Automated WiFi key sharing was always really stupid.
The latest Windows 10 preview has been released by Microsoft, with changes making it more Linux and web-friendly. Gone, however, is automatic Wi-Fi sharing with contacts, with Microsoft citing low uptake over cost of development. Extensions to Edge, Microsoft’s browser alternative to Internet Explorer, in Windows 10 build …
> “The cost of updating the code to keep this feature working combined with low usage and low demand made this not worth further investment. Wi-Fi Sense, if enabled, will continue to get you connected to open Wi-Fi hotspots that it knows about through crowdsourcing.”
Another abandoned legacy security hole then? Didn't Windows already have enough of those?
I'm probably one of the few people who tried to use it. When I'm travelling with the wife I always end up setting the hotel WiFi access up for both of us. Key sharing should in theory have saved me from setting up her access but in practice it took forever for the key to get to her ..... quite possibly because she didn't have network access.
And then there were hotels that restrict the access use of the WiFi password to one MAC address at a time. Best not to share those.
I wont miss is..
WiFi Sense seemed interesting, but I couldn't figure out how it would improve things, especially on desktops. You'd need a connection to download the info... and if you already had a connection then the "Sense" part of it became redundant.
That and it came out first on Windows phones and there were never enough people using them to get some kind of "network effect" to kick in and make it something. On a phone with a cellular data connection it was almost understandable - you could download the login credentials over the network to get a connection to WiFi for data offload. But even that was of questionable value.
Guess I can turn it off on my Winphone8.
I never really got much use out of it as I don't really know that many people with Windows Phones, but you could imagine a more widespread (Android / iOS / cross platform) variant being quite useful. e.g., had a friend visited at the weekend from abroad, and he asked in a couple of bars / cafes we were in for the WiFi password, information already stored on my phone that I couldn't pass on to him. Close friends could have my home WiFi, everyone else just gets the public WiFi I've saved.
"Automated WiFi key sharing was always really stupid."
What worries me is that someone at some point (probably a low level manager or designer trying to make a name for himself) actually came up with it and thought it was a good idea, obviously not even bothering do a cursory security audit of the potential pitfalls and nor did anyone senior either it would seem. You have to wonder whats going on at that company sometimes.
"You have to wonder whats going on at that company sometimes."
You also have to wonder why, having come to their senses and dropped it, they do so on the basis of some waffle about the effort needed to maintain it. They might at least get the brownie points for doing the right thing for the right reason.
"You also have to wonder why, having come to their senses and dropped it, they do so on the basis of some waffle about the effort needed to maintain it. They might at least get the brownie points for doing the right thing for the right reason."
That would be like admitting they were wrong. Not going to happen.
"Because being already connected to the internet, the main risk is from someone using my WiFi, right?"
I thought you might understand. If, like me your main firewall/NATS is your ADSL router but have a sep. wifi access point then the firewalls on all your devices have to be OK if you let anyone connect to your wifi.
"If, like me your main firewall/NATS is your ADSL router but have a sep. wifi access point then the firewalls on all your devices have to be OK if you let anyone connect to your wifi."
ADSL firewalls by default let open ports on your internal devices connect to the internet. No home grade device does anything significantly more than stateful tracking of connections, which stops nothing if the port you want is open anyway. Therefore allowing access via WiFi is little different. Most modern WiFi routers can separate the traffic between an internal DMZ and the WiFi network to provide the same degree of "protection" anyway...
"ADSL firewalls by default let open ports on your internal devices connect to the internet. "
On my NETGEAR router ALL port forwarding was OFF by default. I explicitly had to allow a SSH port forwarding. Whereas my NETGEAR WiFi access point will allow attempts on open ports on the internal network hence most are firewalled AND the WiFi security is as tight as I can make it
WiFi key sharing may well be stupid, but consider this - the rolling Windows 10 updates mean Microsoft are now disabling features on products you own a licence to use.
You're happy now, as it's a feature you weren't keen on, but this implies that anything they can't be arsed with in the future they'll remove, leaving you with no choice but to lose the feature or have an unpatched version of Windows.
