Windows 10 Is Quietly Sharing Your WiFi Password

It wouldn’t be a new version of Windows without at least a few entirely bewildering decisions on Microsoft’s part, but this one’s a high speed collision of face and palm even by the standards of the company behind Windows 8. In a nutshell, there’s this feature in Windows 10 which will automatically share your wifi passwords with any and all Outlook, Skype and Facebook contacts who also use Win 10. Or, were they to manually enter your password into their Win 10 device, it would by default be treated as ‘their’ network and shared with their contacts. In other words, be vigilant – otherwise you’ll end up with Kevin Bacon using your internet connection whenever he wardrives past your house.

I can entirely understand why someone thought this feature, known as WiFI Sense, was a good idea. How many times you done that awkward dance where you go to a friend’s house and want to use their wifi, so he’s upstairs with the router, trying to bend the cable further than it will go so he can see the sticker on the back, and shouting “X94 no sorry X49” down to you, then it takes twelve goes and you still don’t get anywhere?

WiFI Sense is intended to take the pain out of this: you go to your mate’s house and your Windows 10 laptop/tablet immediately hops online because the password’s been shared via MS’ servers. Your password won’t be shown to anyone – visitors’ PCs are invisibly sent it automatically, wreathed in encryption. Also, the only thing they get automatically is internet access: you’ll have to consciously intervene if you want them to have access to other devices and folders on the network too. In theory.

In theory, lovely. In practice – Microsoft have, somewhere, an enormous database full of people’s passwords. Sure it’s encrypted, but recent history shows that this isn’t the impediment to hackers that one would hope. Possibly even more worrying is that, in its current form, WiFI Sense offers no fine control over who passwords are shared with. So if you click the Facebook share option, it goes to everyone you have on Facebook. So that annoying guy you accepted the invite from because you didn’t want to upset him might in turn, unknowingly or otherwise, wind up sharing your password with his contacts from /r/makingpeoplesliveshellisfunnylol.

WiFi Sense doesn’t share your password with friends of friends, so it’s not going to be passed infinitely around the globe. However, if a visitor manually enters your password into their Windows 10 PC – maybe because you told them, maybe because they secretly wrote it down while you were having a wee – that will then be shared with their Facebook, Outlook and Sype contacts unless they’ve expressly said otherwise. This means that, abstractly, perfect strangers will have access to your network. Manually entering WiFi password is and will likely remain the default means of sharing networks for the forseeable, so this is hardly an unlikely scenario. Granted, said strangers finding your address – or even knowing to – is less plausible, but it does mean your password might end up out there on any number of unknown computers, which is an uncomfortable thought given the relative regularity with which big firms get hacked these days.

There’s also some handwringing about this system giving Microsoft some degree of access to your Facebook contacts, which isn’t info everyone wants other large corporations to have.

Insult to theoretical injury, Microsoft don’t exactly go out of their way to tell you that they’re doing this, so if you agree to Express Settings when installing or updating to Windows 10, WiFI sense is silently turned on for you. Realistically, the risks are small and yet to be proven, but this shouldn’t be something we all unknowingly agree to, or something that only tech-savvy PC users are aware of or understand.

How To Turn Wifi Sense Off

Basically, you should probably turn WiFI Sense off until you’re sure you’re 100% comfortable with it, or an update with more granular settings is released. To do that, go to Settings – Network & Internet – Manage WiFi Settings and turn off as much as concerns you. You can either wholesale block WiFi Sense, which means you won’t automatically connect to chums’ networks yourself, or just prevent Windows 10 from sharing your own networks with others. There’s also an option to automatically connect to suggested open networks, while also strikes me as something which could be abused were anyone to work out how to hack Microsoft.

What that won’t stop is friends who do have WiFi Sense turned on from sharing your password with the various thieves and murderers in their own Facebook contacts in the event they manually entered it into their PC. There is a convoluted means of preventing this, but it’s ridiculous that Microsoft don’t offer an option within Windows 10’s own WiFI Sense settings, to be honest. Let’s hope there’ll be an update to tighten up controls.

