Windows 10: Wi-Fi Sense makes no security sense at all
Davey Winder is concerned about the implications of a new Windows 10 feature...


Would you share your Wi-Fi password with your Facebook friends, or your Skype and Outlook.com contacts for that matter? Microsoft thinks you should, and so makes this a default setting of Windows 10. Welcome to the very weird and insecure world of Wi-Fi Sense.
There is no official press launch for Windows 10, but there is an invite only 'fan celebration' the night that the new operating system goes public. I will be there, despite my fan status being debatable, but I will not be raising a glass to one aspect of Windows 10 that makes no sense whatsoever to me: Wi-Fi Sense. By rights this should be renamed by Microsoft to Wi-Fi No Sense At All because it really is one of the silliest things to emerge from Seattle since Windows Me.
Seriously, this is such a badly thought out 'feature' of Windows 10 that goes way beyond the irony of the naming process. Essentially it's moving something that has been part of the Windows Phone world for a while now into the mainstream courtesy of the launch of Windows 10.
What is it? It's three things that you need to be concerned about: firstly it's a method of sharing your Wi-Fi password in an encrypted form to your contacts including Facebook friends so they can connect to your Wi-Fi networks if they are within range, secondly it's turned on by default and thirdly it's a security car crash.
Let's look at these three points in turn. Number one is the what it does, but we should really be asking why we need it to do this at all. It rather assumes that when a friend of mine comes and visits then it is somehow way too problematical for them to ask what the Wi-Fi password is, or for me to have a guest account set up for them to use.
Instead, Microsoft thinks that this process should be automated so that any friend that visits gets access courtesy of the password being sent to them once in range. There are some provisos here, such as the friend (or business contact) needing to be using Windows 10 (or a Wi-Fi enabled device) themselves and being one of your named contacts to start with. I'm not convinced that this is a great time saver or convenience, certainly not for the average small business owner and it's usefulness is doubtful even in the home.
Number two, the fact that it's on by default, is a real no-no for me. Anything with a potential negative impact upon my security (and more of that in a moment) should be opt in not opt out. OK, so some may say that a check box giving you the option to opt out when you first connect to a wireless network is enough to make it a non-problem. Wrong. Windows 10 will keep your saved Wi-Fi passwords if you've taken the upgrade path that most will given the current 'free offer' so all the previously saved networks will get the automatic password sharing treatment by default.
Get the ITPro daily newsletter
Sign up today and you will receive a free copy of our Future Focus 2025 report - the leading guidance on AI, cybersecurity and other IT challenges as per 700+ senior executives
Which leads me on my most pressing concern, and that's the small matter of security. There is a reason that we security types bang on about not sharing passwords willy nilly, and that rather obviously is that it broadens the attack surface.
The more people who have your password so the more dilute the security of whatever it unlocks access to becomes. There is an argument which says that, for the home user at any rate, Wi-Fi Sense is more practical than giving your password out to John when he visits and then changing it after he's left to remain secure. More practical and secure, because the password is never revealed to John (it's encrypted) just access is granted automatically.
The flaws in this argument are many and varied, but we can boil them down to the simple fact that for Wi-Fi Sense to work at all that encrypted password must be stored centrally by Microsoft ("stored in an encrypted file on a Microsoft server' according to Microsoft itself) and copied to the Windows 10 (or Windows Phone) device that John is using.
The insecurity logic is fairly straightforward here: if the device connects to your protected Wi-Fi network then it needs to know the key, if the device knows the key then a hacker will eventually determine how to find that key and also use it to gain network access. Similarly, while Microsoft insists that Wi-Fi Sense only provides the user with internet access and nothing else on the wireless LAN, so no access to other computers or files, it remains to be seen how well this stands up in the face of a determined attacker. Surely it would be far better to not default to such a potentially insecure regime in the first place? What the hell is wrong with a secured guest account anyway?
So how do you remove this from your newly updated Windows 10 machine? Thankfully that appears to be fairly simple: go to Wi-Fi|Network Settings|Manage Wi-Fi Settings and then just uncheck everything. It's a pain, and most people won't do it because they won't even know that Windows 10 is sharing their passwords in this fashion, but it's the only secure way forwards at the moment beyond not upgrading to Windows 10 in the first place.