Rather ominous... and reminds me of when Sony started removing features from the PS3 (ability to run Linux for example - you had the choice of keeping it, sure, but a non-up-to-date PS3 isn't able to connect to the PSN)
Holy crap, don't get me started on Sony, The One And Only... CD vendor who shipped rootkits on their music CDs... What they did to try and thwart honest hackers who wanted to run Linux on the PS3 was downright anti-consumer.
However, with regards to this Windows feature removal it's a bit different. With the PS3; that's a partially locked down firmware situation and the 1st party trying to keep the money flowing in by making it a games-only device. For Windows you don't have that issue. This is the OS changing, not our BIOS/secure_boot code(the firmware), and in any event some third party devs can now jump in and provide a solution to this removed feature. Not all that big of a problem, just wait a bit and download the community's solution.
"This is the OS changing, not our BIOS/secure_boot code(the firmware), and in any event some third party devs can now jump in and provide a solution to this removed feature"
Perhaps, but consider the option of Microsoft deciding that third party software not supplied via the Windows store is too much of a faff to look after, and removes the "feature" of installing any .exe of your choosing. Basically turning it into a walled garden like the PS3 or an iPhone.
Extreme, perhaps, and an unlikely example, but still a precedent now that Windows 10 isn't a product you buy anymore and expect to work/be supported, but a service that MS can chop and change at will.
"...trying to keep the money flowing in by making it a games-only device."
I always found that sort of thinking to be a bit funny. I'm not a games-console sort of person (I do play PC games often, loving some (very) old classics). I would never be one to buy a console for the use of games.
But, if your hardware is the best price/function match for a job I want done then I'd be likely to buy it for another purpose. If you lock it down so I can't use it, I'll use someone else's hardware and they'll get my money.
That said, due to the CD issue and now the Linux/PS issue, I won't touch Sony products (even avoid their movies). Had they let Linux work on PS I'd have forgiven their other ancient screwup but when they did that.. (I assume the PS still can't run Linux without some faffing around?)
Just a note for others in case they haven't seen this and still use Siteadvisor (I haven't used this machine in a while) :
When I sent my post WebAdvisor (I used to use SiteAdvisor, what happened to that??) popped up a banner warning I'd used the password on another account. I haven't actually, my Reg password is unique to El Reg - but I do find it a little creepy that McAfee was monitoring and storing my used passwords. Now to take WA off the plugins and trust that Avira's one does the job.
I wish they were actually doing something with the telemetry data - my aged desktop with Win10 crashes all the time apparently due to a bad storage driver. Lots of comments on the internets about similar problems. If they noticed that some machines with X configuration are crashing all_the_time I'd expect some kind of fix...
You Your guests have to actively tick a box each time you add a network give them access to your WiFi to share them - it's not by default. And some will probably do so without asking if you're okay with that."
FTFY, because that's the real problem - guests.
Luckily I've had no visitors who are using Windows 10 and needed internet access. I'd already decided decided that if I did, I would be changing the password after every such visit.
I didn't know, however, that it was an opt in thing. On that basis, rather than recite the key to them, it would be easier to just grab the computer and enter it oneself, and ensure that option is unset (while at the same time trusting Microsoft not to piss around and change such options*) - but an obvious question is can user re-visit that setting for a particular network and subsequently change it?
* Luckily, though, they have changed it - in a sensible way.
"I found it really handy, but making more home WiFi publically accessible would be a better solution.
For most people locking down their WiFi is of little benefit anyway these days. You should be using HTTPS or similar for any services you care about."
I do hope no-one lets you configure a router. Ever.
"A range of improvements to Bash on Ubuntu sees Symlinks within Windows Subsystem for Linux now work on the mounted Windows directories."
I won't use Linux subsystem under Windows 10 much (my Windows 10 is running in a virtual machine, and I run separate Linux VM too) but I know that symlinks under Windows were always tricky. It is nice to see commitment on the side of Microsoft to this subsystem, with them having implemented support for symlinks (even if only sufficient to make Linux subsystem work).
Not entirely true. Symlinks (junctions) have been in use from Vista onwards to make certain directories appear in multiple locations, and try and rationalise a less than ideal historic directory arrangement.
I use it occasionally, and it's quite useful for installations where the system drive is far too small, yet that's the one all the patches keep mounting up on..
