled, or at least block devices using it (those that have not legitimately been given the password).

  20. Anonymous Coward
    Black Helicopters

    RIPA and passwords

    So, if I am friends with you via Outlook, and visit you in the UK, my computer automaticaly begins to use a password I have never seen? :) How do I explain that to the Orwellian authorities?

    1. Rich 11

      Re: RIPA and passwords

      Humbly.

  21. Anonymous Coward
    FAIL

    Banishment is the only way.

    I can easily change the default, but I can't force any user of my network to do so as well. So I come to the conclusion that I cannot allow anyone with an electronic social life (I'm safe) - family member or visitor - to connect a Windows 10 device to my home network.

    What a totally stupid idea, Microsoft. Given the security problems that it is bound to cause, you could at least have defaulted to OFF.

    1. Anonymous Coward
      Anonymous Coward

      And another thing ...

      When I give someone the WiFi password I am authorising them to use my network. If they pass it on to someone else, that person is by definition an unauthorised user.

      So this feature is facilitating - nay encouraging - unauthorised access to networks. Surely illegal in most jurisdictions?

  22. Kurt S

    How hard is it for these companies

    to have crap like this on opt out by default?

    Ofcourse at my place if a mate/family member requests the wifi password they get the question 'whats your MAC address?'

    1. Anonymous Coward
      Anonymous Coward

      Re: How hard is it for these companies

      Kurt S: What's your MAC address?

      Family member: I don't have a Mac this is a PC.

      (Don't laugh, I've had similar. When I've mentioned that my laptop isn't running Windows, I've been asked "Is it a Mac?". This, despite the machine having "Toshiba" so prominently stamped on the case.)

  23. Anonymous Coward
    Joke

    How many antisocial whiners!

    C'mon guys & girls, it's the "social netowrk" world, so you have to make your networks social! Don't let your wifi networks be selfish isolated ones, they need to socialize with everyone coming into their range, and let your social devices socialize with each other, and especially, with those nice huge databases collecting all those informations in need of socializing with admen, spooks and whoever is ready to socialize his or her money with those willingly to socialize those databases in exchange...

  24. John Tserkezis

    Oh goody. I'll be using Windows 7 forever then. Thanks.

  25. Anonymous Coward
    Anonymous Coward

    Convenience...

    ...always trumps security. And it always comes back to bite us, sooner or later. And yet, we never learn...

  26. Russle

    gamma level

    msft has weaponized technology and is tasked to euthanize 6 billion people this generation by order of the ones who worship evil. unprivileged species targeted for dna fragmentation include all subjects within radius distance of downtown Seattle with gamma level electromagnetic omnidirectional targeting penetrating ten foot thick concrete over ten miles away.

  27. jamesb2147

    Slightly misleading

    ...or maybe it's my title that's misleading?

    Anyway, the wording of the FAQ page and other Microsoft materials splattered about El Reg's article suggests that this only applies to PSK networks. In addition, the "friend of a friend" sharing appears to only happen if you manually give your friend the password instead of sharing it with them via Wi-Fi Sense.

    IDK of a single corporate network using PSK that cares, and all the big corporate networks I've encountered use 802.1x.

    Also, not having to actually share my (ideally random) password with friends (who might write it down or have to ask me several times for it) seems like a genuinely good idea and useful feature. Now, if someone walks in and wants the password, I ask if we're FB/Skype friends, and if we're not, then frankly I don't want them on my network and I communicate that politely. If I had kids, I wouldn't want them to know the password either, but I wouldn't care if they shared it with their friends (hope I don't regret those words one day). No more explaining a combination lowercase/uppercase/numeric password to someone who might miss a letter. :D

    With all that said, the "opt-out" mechanism is @#)$*&@.

    1. SImon Hobson Bronze badge

      Re: Slightly misleading

      > only applies to PSK networks

      AKA pretty well all home networks, and a very large proportion of small business networks

      > the "friend of a friend" sharing appears to only happen if you manually give your friend the password instead of sharing it with them via Wi-Fi Sense.

      Since I don't have a Windows machine, and if I have a Win10 VM it'll have this turned off, that's the only way I'll be giving people the password. Hence, I'll now have to check everyone's device (can't ask them, as per previous comments the vast majority of users will have no idea) to make sure this is turned off before letting them join.

      Still, I was planning on setting up a 3 (at least) way network - one for me and trusted devices, another for any IoT stuff I let in the house, and a 3rd for visitors.

  28. Anonymous Coward
    Anonymous Coward

    PSK

    Who still uses pre shared keys for authentication anyway?

    Isn't that so last decade?

  29. RobHib
    Flame

    It's Disneyland stuff.

    This is Disneyland stuff, sure those WiFi-Sense toggles aren't managed by the Cheshire Cat?

