back to article UH OH: Windows 10 will share your Wi-Fi key with your friends' friends

A Windows 10 feature, Wi-Fi Sense, smells like a security risk: it can share access to private Wi-Fi networks with the user's friends. higglty piggeltey that makes good sense Wi-Fi Sense has been on Windows Phone since 8.1 Those friends include their Outlook.com (nee Hotmail) contacts, Skype contacts and, with an opt-in, …

Page:

  1. Saint Gerbil
    Facepalm

    Nothing new here

    Wifi Sense has been in windows phone since windows 8 and it shares your wifi password with your laptop.

    You can share it with your contacts if you want to its not that hard and its quite hard to share it with your local takeaway shop like the article states.

    1. Anonymous Coward
      Alert

      Re: Nothing new here

      Wifi Sense has been in windows phone since windows 8 and it shares your wifi password with your laptop.

      Yes, it mentions this in the article. If the "sharing" of credentials happens via a USB cable between phone and laptop as part of a phone-sync consciously set up by the user, I have no problem with it.

      It's when it shares it with complete strangers (i.e. Microsoft HQ) that I object!

    2. asdf

      Re: Nothing new here

      >Wifi Sense has been in windows phone since windows 8

      Oh that explains why this is news to almost everyone outside Redmond.

    3. TheVogon

      Re: Nothing new here

      "In theory, someone who wanted access to your company network could befriend an employee or two, and drive into the office car park to be in range, and then gain access to the corporate wireless network."

      Only if you have incompetently configured corporate WiFi. A normal corporate WiFi setup would use 802.1X and you wouldnt even know a WiFi password to share.

      1. Anonymous Coward
        Anonymous Coward

        Re: Nothing new here

        802.1x can be configured to use different authentication methods, including some using passwords. And it may happen to be your domain password also - which you may need to input if your device is not domain-enabled. And not every device supports WPA(2) Enterprise

        1. TheVogon

          Re: Nothing new here

          "802.1x can be configured to use different authentication methods, including some using passwords."

          All of which can stil support NAC. No sane corporate would rely on password only except in a mode that can't be shared (for instance an 802.11x login via AD authentication can't be shared via WiFI Sense, and usually would also require certificate based NAC).

          "And not every device supports WPA(2) Enterprise"

          Then they wouldn't be able to connect to a secure corporate environment...

      2. Meerkatjie

        Re: Nothing new here

        The office I work in has wired and wireless networks - to get access to the wireless network you use your windows login details.

        1. Youngdog

          Re: Nothing new here

          You are probably running a certificate-based NAC to make sure only Domain (i.e. work) devices can connect

        2. TonyHoyle

          Re: Nothing new here

          I would really hope that it didn't apply to WPA Enterprise, otherwise it'll be sharing windows login details all over the place.

          In small companies it's not uncommon to use a single password (smaller companies rarely have the requisite radius server setup or the experience to run one).

          At home of course, it's all passwords. That said, from what they're saying you can detect wifisense users - it's saying they can't access local resources somehow.. in which case you can configure a network to break access for such users (for example redirect the first request outgoing to a local portal... if they don't click OK on that - which wifisense users won't be able to do - then no access).

    4. Anonymous Coward
      Anonymous Coward

      Re: Nothing new here

      When I set my phone up, it asked did I want to turn wifi sense on. But can't remember if it defaulted to off.

      And is this going to be turned on by default in the production version, or is this from the latest build?

    5. I ain't Spartacus Gold badge

      Re: Nothing new here

      As stated, it's in WinPho 8.1 already. I believe it's defaulted to on when you get the phone, but it's one of the setup questions you have to answer, so you can turn off the switch. I'd imagine that's what they'll do in the production version of Windows 10 as well.

      It's more of a security risk than Apple holding your WiFi passwords when you cloud back-up your iThings. Does Android do cloud backup now (I'm out of date)?

      To be honest, if you're going to go to the trouble of parking in the corporate car park, can't you just sniff some packets and break the WiFi security anyway? I thought that only took a few minutes nowadays?

      1. Kimo

        Re: Nothing new here

        You can do cloud back-up to Google, but when I replaced my phone I still had to re-enter user names and passwords for the phone and all of the apps on my device.

      2. Anonymous Coward
        Anonymous Coward

        Re: Nothing new here

        It's more of a security risk than Apple holding your WiFi passwords when you cloud back-up your iThings.

        AFAIK, Apple cloud stuff does client side encryption. Not so much for benevolent reasons, more because Apple doesn't want the liability of your stuff being disclosed through them (that's also why they were all of a sudden so astonishingly active to fix the whole iTunes password problem - which they then overcorrected before things settled down). I wish us security people could inspire that much fear, so we could get things done.

      3. Anonymous Coward
        Anonymous Coward

        Re: Nothing new here

        Breaking WPA2 Enterprise is not so easy - PSK networks are more at risk, especially if they still use pre-WPA2 technology (and short keys). And it's not uncommon either, a neighbour of mine is still using WEP... one day I'll break into his network and leave a message to upgrade it...