The MKLINK command was introduced in Vista, but the kernel support is older, and you could access it using third-party tools pre-Vista.
BTW, there is a difference between junctions and symlinks, although both are created with MKLINK. Symlinks support linking to files for sure.
Too bad that MKLINK requires administrator privileges. On Linux, any lowly user can create symlinks. I am not sure why this would be considered a security concern on Windows.
Also, annoyingly, the arguments to MKLINK are swapped relative to "ln -s". Never miss up a chance to be incompatible with other systems, I guess.
"Also, annoyingly, the arguments to MKLINK are swapped relative to 'ln -s'. Never miss up a chance to be incompatible with other systems, I guess."
There's the RIGHT way, the WRONG way, the MILITARY way, and the MICROSOFT way.
[guess which way THEY chose?]
what I would like to see is a hard-link to a file that does what you see in POSIX systems; that is, it increases the reference count on the physical storage for the file, allowing you to refer to it from anyplace on that volume, and it appears as if it IS "the file" from any of them, but deleting any of those references doesn't delete the actual file until the actual file has no more references.
So Microsoft's 'junctions' really are like symbolic links, and NOT like hard links at all. When you do a 'dir' listing they show up as 'junction', etc. etc. (though I don't recall if a file alias shows up differently or not). And don't even get me started on attributes like 'hidden' and the security things associated with them... *shudder*.
I should clarify : NTFS has supported junctions for a long time.
They are used in Vista and later as part of the base install, can't remember them being used before then. i.e.
Volume in drive C has no label.
Volume Serial Number is EE29-AD12
Directory of C:\Users
22/08/2013 15:45 <SYMLINKD> All Users [C:\ProgramData]
06/08/2015 20:52 <DIR> Default
22/08/2013 15:45 <JUNCTION> Default User [C:\Users\Default]
You're all nearly there with mentions of junctions an mklink. However, they are the equivalent of hard links, not symlinks.
Hard links exist at the filesystem layer. Symlinks happen at a layer on top. Hard links can only ever link files within the same filesystem but symlinks can cross fs boundaries.
The closest windows equivalent to a symlink is a shirtcut. However whereas shortcuts are provided by Explorer, symlink functionality is in the core system libraries and therefore used by everything.
djack, I don't think your assessment is correct, or I am misreading it. You say: However, they [junctions] are the equivalent of hard links, not symlinks. And then you go on to say: Hard links can only ever link files within the same filesystem but symlinks can cross fs boundaries.
While that's true for Linux hard links, I am absolutely certain that NTFS Junctions work across file systems and physical drives, so they don't quite resemble Linux hard links. In fact, to give one example, my user home directory is Junction'ed from another physical drive into the normal C:\Users hierarchy to save space on the system drive, and that works just fine without touching anything else (registry etc) to make it happen.
Windows (or NTFS rather) has proper symlinks in addition to junctions, both are created by using mklink from an elevated command prompt, no external tools required. Junctions are also not the same as hardlinks (mklink can make hardlinks too), and are actually more similar to symlinks but implemented in a different manner (and only work on directories). In NTFS, hardlinks (mklink /H) and symlinks (mklink for files or mklink /D for directories) behave pretty much the same way as on UNIX platforms. NTFS junctions (mklink /J) are an entirely different animal, while the end result is superficially the same as a symlink, they only work on local directories and must use absolute paths (whereas symlinks can point to shares and such). The main user-facing difference between a directory symlink and a junction in NTFS is that deleting a symlink via del will delete the symlink file, whereas attempting to delete a junction via del will forward that request to the directory it's pointing at (thus deleting the files at the target). I believe the most "equivalent" feature to an NTFS junction in unix would be mount --bind.
cmd.exe /k "mklink /?"
Windows 8+ ... yes, 20 years overdue, but finally made it into Windows ... ;-)
I used to run a Java program to create symlinks and junctions ... a simple Java program I wrote, of course, took mere minutes to author - nothing fancy. Probably quicker than to hunt down sysinternals and find the proper executable for the task ...
I do like their process explorer, though, great stuff!!!