    In recent years, every new version of Windows becomes less and less like a real Operating System and more and more like something out of Alice in Wonderland.

    Year after year, version after Windows version, we continue to be faced with hundreds, actually thousands, of Microsoft security breaches, sloppy code and other crappy stuff. Yet despite years of industry and user condemnation, Microsoft just ignores it like water off a duck's back, then continues to add more crap as if nothing had happened.

    Oh my Kingdom, my Kingdom for a truly competitive non-Microsoft Windows clone.

    (A dream's about as close as I'll ever get, methinks.)

  30. Epobirs

    There is a reason Group Policy exists

    Any domain operator that falls victim to the above described maneuver deserves what he gets. This should be readily controlled by GP and would hopefully default to disallowing access to SSIDs that can see the domain resources. This is what guest SSIDs are for.

    1. Terry 6 Silver badge

      Re: There is a reason Group Policy exists

      Well yes. This is not aimed at the corporate space.

      It's a way to make the vulnerable private user even less secure.

      Kind of like giving the wolves a map with a big arrow and the word sheep "printed "on it.

  31. Destroy All Monsters Silver badge

    Autoacceptor robot

    [X] "Accept terms of use for me when required"

    ... The sound of lawyers powering up their Porsche Cayennes.

    1. Anonymous Coward
      Anonymous Coward

      Re: Autoacceptor robot

      This is just Cortana filling the forms with fake data, so that you don't have to.

      (name="Name", email="someone@example.com", phone="206-555-0123")

  32. Ken Hagan Gold badge

    No significant known issues, he said.

    What ... the ... %"@!

  33. Sampler

    Little surprised

    At the amount of people who give out wifi passwords here that connect to their network. My wifi is for my devices, the secondary wifi running under wireless isolation and only able to connect to the internet and firewalled off of the rest of the network is the password visitors get...if I like them..

  34. JP19

    Google

    already has half the WiFi passwords in the world - why shouldn't Microsoft try to catch up?

    1. Michael Habel

      Re: Google

      If by Passwords you meant SSIDs, and MAC Addresses* then yeah.... Cause I'm sure thats all Google could ever snag from the backs of their Google-mobiles

      *Which is bad enough indeed! But, as long as you're a sensible person and have your channel encrypted, then Google couldn't do much else to you.

      1. Anonymous Coward
        Anonymous Coward

        Re: Google

        [grabs android phone]

        [performs factory reset]

        [logs in with google account]

        [wifi credentials are all re-established]

        Just because google did a bit of war driving a few years ago (most of the affected routers will have failed by now anyway!), doesn't mean that's their only source of information.

  35. Anonymous Coward
    Anonymous Coward

    It's getting insane!

    But what the heck, the masses will swallow it anyway! It amazes me to see the level of abuse Windows users can take and they're still begging for more. I hope they will enjoy the abuse-as-a-service !

  36. Anonymous Coward
    Anonymous Coward

    Grand plan

    This sounds like more than just a marketing ploy given that MS is moving as much as it can online (trying to copy google i suppose) and they are trying to find ways to ensure that users are online whenever possible otherwise the online experience doesn't work so well. For example the recent shift of Office to this strange online/offline chimeara in the face of many people saying "but its always been fine just on my computer".

    Not having to shout your passwords across the room will end the fun game of joke passwords, my favourite is setting the password to "whatdidyousay"

  37. Steve Crook

    Just tell me it's going to be switched off

    by default. Please.

    As for the 'opt-out' feature, SSIDs are limited to 32 bytes AFAIK so we'll only need few few more idiot decisions and the whole SSID will be opt-out strings.

    Fucknuts.

  38. Tom from the States

    Remember the old rule, when you sleep with someone...

    ...you're sleeping with everyone *they've* slept with. Sounds like that's how Wi-Fi Sense is working.

  39. bill 27

    This stinks to high...

    heaven of NSA.

  40. Lee D Silver badge

    Feature #47 of the "We managed to get Windows 10 into the news with a stupid idea, now let's revert it to appear like we've 'listened to our customers' despite never intending to let such a stupid idea ever happen" in the normal Windows release schedule.

    It's only a shame that Metro wasn't a joke...

    1. Anonymous Coward
      Anonymous Coward

      Oh, but it was.

  41. JP19

    Google

    already have half the WiFi passwords in the world, why shouldn't Microsoft try to catch up?

  42. Anonymous Coward
    Anonymous Coward

    If the NSA is in Microsofts network then now they are in mine. And I haven't even friended them on Farcebook

  43. This post has been deleted by its author

  44. Nathan 13

    Another

    reason it will suck.

  45. This post has been deleted by its author

  46. adam payne

    Just reading about it makes me think security issues. This setting should be defaulted to off.

    1. Kar98

      That's why it IS off by default.

