Windows 10 has a new feature called Wifi Sense that allows you to share wifi network access with others without sharing the wifi passkey – kinda.
I don’t see any sense in using it; too risky, and rather unnecessary.
An article on arstechnica says you shouldn’t be scared by it, and for the most part, I agree.
But I still wouldn’t use it.
After you read that article, consider the following:
1) Your passkey won’t be shared unless you explicitly choose to do so for a specific network. According to arstechnica:
- First, you need to sign in with a Microsoft account. Wi-Fi Sense won’t work with a local account.
- Whenever you connect to a new W-Fi network, it asks if you want to share it with other people.
2) Although it appears that it doesn’t share your password in plain text, it shares it in encrypted form, which the article says you may be able to dig out of the registry.
3) If someone is or BECOMES one of your direct contacts via Outlook, Facebook, Skype, or wherever else this feature is supported, and you share a passkey (you opt that network in), all your direct contacts will receive access to that network.
How many of you go through all your contacts regularly and weed out turncoat friends and new enemies? How many of you accept new contacts and friends you really don’t know or trust? You can bet this will be a new line of attack.
4) This statement from the article was alarming: “As long as you don’t share your workplace passkey, the potential security risk is low. And if you do share it, the risk is high.” Administrators should n0t allow this feature to be used at work.
5) This line near the end of the article sums it up nicely: “Ultimately, Wi-Fi Sense probably isn’t the most secure feature in the world, but it isn’t that bad either.”
6) Another scary line: ‘you can add _optout to the end of the network SSID. Microsoft notes that, even if you opt out in this way, “It can take several days for your network to be added to the opted-out list for Wi-Fi Sense.” ‘
It is debatable whether the optout tag works…
7) Finally, I still like the tried and true way of sharing a passkey: personally, or not at all.
Just don’t opt in on YOUR network.
Finally, you might want to check out Brian Krebs’ opinion, which this zdnet article ridicules.
The fur is flying!
What’s your take?
ITauditSecurity 
When I first read about this feature, it really made me wonder what they were thinking! Most modern routers set up a guest network for you, so why would I want to share the passcode to personal wi-fi anyway!
This also makes me even that more aware that when you sign into your system with a Microsoft account instead of a local account, they’re sucking up all sorts of information about your personal computer.
LikeLike
Shane,
I just upgraded to Win10 at home. Wow. The number of changes you have to make to get even a pretend sense of privacy. The main key is not to sign in with a Microsoft account, only a local account. And don’t use Cortanta or the new Edge browser.
LikeLike