Here’s what you need to do for now, anyway: add ‘_optout’ to the end of your wifi network’s SSID/name. You’ll need to fiddle with your router settings for that, so refer to its manual if you don’t know how. Once that’s done, your friends’ Windows 10 devices won’t then share your network on with anyone else, regardless of WiFI Sense settings. You can also request that they uncheck the ‘Share network with my contacts’ box when they’re entering your password, but that requires both memory and trust.

Conversely, this official FAQ will tell you how to use WiFi Sense if all this sounds jolly hockeysticks to you.

Of course, Windows 10 isn’t actually released until tomorrow, so all is subject to change. However, the build available to anyone via Windows Insider is the one released to manufacturers, so WiFi Sense in its current form is a finished feature rather than a buggy one. We’ll just have to see if Microsoft update it as a result of the current web-wide palaver.

179 Comments

  1. MadTinkerer says:

    “Possibly even more worrying is that, in its current form, WiFI Sense offers no fine control over who passwords are shared with. So if you click the Facebook share option, it goes to everyone you have on Facebook.”

    I know people, quite a few people, who are going to accidentally steal each others’ identities if this is an actual feature in their computers. They would have no idea how to prevent it.

    This is not how user-friendliness works.

    • mattevansc3 says:

      RPS’s statement is quite inaccurate in that regard. The person has to physically connect to the network first. WiFiSense then requests the router key and receives it in an encrypted format. WiFiSense then has access to the internet only. The end user at no point gets to see or has access to the router password.

      • Gaminggumper says:

        by Physically connect, does that include over WiFi?

        • mattevansc3 says:

          Sorry, I use physically and manually interchangeably. They have to manually select the WiFi network first. Your Facebook friends aren’t told the name or location of the WiFi network.

      • Hobbes says:

        And if I have to explain what the first rule of corporate intranet security is, we’ll go around in circles, so let’s not do helldesk 101. Anything that gives out credentials indiscriminately, regardless of what form they take, represents a security risk. You -never- trust external clients. End of discussion.

        • Premium User Badge

          garfieldsam says:

          Especially for enterprise clients. My employer would flip the fuck out if they found out this was happening.

          …but something tells me Microsoft isn’t even bothering to court the enterprise crowd with these new OS releases. Most of them are still on 7 anyway.

          • Ayasano says:

            Windows 7? Ha. Right now I’m in the middle of upgrading all the computers for a (very very big, like, multi-billion dollar) company I work at that still uses Windows XP for the majority of their staff. They’re only upgrading to 7 because support for XP ended. *facepalm*

      • Devan says:

        I’d like to know how they plan to ensure that “the only thing [visitors] get automatically is internet access”. Unless MS gets into the router business or develops some new protocol and tries to push it on router manufacturers, how can they have any influence over what the visitor can access through the network that they’ve been given the password to?
        I suppose at the OS level they could specifically disallow the use of shared folders, printers etc through that network interface, but that doesn’t sound very robust. For example there could be services running on your network that Windows doesn’t know to block because they’re not widespread. Or if they go the route of blocking everything except HTTP, HTTPS etc then they risk making some legitimate web-based services not work right.

        • md678685 says:

          They can block some of the traffic over the private IPv4 ranges (192.168.xxx.xxx), but they can’t block DHCP, or else the device won’t get an IP. And if the network requires special authentication (such as having a pre-shared key for the network and a username/password combination for the firewall), the user would have no way to authenticate. Another problem is that if a network uses 802.11x (RADIUS), what does WiFi Sense do? I wouldn’t want a random guy at work/school who somehow got my Skype to be able to login to the network as me.

      • romnempire says:

        …requests the router key from what? the device isn’t connected to any network.

  2. Frank says:

    Thanks, just disabled it.

  3. The First Door says:

    Hang on a second… that’s utterly crazy, isn’t it? What if you live in flats, especially student flats? Any of your friends in the building could hop on your WiFi, and do dodgy things and you’d not know?

    To be honest though, what worries me more is that if MS are doing this with WiFi passwords, what on earth else are they silently firing back to their servers without telling you?

    • lanelor says:

      Do you really want to know? Will it make you switch to … Linux/Mac? in reality, i can just filter by MAC address, right?