      1. Kanhef
        FAIL

        RTFA: "Microsoft enables Windows 10's Wi-Fi Sense by default, and access to password-protected networks are shared with contacts unless the user remembers to uncheck a box when they first connect."

  47. maspiers

    Key words missing from headline

    "For networks you choose to share access to“

  48. Michael Habel

    Just One more reason why this WILL BE THE GREATEST WINDOWS YET!

    Welcome to Windows 7!

  49. Anonymous Coward
    Anonymous Coward

    Makes it easier for the spooks...

    ...if you send your passwords to the Microsoft cloud.

    I mean you trust Microsoft to not look at or share your personal info don't you.

  50. Pen-y-gors

    Bear of little brain is confused...

    I am of limited intellectual powers. Could someone please explain how this can work?

    1) I am in the contact book for some one who uses Win 10, using my regular e-mail address of balls-of-steel@narcissist.com

    2) my laptop comes in range of my poor deluded Win10 user

    3) What on earth is there that connects my laptop (called numerouno) with a user account of eljefe to the e-mail address in the contacts list on the Win10 box?

    Let's hope they switch it off by default before release date. And then kill it entirely

    1. TonyHoyle

      Re: Bear of little brain is confused...

      Basically the password is tied to the BSSID. You have 100 friends, all the networks that they connect to will be stored on your computer somewhere with reversible passwords.

      That's quite a lot of passwords.. and I reckon it'll be about a day before you can download a tool to print out all those passwords (and malware starts dumping it across the internet).

  51. Pascal Monett Silver badge
    Mushroom

    So let me get this straight

    Microsoft has created a function where it slurps your passwords and stores them on its servers to pass them out to anyone who is listed as your friend when you designate them as such, and again to anyone they have as friends when they designate them as such.

    If i remember correctly, we are all but 6 links away from anyone else in particular. Therefor that means that this new function makes your passwords available to practically everyone. Way to go, Microsoft !

    Just an idea, though : maybe you could disable sharing passwords that you acquired by being shared them ? In other words, my friends get my password, but not their friends ?

    Oh, and passwords stored on the Microsoft cloud. What could possible go wrong ?

    1. Hellcat

      Re: So let me get this straight

      Just an idea, though : maybe you could disable sharing passwords that you acquired by being shared them ? In other words, my friends get my password, but not their friends ?

      You can't disable the function, because it's not possible. As it has been since Wifi Sense was introduced, the access is only shared with your contacts. Your contacts cannot share access to your system with their contacts because they don't have the password.

      In this way it is more secure than giving them the password, as they cannot pass it on. What the feature really needs is the ability to pick and choose which of your contacts is allowed to use your Wifi.

  52. Anonymous Coward
    Anonymous Coward

    Just open your wireless to everyone.....

    openwireless.org set it as a second SSID which only goes to the Internet. Yes you need a proper router that either lets you configure it, and/or has a guest mode pre-configured.

    Then you can lock the home SSID to only those who need "internal" access.

    Has the added advantages of "plausible deniability"

  53. CJatCTi

    If you are not on the network how does it get you the password for access to the network

    Isn't this the same as the message you get from your ISP when you phone them to say you can't get onto the Internet and you need their help - For help please visit our website for answers to common questions.

    Unless MS push all the passwords of everyone you know to your PC in anticipation, you can only get the Office Wi-Fi password when you are already connected to the Office Wi-Fi, and to have done that you would have needed the password.

  54. Anonymous Coward
    Anonymous Coward

    Small Businesses

    This is going to be a security nightmare for the high street. Not everyone has the luxury of RADIUS servers and the like. There are lots of little businesses with less than ten employees who use WPA2-PSK wifi in the shop.

    Lets take an example of a company installing Windows and Conservatories. Salesman sits in office on the WiFi network. He has Windows 7. His Outlook Contacts list is full of client addresses. He then visits a few sites and while there he is handed Wifi keys to connect to those networks. He fills a few more potential clients into his Outlook Contacts. He also has numerous suppliers in there. He'll even have some of the competitors.

    Laptop auto-upgrades to Win10. And suddenly we have a salesman who has given the company WiFi key to all of his "friends".

    Even better when some of those clients, or even the suppliers, also upgrade and start handing out the keys. There will be many situations where the paths will cross. Laptops will start handing over keys of third parties that don't even know about each other. All these people will need to do is visit his shop.

    This is going to rapidly get silly. Why do Microsoft assume that everyone in my Outlook Contacts is a friend? I have some people in my phone book specifically because I don't like them and need to know when it is their number calling. My phone book goes back decades.

    Massive headache. As an IT Support guy for small businesses this now means I am going to have to change a lot of WPA2-PSK wifi passwords. I just don't see the logic of having this feature on by default.

    1. Anonymous Coward
      Anonymous Coward

      "Why do Microsoft assume that everyone in my Outlook Contacts is a friend?"