So, for argument's sake, let's say your app needs to know where jquery is. Let's say furthermore that you have downloaded jquery.2.1.4 and you keep in a directory or file named jquery.2.1.4. Yeah, yeah, I realize jquery may not be the best example, but it has numerous versions, bear with me.
One great use of symlink is to say: ln -s ./jquery.2.1.4 ./jquery. Your app nicely points to ./jquery, not caring which release it is. If you update ./jquery.2.1.4, then your app "knows" about it too.
Is this something easily achievable with mklink or whatever command Windows 10 uses? Does it cover both directories and files? I confess I never really figured out what the Win 7 command was for this, despite being well aware of the possibilities of Unix symlinks.
I knew linking existed in Windows 7, but it was not very heavily promoted, to say the least. I could never figure out whether it was that the Windows implementation was limited or whether the Windows user/admin culture just wasn't clued in onto the possibilities.
Needing an admin right to do so is no big deal, though annoying.
i.e. what does the actual command line look like? I can do this on the command line, right? i.e. aside from MS "using the wrong order for the command arguments" , as noted elsewhere, is MS's solution actually a capable stand-in for the bsd/linux ln? Regular cmd or Powershell?
This is actually more a question for Windows itself, not so much how well it plays with Linux subsystems.
Hmm. Given the push to put Linux tools on Windows (and not use something like Cygwin) makes me wonder if WIndows 10 will, as some have already put it, turn into another distro.
As for the Edge update and the WiFi change, it vindicates the idea of holding off to an extent. With July fast approaching, it'll be interesting to see what tools will bed in and what gets slung off the platform in the next couple of months.
Windows will definitely not turn into a Linux distribution - Microsoft is keen to maintain its own user land APIs and its own kernel. However I do allow the possibility that they will invite more and more Linux user land into Windows, perhaps even open source the Linux subsystem (that would be nice). It is good politics for them, given that Azure is running lots of Linux instances. I won't be surprised if at one point they will use this technology to support Linux containers on top of Windows kernel (I am not suggesting that this would be such a great idea).
You need to remember that "cloud" is a cash cow for Amazon, and Microsoft badly needs a new cash cow since the current ones are turning little ... old. In this light it makes sense investing money into any technology that will make Azure more competitive.
"Just to give you an example, it still runs an outdated (almost 30 years old) filesystem -NTFS-, while others have made enormous progresses and also taken into account new things like SSD"
Just like ext is an outdated (almost 30 year old filesystem) ?
NTFS has multiple versions - currently we are on 3.1- and has had many feature updates along the way. And there is ReFS - which isn't feature complete yet, but it's pretty good.
nb - NTFS doesn't need to take into account SSD as that's handled in other layers in Windows - for instance Storage Spaces that provides features like automated tiered storage.
On the contrary, I'm sure it might at some point turn into a Linux distro.
Sure Cloud is an important source of revenue, but even if you could run native containers on top of W$, who would get the trouble having some tricky bugs due to the underlying system.
Just to give you an example, it still runs an outdated (almost 30 years old) filesystem -NTFS-, while others have made enormous progresses and also taken into account new things like SSD. Look at HFS+ (Mac), ext4, zfs, etc (Linux), how far superior, feature full (snapshots for example) and adapted to modern hardware they are.
Even from a strictly financial point of view, no technical BS intended, how can it be relevant to pay engineers developing a kernel when there is a perfectly fine kernel for free (and Android used if). So even if the "technique" does not decide, the shareholders will at some point!
Because when you think end-user device, the kernel has no importance whatsoever, all that matters are apps availability (SatNad knows that!) and when you speak servers, you want Linux: the true one, not an emulation!
Then, once you have adopted the Linux kernel, you start being a linux distro... even if RMS won't say so as long as you are not 100% free (as in free speech, not free beer) and GNU. ;-)
>> On the contrary, I'm sure it might at some point turn into a Linux distro.
I love these hand-wavy discussions from armchair architects. "Just drop in a Linux kernel and be home in time for tea" - no problem at all. You do realize that Windows needs to support legacy apps going back decades, and that there are thousands of different APIs layered on top of one another? The most innocuous kernel fix can cause app compat problems, and you're suggesting ripping the kernel (and presumably most of the low level subsystems) out and replacing them with new shinier ones? What could possibly go wrong?