        1. Fred Dibnah

          Re: Nothing new here

          Wouldn't a nicer way to tell your neighbour be to knock on their door, say hello, and explain why their network is insecure and offer to show them a way to better secure it? Just wonderin'.

          1. asdf

            Re: Nothing new here

            >Wouldn't a nicer way to tell your neighbour be to knock on their door, say hello, and explain why their network is insecure and offer to show them a way to better secure it? Just wonderin'.

            As an added bonus that route as long as your polite unlike the other if in the US has a zero chance of winding up in pound you in the butt prison.

          2. Frank N. Stein

            Re: Nothing new here

            In a perfect world, sure, but this isn't a perfect world, and rather than do some sort of face to face risky "hand shake", you can achieve the end goal of advising them to secure their network better, by doing it anonymously. That way, if they are a nut job, they won't know you're identity and won't know who to attack for "snooping" on their weakly protected network.

  2. Panicnow

    It must be intentional!

    After the disaster of Active controls, Passwords that are checked on the local system, and now this. Microsoft must have a direct line to the malware over-lords.

    To do something stupid once is unfortunate, Twice is foolish, Three times is a conspiracy!

    1. Anonymous Coward
      Anonymous Coward

      Re: It must be intentional!

      Every little helps - the NSA

    2. Anonymous Coward
      Anonymous Coward

      Re: It must be intentional!

      Sigh, will Microsoft ever change from making crass decisions on security for the sake of convenience ?

  3. John Bailey
    Coffee/keyboard

    If you can't be a good example..

    And people say Microsoft don't care any more.

    Here they are, demonstrating for all the world to see, at no doubt, great expense, exactly why one does not let the marketing people do product design.

    1. JLV
      Facepalm

      Re: If you can't be a good example..

      shades of circa 2000...

      'Yes, our users need VBA auto-run for incoming Outlook messages' scripts. Not having it would be a major loss of functionality".

    2. dlc.usa

      Where Were The Lawyers?

      Wasn't their legal staff involved in looking at the liability exposures the design could potentially allow? Do they believe MS is immune here? Or is there no defensive legal section? These decisions are not making good sense from a shareholder's perspective.

  4. Your alien overlord - fear me

    Place your bets please, plasce your bets ... on how long it takes someone to decrypt Microsoft's security and see in plaintext the wifi password.

    On a similar topic, what if I use just WPA, how could I get access to a WPA2 network or via versa?

    1. Mephistro

      @ Your alien overlord - fear me

      "On a similar topic, what if I use just WPA, how could I get access to a WPA2 network or via versa?"

      On most devices I see nowadays -including smart TVs, WiFi routers and WiFi network cards- you can configure both protocols to work at the same time, i.e. looking for both kinds of WiFi networks and choosing the right set of parms. ..

  5. Pax

    So now all WiFi/router manufacturers should enable MAC filtering by default just to counter-act how loose MS is making security.

    1. borkbork

      better yet

      Built in RADIUS server with easy account creation and expiry, for WPA2 Enterprise. Want to use my WIFi? OK, here's your account, it will deactivate in 24 hours.

      1. Anonymous Coward
        Anonymous Coward

        Re: better yet

        Of little use, if your devices shares your own passwords - does your own account expires every 24h?

    2. TheVogon

      "So now all WiFi/router manufacturers should enable MAC filtering by default just to counter-act how loose MS is making security."

      Great until Microsoft use random MACs like Apple do...

      1. Gotno iShit Wantno iShit

        My router does MAC filtering, I've not bothered 'till now. I shall be switching it on this weekend.

        Not that I'm at risk yet, only one person I know has >7 and that's on a desktop. Still, the time to act is now.

      2. Anonymous Coward
        Anonymous Coward

        "Great until Microsoft use random MACs like Apple do..."

        That is only done during scanning for the network to avoid advertising snooping based around WiFi scans, i.e. as is commonly done in shopping centres now.

        The real MAC is used to connect to the network. At least that's how it was, I haven't heard of any change.

      3. Neil Alexander

        Apple only use random MAC addresses for Wi-Fi beacons/probes - once you connect to a known network, the primary MAC address is always used, so as to not cause a problem with MAC filtering.

    3. Uberseehandel

      MAC filtering is a waste of time

      Spoofing MAC details is more than simple to do, so filtering adds little, if anything security wise.

      More important, because the tracing of MAC information causes a whole new slew of security problems, there are changes underway to randomise MACs each time one is required. Some kit is already doing this

      1. TonyHoyle

        Re: MAC filtering is a waste of time

        MAC filtering is a waste of time against attackers.

        Against random windows 10 boxes connecting to your network because microsoft have given away all your passwords, it's quite effective.

    4. TheBigCat

      If security matters there should be another layer of authentication before connecting to the network.

  6. ZSn

    Off

    First thing that I turned off. Honest do people really just run with the settings that come out of the box? Are they really that stupid?

    Stupid question - of course they do...

    1. Ken Hagan Gold badge

      Re: Off

      If you don't know that it exists, how are you supposed to turn it off?

      Quick question: what's the list of things that have to be turned off as the first thing you do with a new Windows machine?