      Very, very true. It's just a silly "consumerized" and pure socialsilliness idea that everybody in your contact list is a "friend" - maybe teenagers' - but not most people's. In my contact list there are a lot of contacts which are just "contacts" - people I may need for some kind of service, but are not friends at all and I have no will to share anything with them but for the services I need.

      Maybe the day someone gets Nadella's passwords, someone at Microsoft (including Nadella himself...) will reconsider this silly idea of "friendship".

    2. Anonymous Coward
      Anonymous Coward

      Re: Small Businesses

      There are lots of little businesses with less than ten employees who use WPA2-PSK wifi in the shop.

      Indeed, and setting up WPA2-Enterprise with FreeRADIUS is a royal bitch when it comes to connecting Windows-based clients.

      MacOS X and Linux will see the untrusted certificate and ask the user to verify, but Windows insists on knowing the CA, having the CA's certificate as a trusted certificate on the client machine. Then Windows Update comes along and wipes it out.

  55. Anonymous Coward
    Anonymous Coward

    "Wi-Fi Sense access to your Facebook contacts, you are giving Microsoft a list of your Facebook friends"

    If you install the Facebook app, it already integrates your Friends with your contacts list.

  56. Anonymous Coward
    Anonymous Coward

    A Stalker's Dream

    So John dates Mary. Gets given Mary's wifi key when visiting her flat.

    John knows Charlie. Charlie is Mary's neighbour. Mary has never really been sure about Charlie, but you can't pick your neighbours.

    Next time John visits Charlie Windows 10 will give Charlie Mary's wifi key. At no stage has anyone asked Mary if this is okay. Yet this will be default behaviour. And now Charlie has access to Mary's network.

    1. Hellcat

      Re: A Stalker's Dream

      A stalkers dream indeed, if stalkers dream about accessing the internet over someone elses internet connection.

      A Wifi sense accessed network will only allow access to the internet. I've not looked into the feature thoroughly enough to see if that is based on gateway address, DNS servers or something else within Windows.

    2. dogged

      Re: A Stalker's Dream

      > And now Charlie has access to Mary's network.

      No, Charlie only access to Mary's WAN connection. It doesn't work as a LAN gateway at all.

      But hey! Nice panicmongering! Maybe you could write for the Reg! Or the Daily Mail!

      1. Anonymous Coward
        Anonymous Coward

        Re: A Stalker's Dream

        It's probably just an automatic firewall setting - just allow traffic to/from the wifi connection default gateway (maybe disabling LAN subnets?) . And it will work properly only in simple setups - in more complex ones the default gateway may not be the Internet router. Or Windows 10 tries to perform a full network topology discover?

      2. Anonymous Coward
        Anonymous Coward

        Re: A Stalker's Dream

        No, Charlie only access to Mary's WAN connection. It doesn't work as a LAN gateway at all.

        And for a typical WiFi router, with standard settings, those equate to being one in the same. The intent might be for WAN access, but the reality is on many routers it's just layer two bridging onto the LAN. This is particularly true of consumer kit, they don't call them SOHOpeless routers for nothing!

        In the hypothetical situation above, John has given away the keys to Mary's network, she might've well printed them out and stuck them on a sign in her front garden.

        1. TonyHoyle

          Re: A Stalker's Dream

          Yeah I don't really know how you enforce WAN access only... The windows device has the password. This must be reversible to work, so it's only a matter of time (hours, days) before you can download a tool that tells you the password which bypasses the restriction.

          Also, how do you restrict.. I can't see it being particularly troublesome to bypass that. Once you're on the network you have access to that network - simple software blocks (under the control of the attacker, no less) simply won't work. You could simply dump all the now unencrypted traffic straight off the wifi interface & get loads of information.

    3. Anonymous Coward
      Anonymous Coward

      Re: A Stalker's Dream

      Okay... no LAN access and only WAN access. Then this goes malicious and lots of surfing done of illegal websites and a quick call to plod and everything hits Paedogeddon levels nice and quickly. Remember anyone can hand you over to the police with out any level of proof. The person making the accusations stays private even if they are lying.

      Also now we come back to the tech guys... so you are 100% sure that this password cannot be hacked out of the laptop in any manner?

      Just does not make sense to have this on by default. At least supplying a permission box would be a start! As I understand it, this all happens silently.

    4. Kanhef

      Re: A Stalker's Dream

      Nice example of how this can spread access to a network without the owner's consent.

      If every device used Sense, it wouldn't be as bad an idea. The network owner is the only one who enters the key, it's shared with their friends and no further, everyone's happy. (Of course, as other people have pointed out, this ignores the reality that many people have contact who are not trusted friends.)

      If nothing uses Sense, it's possible for friends to pass on wifi keys, but it requires a deliberate action. John could choose to give Mary's key to Charlie, but it's not something that can happen accidentally.