Yes, we understand your deep desire for Linux to be on everything, but for fucks sake, demonstrate that you have at least the tiniest grasp of the subject.
You do realize that Windows needs to support legacy apps going back decades, and that there are thousands of different APIs layered on top of one another
Which is why I think MS should have teamed up with the ReWind folks back at the Wine/ReWind split (ReWind being X11-licensed). They could have started splitting off their legacy support as an independent subsystem, and remove those old APIs from the core OS. Perhaps they could sign up with the ReactOS folks and use that as a legacy runtime.
"Just to give you an example, it still runs an outdated (almost 30 years old) filesystem -NTFS-, while others have made enormous progresses and also taken into account new things like SSD. Look at HFS+ (Mac), ext4, zfs, etc (Linux), how far superior, feature full (snapshots for example) and adapted to modern hardware they are."
Your comment is laughable.
Ext4, ZFS, HFS+ have no SSD specific features. Only ZFS supports snapshots, ext4 and HFS+ are just general purpose file systems with no extraordinary features. HFS+ only gained features like transparent compression and encryption until quite recently.
Age of technology is not important if it just works. NTFS was introduced in 1993, 23 years ago. Not 30 years ago as you falsely claim. That's the same year ext2 was introduced - and ext4 is just an extended version of the original and ext3, not a rewrite. In the same vein NTFS has had numerous revisions, the latest version is only 15 years old.
HFS+, which is just 18 year old tech is based on HFS which actually is 30+ year old tech.
You claim that all these file systems are adapted to modern hardware but NTFS is not. Please give us some examples or crawl back to your cave/under the bridge.
Not disagreeing with the gist of your rebuttal, but one factual correction: Despite the name, HFS+ is not in any way based on HFS.
The HFS+ underlying filesystem structure is very different to HFS, as is the API (I suspect I'm probably one of a handful of people who have actually written against that HFS+ API natively: pre-OSX apps tend to rely on the HFS compatibilty wrappers; Cocoa ones just pass Unix-y filepaths into CoreFoundation)
The original Mac HFS was an evolution of MFS the original Mac filing system, designed for 800kbyte floppy disks, and it had serious efficiency problems once 1 Gbyte disks became a real thing that people could buy. HFS+ was effectively a clean-sheet design based on the then best practice. NTFS was certainly one of the inspirations (e.g., HFS+ supported Unicode before any MacOS release did)
Like the rest of OS X, HFS+ has suffered from a lack of development in the last ten years. Apple's non-existent presence in servers allows them to get away with what is now a relatively inefficient filesystem... But then, is any filesystem efficient when the npm-kiddies come along with tens of thousands of hundred-byte files, nested ten to twenty folders deep? (whatever happened to "a filesystem is not a database"? )
It's such a shame that it won't become linuxish. Looking at the history of windows and my experiences says:
XP - What a pig! Run this on a P2 233mhz with 256 memory? Step one, turn everything visual off. Step two? Back to 98SE. XP wound up being lovely, once the hardware that my budget could support finally caught up. Start with a >1ghz chip and 768 or more memory. And then I found nlite, cut IE/WMP/OE out, and in the process realized that antivirus was unnecessary if I didn't do anything stupid. Huge performance boost all around.
Vista - Just like XP, but twice as big and half as fast. Pass.
7 - Vista with a little less suck. Unfortunately, it's only very recently that I learned about NTlite, and still haven't had an honest go at it to see if IE can be removed (and in the process, most of the vulnerabilities with it!) It's not great as an OS for a desktop, and horribly slow to boot on a laptop. (Yes, your SSD equipped laptop boots in 0.002s. It also isn't using hardware that was current at the time, eh?)
8, 8.1, 8.1update, 8.1 gold edition limited gold flashy foil whatever - Underneath, this is the best we've had in awhile. Boots fast, but because of the multi-thread boot, a marginal overclock is going to hand you a BSOD every time. Put classicshell on it, and it looks exactly like 7 in one of the high-contrast modes. On a surface tablet, it's really useable. On a desktop? Err... put classicshell on it before calling it crap. It's awful if you leave it at defaults, but we're techies, we can fix this!