      • Strabo says:

        MAC addresses are easily spoofed if someone wants to screw with you. But those people also manage to break your Wifi password anyway.

        • Premium User Badge

          Wisq says:

          Not if you choose a good one. Unlike WEP, I believe you can’t really crack modern WPA2 by anything other than a standard brute force attack, and that relies entirely on how good a password you’ve picked.

          • mjc says:

            There are several other methods available but they generate a lot of traffic. Most people wouldn’t notice the extra traffic, however.

          • Yglorba says:

            If you have WPS enabled (and some routers don’t let you turn it off), WPA2 can be broken easily.

            For some reason, WPS allows your password to be retrieved by sending an 8-digit code. What’s that, you say? There are 10,000,000 possible codes? No, no, someone had the bright idea of having WPS confirm the two halves of the PIN separately, so it will tell you if you’re right or wrong after just 4 digits, allowing you to move on to guessing the second half.

            Always disable WPS! It is bad.

      • The First Door says:

        Yes, surprisingly I’d actually like to know who is using my WiFi! Say you are in a country with a 3-strikes law on your internet, or you have a cap on your internet. Would you want to lose a strike or run out of internet because someone else was using it? Unless Microsoft are doing something clever, it’s piss-easy to tunnel almost anything through port 80, after all!

      • Awesomeclaw says:

        Switching OS won’t save you, since if share your wifi password with someone else who is running W10, they can then (‘inadvertantly’) share it onwards. It seems that the only real solution is to switch to a wifi security system not supported by wifisense.

        • mattevansc3 says:

          They can’t inadvertently do it. Everytime you connect to a new network you have to tick the box to share that network. Your friend would have to be actively sharing your network with others.

          • LexW1 says:

            So when you connect to a new network, there is an obviously visible (on the same page) box, which is, by default, unchecked (always), and which they have to actively check to share it? And in particular there’s no condition under which that box, can, by default, be checked.

            Because knowing MS, I have a feeling there will be a situation under which it can be default checked. But you tell me!

          • aleander says:

            Even if the option is unchecked by default, the entire thing is terribly insecure. Not only it quickly propagates to “entire internet has your WiFi access” if you live in even moderately densely populated area, it means that, at the very least, it also means that MS has your root key (AFAIK it’s possible to avoid sending your key to the client — no, it doesn’t matter if the user is “shown” the password, nobody gives a damn about that), and it being “encrypted” matters not at all. mattevanc3 is writing around from a position of massive DK effect coupled with a terrible lack of understanding of security, I’m afraid, but that’s all too common.

            Even treated with maximum benefit of doubt, this is a very irresponsible idea that makes it easy for underinformed users to cause terrible damage. People who are friends of friends will pass by your home. Their devices will be hacked. People will have vulnerable devices connected to home networks (when did you last update the firmware on your printer?). This is a terrible idea.

        • Solidstate89 says:

          Even if you have Wifi Sense enabled, it doesn’t share to friends of friends. Where did you read that crap?

          • aleander says:

            The *friend* will have it installed. Not you, that would be crazy. Your friend who came to play RPGs at your place. And the friends of theirs as well. Seriously, if you can’t imagine how a friend of a friend would be the “first” link here, eventually getting the password to friends of friends of friends (who have 12000 contacts on FB and twice as many on Skype, because no day is complete without accepting a spambot invite), you either lack imagination or friends.

    • mattevansc3 says:

      Then don’t share that network. It asks everytime you connect to a new network.

      • The First Door says:

        Importantly though, according to PC World, if you have a friend visit and they type your password in manually (because you’ve decided not to share it) they can still share it for you, which is still a problem if you have non-tech savvy friends and you aren’t paying attention. To ensure it is never shared you have to rename your SSID:

        link to pcworld.com

        So at least there is a solution, I suppose.

        • mattevansc3 says:

          Depends on what you mean by sharing in this regard.