      The problem is when you mix key-sharing methods. Maybe Mary uses a Mac and has never heard of Sense. Maybe she uses Windows 10 and turned Sense off because she doesn't want her wifi key shared with everyone she's ever contacted, which includes Charlie. Either way, when John enters the key on his Windows phone, it assumes he owns the network and has the authority to share the key with everyone he knows. Since John isn't tech-savvy, he isn't aware of Sense and hasn't turned it off; he doesn't even know that Charlie now has Mary's key.

      The only way I can see this being workable is if it's fully opt-in: choose to share a key, and choose who to share it with, rather than sending it to all of your contacts.

  57. KingStephen

    I hate to spoil a good story and headline, and to puncture the indignation and imaginations of so many commenters, but it seems bogus:

    "You share with your contacts, but not their contacts. The networks you share aren't shared with your contacts' contacts. If your contacts want to share one of your networks with their contacts, they'd need to know your actual password and type it in to share the network.".

    As the point of it is that you no longer need to tell your visitors that your wifi password is ilovejustinbieber, they're not in a position to share that with anyone else - whereas without wifi sense they would have been.

    Wifi sense is opt-in, as is adding Facebook friends to the permissions.

    Carry on now as if I hadn't mentioned this.

    1. dogged

      stop it, they're all having so much fun screaming about this.

      Then again, they won't notice over their own manufactured panic.

      Carry on.

    2. Just Enough

      Someone else is sharing what I told them in confidence

      You seem to be missing the obvious.

      Say I do not have Wi-Fi sense. I don't use it and have not opted in for Microsoft to do anything with my wifi. My friend is visiting and wishes to use my wi-fi. I have to do it the boring old way and actually tell them the password. They type it into their Windows 10 laptop. My friend's laptop now knows the password, but I'm ok with that.

      Then their "Wi-Fi Sense" goes and shares my password with Microsoft, and anyone else that my friend has in their email contacts, or knows on Facebook. I'm not ok with that.

      Microsoft's answer to this? Well I have to rename my SSID with an "_optout" to suit Microsoft's crazy plan. Thanks.

      1. Hellcat

        Re: Someone else is sharing what I told them in confidence

        Or you could, if they have Wifi sense enabled, choose not to share that network via Wifi sense?

        If they later choose they want to give their contacts access to your wifi by sharing it over wifi sense, they will need to enter your password again.

      2. KingStephen

        Re: Someone else is sharing what I told them in confidence

        As far as I can tell, sharing any network via wifi sense is off by default.

        I have wifi sense enabled, and my W10 PC knows two networks - both are "Not Shared". Ditto on my phone. So unless your friends are maliciously sharing your network to their friends, then no, you don't have to "_optout".

        But please feel free to ignore this information.

        1. Just Enough

          Re: Someone else is sharing what I told them in confidence

          "maliciously sharing"

          There need be no malice required. Your friend could just be clueless about such things. Maybe they think they need to enable this in order to share my network for themselves. "I'm sharing your network, am I not? This tick box says "share this WiFi with friends". You're my friend, so I should probably tick this box."

          Microsoft are equipping Windows 10 with functionality that their users may not use correctly. That's not unusual, but the victim of the misunderstanding is not the user, it is someone else who may have nothing to do with Windows 10, or Microsoft, or WiFi Sense. And Microsoft are imposing responsibility for fixing the problem on everyone else.

      3. Kar98

        Re: Someone else is sharing what I told them in confidence

        > Then their "Wi-Fi Sense" goes and shares my password with Microsoft,

        No, it doesn't.

  58. Anonymous Coward
    Anonymous Coward

    ms are just adding more ways to make money from users

    Free wifi like cellular access is big money, if everyone shares their infrastructure with ms then they can sell it on to the real ms customers i.e enterprise

    BT Fon already resell your bandwidth ms want everything you own for free, even if they remove it now it will be back under anew name before win11

    The real question with windows is "can you trust microsoft" if your answer is yes then you deserve all you get, everyone who believes your spiel will remember who allowed them to suffer.

    tick tick tick the ms money train has left the station and the only seats were all reserved for company men only

  59. brotherelf
    Trollface

    _optout?

    Wow, yet another random magic string. What's the length limit on SSIDs again? And to think there's so many nice Unicode characters they could have used, such as just &#x1F926. Failing that, surely there's an OID they could use?

    (Disclaimer: I've not checked if SSIDs need to be 7bit ascii, nor do I particularly care.)

  60. The Original Steve

    Going to get slated, but...

    ... I actually think it's a pretty good idea to be honest. I qualify that statement by saying that I'd be much, much happier if I knew exactly how it worked - particularly around prevent LAN access to people who have access to your Wifi.