      1. Rich 11

        Re: Off

        That may be a quick question, but it's not a quick answer!

        1. captain veg Silver badge

          Re: Quick question

          > what's the list of things that have to be turned off as the first thing you do with a new Windows machine?

          The power switch?

          -A.

      2. Curious

        Re: Off

        Step 1.

        Refuse the demands to create a Microsoft account in windows 8/ 10, use a local computer account instead, and this won't operate, I think, on your one computer.

        As I understand it, the wifi sense shared configuration is supported to isolate them from the local network, allow me my doubts..

        Are there any low cost, non-techie, manageable radius server + GUI implementations for small offices that mix Mac, PC, android and high numbers of guests?

        That daloradius + freeradius software on a beaglebone or edgemax?

        http://lintut.com/install-freeradius-with-web-based-management-daloradius-on-centosrhel/

        Looks like a radius server can be added fairly simply to a Synology or QNAP small office device.

        1. Anonymous Coward
          Unhappy

          Re: Off

          setting up a RADIUS server isn't too time consuming or difficult, but for me, the time consuming/difficult part has been integration with LDAP..

          1. TonyHoyle

            Re: Off

            At home I found freeradius an absolute pig, but the LDAP I have using FreeIPA which does the trick for home.

            Most of my devices don't allow WPA Enterprise though... not even the xbox one which is fairly recent. Or chromecasts.. so I still need a password based network for those. I'll have to invest in other countermeasures to defeat wifisense.

        2. Anonymous Coward
          Anonymous Coward

          Re: Off

          You could also use a "captive portal" which will handle the authentication itself, without a RADIUS backend (although you can use it as well with most captive portals). Some APs have captive portal support built-in, or fw/router software like pfSense offer it - adding also another layer of security.

    2. Evil Auditor Silver badge

      Re: Off

      do people really just run with the settings that come out of the box?

      Not people who read El Reg. Let's say they are on the nerd side of users. But for most other people -and that is most users-, they just want to buy a device and start doing whatever they want to do. Can't blame them.

      Yes, once their shit goes airborne they turn to us, again.

      1. Terry 6 Silver badge
        Coat

        Re: Off

        There are settings?

        Sorry,

        But I've worked the layer between out and out tecchies and ordinary users for so long that I'm only too aware that most of my colleagues won't even know that there are things you can change on a computer/smartphone etc. until something goes wrong and they have to be shown.

        But the marketing of devices as out-of-the-box commodities means that all sorts of settings are decided by the companies because you can't ask the public to spend hours going through installation of a device explaining and choosing dozens of options. And the implication of that is that there will be default settings that favour ease of use.

        (In fairness, the public don't buy devices because they are hard to hack, but because they are the fashionable shininess).

    3. Cynic_999

      Re: Off

      "

      First thing that I turned off. Honest do people really just run with the settings that come out of the box? Are they really that stupid?

      "

      Anyone who uses their computer as a means to an end rather than being involved with computers professionally or as a hobby might change the screen appearance a bit, but would not understand what most settings do. A person who was involved in the mechanics of cars may similarly wonder why people use the default engine management settings that were in the car when they bought it instead of tweaking everything as the petrolheads do.

    4. Anonymous Coward
      Anonymous Coward

      Re: Off

      The feature doesn't have to be turned off. Every network that you want to share has to MANUALLY be turned on. While the "feature" is on by default, all Wi-Fi networks are NOT SHARED by default.

      You would likely only turn on sharing if you were having a party at your house and didn't want to give the Wi-Fi password to your guests... and then you'd turn that network back to "not shared".

      So... by default... this feature does nothing. Stop spreading the FUD!

  7. mathew42
    Flame

    F**king Madness

    Sorry, but this just plain stupid. Having said that I'm still not keen on WPS.

    Friends of my kid's school friends having automatic access to my home network? WTF! After several discussions about not installing random games from the PlayStore that want access to everything, the kids have some concept of information security that was reinforced by 'Do that again and you won't be using that tablet!'

    MAC filtering by default is just painful especially with family visiting. Looks like it might be time to look at DD-WRT and sin bin all Microsoft OSes into a guest network.

    1. Anonymous Coward
      Anonymous Coward

      Re: F**king Madness

      Our solution, family only, is I enter the nightmare from Hell password and lock it in. Works for us (huge family, I'm sort of adopted). I'll have to scribble a note about this. No one's interested in 10, sorry MS, but damn, what idjit came up with this?

      1. VinceH

        Re: F**king Madness

        "Our solution, family only, is I enter the nightmare from Hell password and lock it in."

        I adopt the same approach - if a visitor (usually only family) needs wifi access, I enter the password for the guest network for them. They continue to have access with that device whenever they visit until, once in a blue moon, I change the password.

        Most of them use Apple iThings, and some Android - so no real problem there - but the first time I see a Windows device, I'll increase the frequency of those password changes to monthly. (Or I could add the _optout to the SSID - which is a stupid idea*. Or both.)

        * Because of the sheer number of people who simply won't know about this. Microsoft, you are idiots - the optout extension to the SSID is a token gesture, and nothing more.

Page:

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like