10 - Classicshell requires some effort to install. There's a distinct feeling of this being an OS designed by committee. Control panel? Sure, you just can't get there without using the modern path, which happens to vanish once you've installed a start menu replacement. That's a big pain in the ass. Updates that run when they please instead of at your wishes? Ugly. Updates that decide to change your settings? Seriously? F'k off.
What would solve nearly everyone's complaints is fairly easy. Ready?
Give us the control back. We want the option to turn on flashy shiny crap like Aero. We'd like to choose a start menu that looks like XP, or 2000, or 7, or 8 (fullscreen), or 10 (with ads...this may not be popular). This isn't hard! Instead of trying to copy google's revenue stream, why not do something utterly incredible: Make a product people want to pay for. If I had the control over Windows that I want (win 2000-style start menu, remove IE6...er....edge...whatever, remove your "apps", remove the app store, remove OE, remove WMP, set the display to aero, 2000, or 8...even better, give us a tool to write mildly customized environment to fit our needs), and I'd actually pay $200 or so for it.
I don't want your idiot cloud crap. I understand that it can has good uses. What I want is very simple: The choice to use it or not. CONTROL. Set your defaults up to let granny directly send her pension check to your accounts, fine. But give us the choice to turn it off. And then the hard part: Respect that goddamned decision. If you don't let me make my choices, I will either find software that cheats you, or I will use another OS. And I'm the "tech guy", for better or worse, for a large number of people. So my words carry more weight than the average user. I'm a decently big demographic that you should keep happy.
As it is, I may have a few copies of windows on my computers. They're only used for gaming anymore, and that's getting to be less and less. I even paid for my copy of 98. I think I own a XP home lisence. It's a shame that it hasn't been a worthwhile product since then.
And god help you when linux gets good gaming support. Trying to use someone else's setup for revenue isn't going to work. In related news, dear firefox: Stop it. Google makes Chrome. You do not. Your produc was actually a lot better, back when you were making your own product.
Also, no one uses bing. It sucks. As do the alternatives. If you want decent results, you use google. If it's something that you don't trust google for, you use DDG, and bitch about it the whole time. I miss the days when altavista actually had their own engine. I had hair back then....well, more than these days. Bleah.
I know folk on here won't use a browser from MS, but I quite like Edge. Now it has adblock, Firefox needs to sort itself out quickly.
Any news on Xmarks or other bookmark sync between browsers? Not quite ready to move everything across - I like to run one browser 'open' and another with noScript.
I dislike the UI of Chrome (and am not a huge fan of Google either). I like Firefox, but it's getting slow and unreliable again. IE is much improved, so I'm considering trying some new ones, including that. I guess Edge is worth a go, but I want proper menus, not everything accessed through one, enormous, un-navigable one.
Just had a look at Edge. Seems quick, but the user interface is no better than Chrome (possibly a bit worse?).
one browser 'open' and another with noScript
I've been wondering that a possible solution might be to use a third browser/editor to enter bookmark links into one of a set of simple HTML files, one for each topic or area of research. Though it's not ideal, this approach could provide a neat backup scheme, because project pages would be more or less self-contained and could be hived off to reduce clutter when their relevance decreases. It would also make it easy to incorporate saved links in notes to others and so forth.
Konqueror might do the job, but it's surprising that there doesn't seem to be any standalone software to provide a note-taking and bookmark indexing option from/to any browser one might be using.
I use Pinboard. Very similar to old-timer Delicious. Normally I prefer to be off-cloud in most things, but bookmarks are an exception.
Very fast and reliable. A better vehicle than Evernote for small text annotations. One drawback is _adding_ bookmarks from tablet/phone. Been toying w idea of mass dumping exports from Chrome mobile (topin folder, easy to add to) via a Python script.
Not free, but I joined early enough that it was an $11 lifetime membership.
Noscript on FF and "open" Chrome FTW.
Not really hidden.. WiFi Sense probably uses some sort of cloud based storage. Even if they don't own the hardware and software running the cloud, Microsoft would have access to the usage logs it maintains. All they need do is check the logs to show how much people are accessing the service.