    But really, this won't impact corporates (and if it does then the problem is with your implementation of Wifi rather than Wifi Sense - you should be using 802.11x over PSK's FFS!).

    So it's actually going to be for consumers over businesses that will be impacted by it. And if MS are storing the key encrypted at rest and over the wire, as well as it only being shared in a non-visible way to your address book with WAN access only.

    To be honest, with the track history and how much is "sensitive" data is stored on cloud services (iCloud, Google, OneDrive) a PSK that's limited to WAN only access and shared with people in your address book only - that you can change / revoke - doesn't bother me that much.

    Considering that with Chrome your web-based passwords are sync'd via Google Cloud, and with IE / Edge your credentials are sync'd with OneDrive as the store then my home Wifi PSK seems fairly "safe". Well, safe enough.

    Until otherwise stated, at present you need to be in my address book and have physical access to the Wifi signal. Even then it's just WAN access too.

    I have used this as an owner of a Lumia 930. My brother has a Lumia 1020, whilst my mum has a 730. Works really well - just seamless... They pop over and turn on their Wifi.... and voila - internet access without the need to shout out keys.

    Also have a Linx 10 tablet that I've been running Windows 10 Insider for a few months. Again with this - always have Wifi access without dicking about with keys. Have tested it out with some test scenarios and indeed, there is no LAN access. Haven't investigated why, and as a techie I'd really like to know how this is achieved, but on the surface it seems useful.

    Sure, there maybe a potential / possible security issue - but in reality and so far it all seems good. Worth noting that it's not shared with Facebook by default. You have to explicitly give consent for just that one type of sharing.

    1. razorfishsl

      Re: Going to get slated, but...

      So you have absolutely no problem with a US based company sharing your WIFI keys with the NSA, even when you are not in the US or a US citizen?

      You obviously have little understanding of 'corporate' networks and assume that every company is a 'big' company, whilst forgetting all the little lawyer and service offices that cannot afford to employ IT to setup the security after some company changed it malware to illegally forced its way into everyones network.

  61. Shufflemoomin

    I was reading this thinking it was a terrible idea, saw the screenshot and then thought, "well, at least you have to enable the feature." Then I read "Microsoft enables Windows 10's Wi-Fi Sense by default". Jesus Christ, Microsoft. It's like you WANT to fail these days.

  62. markl66

    This now the top "feature" for not "upgrading" to Windows 10

    What is scary, is even if I stick with Windows 7 and Ubuntu, any visitor/friend/family that visit who have Windows 10 or an MS Phone and I share my Wifi password with then shares it with unknowns. Considering the average number of Facebook friends people have, it's a lot. Since I let a room using AirBnb, and my guests quite rightly would like to use my Wifi, if they are using Windows 10, the answer will be NO. I also have work computers on my network with sensitive data from clients on.

    1. Anonymous Coward
      Anonymous Coward

      Re: This now the top "feature" for not "upgrading" to Windows 10

      "Since I let a room using AirBnb, and my guests quite rightly would like to use my Wifi, ... I also have work computers on my network with sensitive data from clients on."

      The way that reads, outwith of anything to do with Windows Phone 8/Windows 10, you already let your guests onto a network with your computers (with your clients data on) and that Wifi Sense would only make the scale of a (possibly) existing problem larger.

  63. Z 4195

    Am I missing something, or could you not just disable SSID broadcast altogether?

    I imagine the service will be "hey MS, I wanna get onto SSID XYZ, has someone shared its credentials?" if its not broadcast, the phone/laptop/whatever would have to be sent a [huge] list of all SSIDs they've had shared with 'em to try one at a time...

    1. hayzoos

      even hidden SSID can be shared

      The sharing occurs when selected upon connection. If your hidden SSID is entered into your buddy's Win10 with the password and sharing enabled, then their friends can now access your hidden SSID network.

      You do not even have to have Win10 yourself for your WiFi to be shared. The WAN only access is implemented in software. Bypass the software WAN only restriction to access the LAN.

      I will be renaming my three home networks to include _optout. I do not even want the _guests network shared like this. I have 11 WiFi clients to update in-house and a number of real friends who will need the new name.

      I never bothered with _nomap since by the time I found out, It was probably already mapped.

      What happens in the case of a Win10 upgrade of a Win7 or Win8 and WiFi is already entered? Will it or not be shared?

      What happens if the sharing is later turned off? I guess you would have to tell Win10 to "forget" the network then reconnect without the sharing option. Will friends continue to have access? Will the have access until they disconnect if currently connected? Will a bug arise which continues to allow friends to have access?

      My WiFi MAC address filtering only allows 20 whitelisted MAC addresses. I have had to abandon the MAC filtering because I have more than 20 permitted devices.

  64. Anonymous Coward
    Anonymous Coward

    Windows update

    This is such a good idea [1].