Or is it? Well no, it's not; I lied. And here is where things start getting really insecure, and Microsoft is guilty of an almighty cock-up in the 'what the hell are we thinking' department. Even if you disable Wi-Fi Sense on your own computer, anyone who does connect to it with a Wi-Fi Sense enabled device (someone you have given the password to, that you do want to have access) and who hasn't opted out will inadvertently pass your password on to their Facebook friends and other contacts.
Yep, friends of friends will now have access to your wireless network if they are within range. I'm not quite sure that getting everyone who connects to your network to sign a disclaimer that they have disabled Wi-Fi Sense is realistic outside of a Sheldon Cooper view of the world, so the only way to get out of this self-propagating insecurity loop is to use something of a security kludge that Microsoft makes available. You have to change the name of your SSID for every wireless network by appending _optout to disable Wi-Fi Sense completely. Unfortunately, Google Location Services also uses a SSID optout command (_nomap) for those not wanting Google Maps and other services to know where they are. To use both you have to place the _nomap optout last in the pecking order like this: _optout_nomap.
Still think that 'Sense' is an apt name for this feature? I don't, and unless you are insane or work for the Windows 10 development team I doubt you will either...
Davey is a three-decade veteran technology journalist specialising in cybersecurity and privacy matters and has been a Contributing Editor at PC Pro magazine since the first issue was published in 1994. He's also a Senior Contributor at Forbes, and co-founder of the Forbes Straight Talking Cyber video project that won the ‘Most Educational Content’ category at the 2021 European Cybersecurity Blogger Awards.
Davey has also picked up many other awards over the years, including the Security Serious ‘Cyber Writer of the Year’ title in 2020. As well as being the only three-time winner of the BT Security Journalist of the Year award (2006, 2008, 2010) Davey was also named BT Technology Journalist of the Year in 1996 for a forward-looking feature in PC Pro Magazine called ‘Threats to the Internet.’ In 2011 he was honoured with the Enigma Award for a lifetime contribution to IT security journalism which, thankfully, didn’t end his ongoing contributions - or his life for that matter.
You can follow Davey on Twitter @happygeek, or email him at davey@happygeek.com.
-
The Race Is On for Higher Ed to Adapt: Equity in Hyflex Learning
By ITPro
-
Google faces 'first of its kind' class action for search ads overcharging in UK
News Google faces a "first of its kind" £5 billion lawsuit in the UK over accusations it has a monopoly in digital advertising that allows it to overcharge customers.
By Nicole Kobie
-
Dragging your feet on Windows 11 migration? Rising infostealer threats might change that
News With the clock ticking down to the Windows 10 end of life deadline in October, organizations are dragging their feet on Windows 11 migration – and leaving their devices vulnerable as a result.
By Emma Woollacott
-
Recall arrives for Intel and AMD devices after months of controversy
News Microsoft's Recall feature is now available in preview for customers using AMD and Intel devices.
By Nicole Kobie
-
With one year to go until Windows 10 end of life, here’s what businesses should do to prepare
News IT teams need to migrate soon or risk a plethora of security and sustainability issues
By George Fitzmaurice
-
Microsoft is doubling down on Widows Recall, adding new security and privacy features – will this help woo hesitant enterprise users?
News The controversial AI-powered snapshotting tool can be uninstalled, Microsoft says
By Nicole Kobie
-
Microsoft patches rollback flaw in Windows 10
News Patch Tuesday includes protection for a Windows 10 "downgrade" style attack after first being spotted in August
By Nicole Kobie
-
Companies “wary” of Windows 11 migration challenges as Windows 10 EOL draws closer
News A recent study shows that only a fraction are running Windows 11, despite a rapidly-approaching end of life deadline
By George Fitzmaurice
-
New Windows vulnerability could repeatedly trigger the blue screen of death on millions of devices
News Attackers could exploit the Windows vulnerability to repeatedly crash machines and trigger a blue screen of death, according to researchers at Fortra
By Solomon Klappholz
-
Here’s how much Windows 10 could cost if you don’t upgrade this year
News Windows 10 extended security updates will cost users dearly, with prices rising incrementally each year.
By George Fitzmaurice