I’ve read about.
I “get” it from the “helpfulness” and convenience side of things.
I absolutely don’t get it from a security standpoint.
So basically in Windows 10 it’s a feature that allows you to share your Wi-Fi network settings (and credentials) with other contacts via Facebook, or Outlook.com, or Skype. It seems to be a feature for Windows Phone 8.1/10 and Windows 10 in general.
My bae knows I’m coming over to crash at their pad, knows I love to do the Wi-Fi thing, sends me their Wi-Fi creds via Wi-Fi Sense and I’m golden for the hookup when I drop in. No awkward asking for Wi-Fi creds or trying to type in that 64-character strong password!
You can optionally set it to automatically share your network settings/creds with your contacts, not just on a per-contact basis. Helpful isn’t it.
It seems that once they have the contact, they cannot then share the settings/creds with their friends/contacts as well, unless they already know the actual (clean-text) password and share it with others. Nor can you use Wi-Fi sense with enterprise networks using 802.1x. It also does not grant them access to other computers or devices on the shared network.
A workaround is to rename your network SSID to end with “_optout”. Which kind of begs the question; if you are already OK with sharing this security why would you want to then go and “_optout”.
According to my understanding, while they can access your shared network, they don’t get to see your shared password. Small consolation because any malware or infection they have on their systems comes along for the ride and is granted permission to be on your network and in your “home”.
And that’s the core of the concern. While many non-technical users will be happy with the convenience of easily sharing network access to their family and friends, the deeper threat is what could happen once that “guest” system is connected on the network; exploit scans? pen-testing? downloading of questionable files?
To me it falls under that “it’s just network access to the Internet what’s the harm?” false security mentality that is so ubiquitous nowadays that drives security sysadmins to the point of madness. Just like the “why is it a problem that I borrowed my Ethernet cable at work to plug in my personal XP laptop during my lunch hour?…it’s not like I’m using my locked-down enterprise work system.”
Really? Just can’t see the problem there can you? Hmm.
Yes all those points are still risks under the “old-school” model of Wi-Fi access sharing; here’s my SSID, here’s the password, need some help? But at least there is a pause or opportunity to consider the device/user/access being granted--maybe go over some house rules and review/vet the system if you are a security geek.
Nor do I see a way to later selectively (retroactively) block or disable access granted to a contact…short of renaming your SSID and/or changing the access authentication password. Though I suppose if your Wi-Fi router supports it (and you know the former-bae’s MAC address) you might be able to block them via access point filtering.
Regardless, the current GSD recommendation is to run away from this “helpful” feature as fast as you can.
Now that I’m thinking about it, it’s probably time to consider setting up a “guest” Wi-Fi network with a different SSID that is isolated from the main “trusted” Wi-Fi network.
…or pick up a Wi-FI router that supports an isolated “guest” SSID zone as mine does.
- What is Wi-Fi Sense and Why Does It Want Your Facebook Account? - How-To Geek
- How to stop Windows 10 from sharing your WiFi password - ExtremeTech
- What is Wi-Fi Sense and should you be using it? - gHacks Tech News
- All you need to know about Wi-Fi Sense on Windows Phone 8.1 - | Windows Central
- Wi-Fi Sense FAQ for Windows Phone - Windows Phone How-to (United States)
- Wi-Fi Sense (Windows Drivers) - Microsoft Hardware Dev Center
- How do I opt my network out of Wi-Fi Sense - Windows Phone How-to (United States)
- Windows Phone Tip: Automatically Connect to Public Hotspots with Wi-Fi Sense - Thurrott.com
- New Windows 10 feature makes Wi-Fi network sharing super-easy - Naked Security
- How safe is the Windows 10 Wi-Fi sharing feature? - Help Net Security
- Windows 10 with Wi-Fi Sense: Look before whom you grant access - Caschys Blog (via) Google Translate
- Windows 10 Shares Your Wi-Fi With Contacts - Krebs on Security - added to post 2015-07-31
hat tip to TinyApps blog