    What are the chances of it being retrofitted to Windows 7 via a Windows Update, without telling the end users?

    [1] No it isn't. But somebody obviously thought it was. I presume somebody fairly senior, otherwise surely somebody in MS somewhere along the idea->product process would have said "this may not be such a bright idea, because ..."

  65. Anonymous Coward
    Anonymous Coward

    Another Great Feature We Don't Want! Gee thanks Microshaft

    Great, so now if a friend comes round your house and you allow them to use your Wifi by default all their friends now also can access your wifi and quite possibly every other muppet they know on Facebook. Oh and of course now MicroShaft also know your wifi details and whichever government agency has a backdoor. Just fabulous. I can choose not to use the abomination that is windows 10 but my friends and family are not so wise. And if you are a business it's a whole bigger headache.

  66. Mike Flugennock
    Devil

    Kick me hard

    "...That sounds wise – but we're not convinced how it will be practically enforced..."

    Oh, c'mon, you guys. This is Microsoft we're talking about, here.

  67. Stevie

    Bah!

    In the name of God, why?

  68. James Cane

    Security

    A small part of me has often thought that all networks should be completely open access. No firewalls. No WPA.

    It would make us all take security much more seriously. If you have a sensitive application running on your network, encrypt and authenticate.

    Of course, I don't actually think this is a good idea. But I think it has shades of a good idea.

    1. Hellcat

      Re: Security

      Perfectly good idea. If you protect your network only at the boundary, you're always vunerable should a trusted person or device being something inside of your network. Not that you shouldn't boundary protect - but it shouldn't be your last line of defence.

    2. Anonymous Coward
      Anonymous Coward

      Re: Security

      It's against the principles of defense in depth - you stil need the outer layer, knowing it's just that, nothing more. Then you need to design the internal layers knowing the outer ones could be compromised.

      It's alike having a house with no locked doors or windows, but trying to hide everything very well. But if someone can easily monitor you, it will be able to caught you while you're accessing your hidden treasures, or in a moment you're off guard.

      1. James Cane

        Re: Security

        Like I said, I don't think it's actually a good idea. But it has shades of a good idea.

  69. Howard Hanek
    Facepalm

    Making Things EASY

    Will it translate it into Arabic or Farsi too?

  70. Kar98

    WiFi Sense doesn't actually give other people your WiFi password. It only shares it with devices. And only if you tell it to, and only to people you want it to share with.

    1. Anonymous Coward
      Anonymous Coward

      I'm afraid it just means the passwords (or better, the pre-shared keys) are there encrypted (reversible) with some on-device key. So a casual user may not be able to get at the passwords, but someone else more skilled could. Let's see how long it takes for someone to write a utility to get those passwords...

      1. Anonymous Coward
        Anonymous Coward

        "but someone else more skilled could..."

        But then they'd need a list of wifi SSIDs and locations to find the networks they wanted to use. And it's not as if anyone has gone out of their way to make one of those. Ah.........

        1. Anonymous Coward
          Anonymous Coward

          WiFi sense already shares the WiFi locations also, because SSID are not unique, of course, I guess it also checks the location to know what password to use for which SSID.

          Thereby those data may be already on the device.

  71. enormous cow turd

    I don't want it!

    It's against the laws of common sense and no good will come of it.

  72. Cynic_999

    I'm not that concerned TBH

    My thinking is that WiFi networks are inherently insecure, and so nothing that is needed to be kept secure on the WiFi side should be capable of being accessed via the WiFi no matter how many passwords have been compromised. You could fairly trivially get access to the Internet via my home WiFi router, but it does not allow routing to my local wired LAN, so is not a security risk.

    Think about all the devices available nowadays that users will willingly feed with their WiFi key - and any one of them could be designed or compromised to start sniffing around your LAN - *if* your WiFi gives it access. Heck, even my central heating controller has access to my WiFi so that it can update its clock from an Internet time service.

    1. Anonymous Coward
      Anonymous Coward

      Re: I'm not that concerned TBH

      Just, there are more complex scenarios than simple one-SSID-all-in-one devices. I got a multi-SSIDs AP exactly to be able to create some "low sec" SSIDs which are put on VLANs able to access the Internet and nothing more - SSIDs used by guests and "untrusted" devices like the Sky decoder and others (SSIDs separation is also enforced by the AP).

      Then there are more secure SSID on other VLANs able to access more network resources - and of course my own phone and laptop are on these secure ones, because, yes, I may want to be able to access some "secure" documents from the laptop, for example.

      If these devices start to "leak" the credentials used, I'm not happy at all - sure, I can disable such "feature", hopefully - but forget to do it and all that "secure" (and a little expesnsive!) setup is useless because credentials are sent to the "cloud", and to your contacts...

  73. razorfishsl

    There goes office security for customers, where you have your own corporate WIFI network and a guest WIFI for them.

