Stories
Slash Boxes
Comments

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 17 submissions in the queue.

Windows 10 to Share WiFi Key With Contacts

posted by cmn32480 on Wednesday July 01 2015, @09:19AM   Printer-friendly
from the we-are-really-security-conscious dept.

frojack writes:

According to The Register Microsoft plans to enable their WIFI Sense feature on all versions of Windows 10 by default.

WIFI Sense has been lurking on Windows Phones since version 8.1.

A Windows 10 feature, Wi-Fi Sense, smells like a significant security risk: it shares access to password-protected Wi-Fi networks with the user's contacts. So giving a wireless password to one person grants access to everyone who knows them. That includes their Outlook.com (nee Hotmail) contacts, Skype contacts and, with an opt-in, their Facebook friends.

With every laptop running Windows 10 in the business radiating access, the security risk is significant. A second issue is that by giving Wi-Fi Sense access to your Facebook contacts, you are giving Microsoft a list of your Facebook friends, as well as your wireless passwords.

Microsoft offers a totally ridiculous workaround: you can simply add _optout to the SSID to prevent it from working with WiFi Sense.

Microsoft's page on WIFI Sense hasn't yet made it clear that every Windows 10 computer using WIFI will have the feature on by default. But that page does also include this little gem:

Wi-Fi Sense uses your location to identify open networks near you that it knows about by crowdsourcing.

Where are the lawyers when you need them?

Original Submission

 
This discussion has been archived. No new comments can be posted.
Windows 10 to Share WiFi Key With Contacts | Log In/Create an Account | Top | 44 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 4, Insightful) by urza9814 on Wednesday July 01 2015, @05:55PM

    by urza9814 (3954) on Wednesday July 01 2015, @05:55PM (#203867) Journal

    Also note that it's enabled by default. Most users won't have a clue what it means, but since it's on by default, they'll assume it should be kept on.

    I mean christ, we wouldn't accept that for *sending an email* -- imagine a company saying "Well, you haven't come to our website and registered to opt-out, therefore we can send you as much email as we want!" No reputable company would do that. It's completely insane. We would never accept that for just sending someone a message, so what kind imbecile thought it was acceptable for *sharing security credentials*??

    Of course...this could just be Microsoft's way of saying all wifi should be open and that an IP address is not an identity....there could be a silver lining there...

    Starting Score:    1  point
    Moderation   +2  
       Insightful=2, Total=2
    Extra 'Insightful' Modifier   0  
    Karma-Bonus Modifier   +1  
    Total Score:   4