Note: I am not defending the service. I think they were trying to improve on what Apple have done with iCloud keychain sharing (which does enable you to share Wifi passwords to different devices). Now, the way Apple have done it, it works well, as long as you have access to the Internet. That isn't as stupid as it sounds. Being an iOS beta tester, from time to time, I wipe my phone clean and re-install the OS. I usually do this at home, and it has the advantage that when I do, all my WiFi passwords are restored in a few minutes. This includes both home networks (I have two, one on 2GHZ and one on 5), several work Wifi networks and access details for The Cloud and Openzone amongst others). With my iPad or Mac, all I have to enter is one Wifi password to get all of them downloaded.
What I think they did wrong is adding the option to share passwords. I've never tried Wifi sense, but it would seem to me it's considerably more fiddly to share a password using this system than it is to write it down and get the person to enter it, or text it to them.
Good points! Also, I'm glad you mentioned this feature on iOS. I literally got my first iPhone yesterday at lunch, and when I arrived home my phone already knew my airport password. At first I was a bit shocked; "how the hell did you do that?!" Now it makes perfect sense; my work Mactop knew the password for the home net, it left that nugget in the iCloud, then the new phone grabbed the nugget from the iCloud over the 4G cell net, updated it's config, connect to my wifi, and made me thunk and thunk until I got it. :)
Yes I agree windows 10 is the best os ever, it never nagged me to oblivion or moved me to an interface that stank and it doesn't share my data with Microsoft. Two cheers for Windows 10, I can't believe I stuck with that stable usable common sense built Windows 7 for so long.
Substitute the word best with the word versatile and I might be inclined to agree. Given it's innate ability to spy on it's own users and their data, I doubt if it's ever going to be the most popular.
In the longer term though, I wonder if a feature-rich OS such as Windows is going to be relevant, as most apps and their data are going to be accessed online.
>>as most apps and their data are going to be accessed online.
Do you mean consumer apps?
Every SMB I am familiar with continues to use Win 7 and the same old applications they've always used. I am still waiting to see something new/different that is compelling for them.
" Do you mean consumer apps? "
Yes of course, but also standard business apps too. Even today, I use Sage, HR management as completely online services. Fast forward the clock another ten years and I wouldn't be surprised if most business/professional apps will be available as a Cloud option too. Cost will obviously be the driving factor here of course, as well as geopolitical considerations such as Data Center location and data sovereignty. Given advantageous pricing and convenience, even SMB's will be tempted away from traditional local apps. At this point in time, will the rich, full featured OS's of today be the norm, or will lighter weight and cheaper Cloud OS's be in vogue?
Automated Wifi password sharing was just stupid and dangerous.
Sure, anywhere BYOD or relying on wifi for security will have locked it down via certificates, RADIUS, and other things anyway, but you don't expect something to try your password just because it sees your friends / girlfriend's phone sees a similarly named access point somewhere else. And given that it must have had transmission of credentials, not just some token or other, it was an accident waiting to happen the second the protocol had a flaw in it.
Once someone had your Microsoft account, they had the wifi passwords of everything you've ever logged into. Before, that would have taken physical access to a device or network of yours.
I seam to be outvoted here, but WiFi Sense was the one feature of Windows 10 I actually liked, although rarely used. My friends come over to my home. We are in each other's address book. I don't have to give them my WiFi password again because they've got a new laptop. Not a big deal, but it was nice.
And yet all the built-in corporate spyware is still burried deep in Windows 10. All that call home crap has made me take a serious look at Linux. Really, been using Windows since 3.0 and for the first time I'm taking a serious look at Linux as a desktop.
Now consider the theory.
Your friend's Microsoft account technically has information which will allow login to your wireless network. It's not a token, or a request you can revoke, or a signed key, or anything else. Somewhere, they have a copy of the bytes necessary to send to the SSID of your wireless to get it to grant access. And, likely, on a home network you do not have RADIUS, or client certificates, or MAC filtering, or intrusion detection.
That account - not even a device that has limited physical access, or something in a hidden registry entry on a computer somewhere - has enough details to join your network whenever it likes. Likely you wouldn't even know it was being used. Likely the external IP associated with that account (Windows devices all do something called NCIS that tells it whether it got out to the "real" internet or not on connection to any Ethernet or wireless network) is also available too.