    Seriously who the fuck do these ass clowns think they are...

    Having to add "_optout" to our SSID , why not having to add "_optin"?

    It's like....... well... if you don't play our game we are going to fuck you and your infrastructure about as much as we can.

  74. ElReg!comments!Pierre
    Happy

    FON

    I just have a Fonera. Keeps the public network separate from my private one(s), with track being kept of who does what from the public side (local laws otherwise states I'm responsible for everything that goes through my network).

    Also it gives me a nice convenient separate (private) LAN with a password that can freely be given to guests and changed at a whim. Not that it matters much, as there's nothing else than guests on it.

  75. Anonymous Coward
    Anonymous Coward

    Who pays?

    Someone here mentioned they have hit their data limit on downloads and now are in the extra data penuary, assuming their friend drops by and watches a bit of youtube while waiting for them to return who pays for that?

    The obvious answer is the wide eyed fool that accepted this option on install but it won't be popular.

    If the WIFI has another SSID for guests that is only enabled as required, data capped and secured from the main network not so bad but that is not going to be the norm for non reg readers. The service does not have the option to share only "guest" networks I assume?

  76. scoob101

    Sharing Credentials is not PASSIVE, the user must chose to do it!

    I really dont see what the fuss is here.

    Wifi Sense only shares credientials that YOU tell it to share on a per network basis. If you want your network to remain private, then dont share it!

    1. TheVogon

      Re: Sharing Credentials is not PASSIVE, the user must chose to do it!

      "Wifi Sense only shares credientials that YOU tell it to share on a per network basis. If you want your network to remain private, then dont share it!"

      Quite - this is no different from telling your friends your WiFi passwords. Except that it's more secure in that it's harder for them to recover the actual password and tell a third party...and they can't access your LAN - only the internet.

    2. Anonymous Coward
      Anonymous Coward

      Re: Sharing Credentials is not PASSIVE, the user must chose to do it!

      Does the network operator get any say in to whom you share the credentials to?

      I might be okay with you using my network, but I may not fancy sharing it with your mate, even if you don't see a problem with it.

  77. Tree

    Microsoft can see and store everything

    The reason Microsoft wants us to get Windows 10 is to steal all our data and secrets. They also wish to sell our data to the world. My data is mine and they cannot have it, therefore Windows 10+ must be a loser. I will not ever install it.

    1. TheVogon

      Re: Microsoft can see and store everything

      "The reason Microsoft wants us to get Windows 10 is to steal all our data and secrets. They also wish to sell our data to the world."

      I think you are confusing Microsoft with Google.

  78. cmaurand

    Of course

    you can always turn it off.

  79. razorfishsl

    I can see it wont be long before we see multi SSID routers on the market.

  80. Frank N. Stein

    Actually, this is a moot point if you use Xfinity WiFi at home. Comcast takes part of your WiFi bandwith to make free WiFi available in your area. Add the number of Xfinity/Comcast Cable Internet subscribers who have WiFi enabled routers installed in your neighborhood, and anyone can drive down the street and access Xfinity WiFi Internet connections for free, without access to anyone's network attached printers, storage, or whatever. This WiFi-Sense would only then be a problem for Business networks, for those hand full of people using Windows Phones that are still left, or office workers who have tablets or laptops deployed to them.

  81. Anonymous Coward
    Anonymous Coward

    Damn. Even Brian Krebs has linked to your article... I wonder if that guy over at Ars will?

  82. Anonymous Coward
    Anonymous Coward

    Another FUD Article

    The sharing of your Wi-Fi connection has two levels. First is turning the feature on or off, and this feature is on by default.

    However, every individual Wi-Fi network that you want to share must be manually selected to be shared. You can turn any Wi-Fi network on or off with a simple toggle, and they all default to off.

    The most likely time you *may* want to turn one on would be if you were having a party at your house, and wanted your guests to have access to your Wi-Fi, without giving out your password. After that, you would likely want to turn it back off.

    Implying or stating that somehow this feature automatically shares your Wi-Fi connection with others, or your key (which they never see), is just an attempt to grab attention to a sensational post. It's a choice, and you have to deliberately choose to do it.

    1. Anonymous Coward
      Anonymous Coward

      Re: Another FUD Article

      > It's a choice, and you have to deliberately choose to do it.

      Until the mandatory Windows 10 Update changes the defaults. ;-) ;-)

      It's tragically comical how opposite they're going from Apple security.

      Apple: encrypt everything on the phone, we don't want any secrets in our cloud

      MS: we'll share your wifi with your friends (& friends of friends) - secure that! Encrypting your HD? - lets save a BitLocker recovery key to our cloud in case NSA ask us later. Private data, keylogs, passwords - give us all that to store safely - noone will ever serve a warrant on us instead of you, honest guv.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like