Monday, August 3, 2015

How to be safe with Windows 10 WiFi Sense

The latest operating system from Microsoft, Windows 10, is here. The new platform includes a number of updates from previous versions, including WiFi Sense - a feature first introduced in Windows phones that allows users to share access to WiFi networks with their friends. The idea here is to remove the hassle of always needing to hunt down a password when connecting to trusted WiFi networks. While certainly convenient, as Microsoft seeks to adopt as many end-users as possible to Windows 10 (qualified Windows 7 and Windows 8 users can update for free), there are a few things everyone should know about WiFi Sense to stay safe and secure.

How it works
WiFi Sense is on by default if you choose express settings during Windows 10 installation - which most users will select. However, it doesn't actually do anything until you've signed in with your Microsoft account, and then joined a new WiFi network. Upon joining a new network, WiFi sense will ask you if you want to share access to it with others. This typically includes all of your Outlook and Skype contacts, as well as your Facebook friends. That is as far as the sharing goes, though. A friend you've shared access with via WiFi Sense can not then share that access with their own friends and contacts.

WiFi Sense then stores the network passkey on a Microsoft server, and it is pulled down in an encrypted form when a shared contact wanders within range of the shared wireless network. The actual passkey is never displayed in this process, which is a good thing, however, it needs to be de-crypted on your device at some point, so there remains the possibility that the password could be found deep in your PC's registry settings.

Should I be worried!?
On the surface, this does reflect a security concern. After all, someone with the right know-how could potentially access your registry and discover the password. However, let's consider how WiFi network passwords are currently shared with friends. Generally, as a host, you provide your password for them to punch into their device directly. At this point, that friend knows the actual password, and is free to share it with whoever they like. At least with WiFi Sense, obtaining your actual password is significantly more complicated.

The good news is that WiFi Sense will not over-ride networks that rely on additional authentication protocols like 802.1x EAP, however, for offices that rely on a simple WPA/WPA2 passkey, there is greater concern. With how easy it is to share WiFi access with all of your friends on Facebook, businesses with with secure corporate WiFi networks will do well to educate their employees around the importance of NOT sharing corporate network access via WiFi Sense, and IT departments rolling out Windows 10 are advised to take time to configure WiFi Sense (disabling it altogether is probably best) on devices before putting them in the hands of employees.

At the end of the day, the consumer's ability to easily share WiFi with friends is probably going to win over the potential security compromises. For those who are especially concerned, turning WiFi Sense off will be your best recourse.

How to turn WiFi Sense off
To Turn off WiFi Sense in Windows 10, click the Start button, type "WiFi," and select "change WiFi settings." Once the next window pops up, click "Manage WiFi settings." From here, you can turn WiFi Sense off, as well as adjust a number of other settings, which allow you change which networks you share passwords on, as well as opt specific networks in or out of password sharing.

No comments:

Post a Comment