Now they get their Hotmail / Outlook.com account compromised by a virus or similar. Bang, your wifi IP, local location, and wifi password are now in the public domain. Do you know about it? Not necessarily. Do they need to have a device stolen or accessed? No. Do they just need a weak Outlook.com password? Yes. Does it affect just their device that was compromised (e.g. a virus could steal wifi credentials from the registry of the local machine in exactly the same way)? No. And not just you but anyone they've ever joined the network of, while being signed into that Microsoft account. Ever. All just sitting there in the cloud.
People fussed over Microsoft "talking home" from Windows 10 for things like regional preferences. Now you're handing the MS cloud a copy of your local network's access passwords, GPS location, external IP and those of all your friend's.
Defeated for most techy-people? Yes. MAC filtering stops it. Guest wifi that you turn off when not using it is sensible anyway. Etc. etc. But the majority of people just stuck their wifi (and possibly re-used for other services) password in their Microsoft account and then signed into that on the cybercafe on holiday to check their email. And don't even know they did that, to themselves and their friends.
Not the end of the world. But a security mess.
So, have they fixed the 2D FLUGLY (flat/ugly)? probably not...
and I doubt they fixed the adware/spyware or the preponderance of "the Store". Or that 'start thing' (ok I can run classic shell, so it's on ME for that one).
Until Micro-shaft can address THESE! MAJOR! PROBLEMS! I'm not touching Win-10-nic for anything OTHER than verifying that the appLICATIONS that I write are COMPATIBLE with it.
they need a serious CLUE-By-FOUR applied to something...
Rolling updates, with telemetry and all sorts of monitoring, they will decide how much of Windows is used by the majority of users and how much of the codebase is worth maintaining/developing or not, in the long term resulting in a dumbed down and limited OS? My heart sinks at the prospect.
Aren't they those things that have glass in them that you open to get fresh air?
Seems we've gotten away from the concept of opening windows to get fresh air. The other alternative is to break them, but it seems that most of the windows referred to here appear to already be broken.
Cue David Letterman's broken glass sound.
Maybe this shouldn't be classified as a joke, but I digress.
In most ways, Windows 10 is excellent, but I do wish they would fix the display while using the virtual keyboard. While the ability to undock it and move it around is cool, it would be even better if the windows would autofit while in tablet mode, instead of having the virtual keyboard cover the application window and having to either manually resize or move the keyboard around.
Otherwise, Windows 10 is practically perfect: fast, featureful, attractive to behold, and it sends telemetry to Microsoft so they can dynamically analyze and improve the experience. (Okay, I included that last bit just to hack off the Linux fanboys.)
Android did that to me as well. Browsing site, want to enter some text into the field, now a "helpful" keyboard half the size of the screen pops up and blocks half the screen, which is already mostly blocked by the upper menus and page navigation or masthead, leaving me either no view of the text box or a sliver of a view betwixt soft-keyboard and masthead. Very cumbersome. Almost Benedict Cumbersome, but not quite.
I do love the Comments section. Where else could you read an article about a top level function (by which I mean something any old Joe Shmo would grasp) in Win10 being switched off and within seconds be immersed in a scrum of serious conversations about symlinks, junctions and all manner of minutae - important undoubtably but most definately 'under the hood'.
Articles are the trigger.
The comments (and commenters) are where the interesting content is really coming from.
Same with all these kinds of sites (Slashdot, SoylentNews, etc.).
You don't go on a science forum to read the latest things from New Scientist. You go there to discuss them and get answers and critique and comment on them.
Same for TheReg, just IT instead of Science.
Sadly, a lot of sites just don't get this at all and think that they can post any old junk and/or they don't need the users to stick around.
I never liked the idea. Forget the technical arguments - if someone has password-protected their network then they've done it because they want to control access, otherwise it would be open. Who the hell are you - or anyone else, including Microsoft - to decide to pass that on and authorise total strangers (who then authorise others) to access that network? Especially when you consider that there is a lot more transacted over WiFi then just internet access.
Then there is the problem that - if you use it - very often you need to accept a T&C page, and you get nothing at all if you don't.... Which you don't do automatically, so you get disconnected from the 3G network periodically to use WiFi that isn't working....
Biting the hand that feeds IT © 1998–2019