          The passwords are not broadcasted. The router name is not broadcasted. The address of the router is not broadcasted. The only way the friend of a friend gets access to your internet is if your friend selects the option to share your network, they physically come to your property, select your network and are running WP8.1/Win10 with WiFiSense enabled. At that point WiFiSense requests the password, Microsoft sends it encrypted to the WiFiSense program, not to the end user, and WiFiSense gain internet access via the router.

          If your friend is telling people you don’t know where you live and what your network ID is is Microsoft letting them access the internet really your biggest concern?

          • Geebs says:

            Don’t be daft. If the choice is between “let a company store passwords they have no business storing in a big database” and “don’t do that”, the more secure option is always the latter. “You can turn it off” is no excuse for a system which has no reasonable excuse for defaulting to “on”.

          • joa says:

            Well, finally the password must be decrypted on your friend device, before sending it on to router. If one really would like to, it would not be too hard to retrieve. And if you use same password on wifi router as you do for the personal accounts (yes, bad idea, but I’m sure some did) then now your friend knows this.

          • Jeeva says:

            Just as a question:

            How are these theoretical laptops contacting the server/service to ask for the key if they don’t have network yet?
            Surely the implication here is that they’re storing all the delightful passwords on the device of every Facebook friend who has this feature activated?

            Won’t this mean that a vast dump of wi-fi passwords is easily accessible to anyone with a pwnapple (or similar spoofing tech) absolutely anywhere?

          • Premium User Badge

            keithzg says:

            Yeah, wondering the same as Jeeva. The laptop or tablet (or phone, for the 5 people with Windows Phones) must have a copy of the credentials on it already, since the entire action here is connecting to a WiFi network, which is a bit moot if it requires you to have an internet connection to get an internet connection…

          • 10min says:

            Stop speaking nonsense. Every information necessary to make the connection is shared, otherwise it would be useless.

        • Premium User Badge

          Wisq says:

          Holy crap that’s a ridiculous solution. (No offense to you, obviously; thanks for pointing it out.)

          By which I mean, the choice of a generic tag like “_optout” (instead of “_nowifisense” or similar) is ridiculous. What happens when the next wifi feature comes along? Will I be opted out of that too? (… Actually, knowing Microsoft, that’s probably for the best.)

          And plus, it’s a sort of insane hubris on Microsoft’s part, whereby a) they’ve obviously just created the most important wifi feature in the world (because if you “_optopt” you’re obviously referring to their fancy new feature and not something else), and b) they acknowledge this new feature is so controversial that it needs a kludgy way to tell them to go screw themselves.

          So, all in all, pretty much exactly what I’d expect from Microsoft. Every new version of Windows has to suck in some creative new way — and after their brief bit of positive PR for giving it away for free, they really needed to get their arses in gear and start adding new terrible features, right?

    • The Sombrero Kid says:

      There’s a privacy section in the settings app, by default they send absolutely everything, including everything you type and say. You can turn it off though.

      • Emeraude says:

        Tell me that’s sarcasm. I just don’t know anymore.

        • Premium User Badge

          Dez says:

          Of course it’s sarcasm. There’s no way they’d let you turn it off.

        • subedii says:

          link to windows10update.com

          I’m still iffy on just what will and won’t be allowed to be disabled, but yeah, by default they really are collecting everything. So if you hop on W10 you need to disable all of that ASAP.

          Frankly, after all the stories in just the past couple of months of major companies getting hacked and leaking ridiculous amounts of personal data, it’s not something I’d want them to have even if I did trust them.

        • 10min says:

          Not sarcasm at all. RTFL. read the F license.

          Read the “Microsoft Privacy Statement”. That’s the contract included in Windows 10.

          Microsoft is explicit in which you consent to have any password (no limitations; not just WIFI, anything goes) shared with whoever Microsoft wants, for profit.

          Microsoft gets the right to collect any of your passwords by any means, not only the computer/phone/tablet/website you are using.

          The license says:

          “Personal Data We Collect”
          “Contacts and relationships”
          “[…]the content of your documents, photos, music or video[…]”
          “Credentials. We collect passwords, password hints, and similar security information”
          “[…]In addition to those you explicitly provide, […] may also be inferred or derived from other data we collect”

          “Reasons We Share Personal Data”
          “[…]we share personal data among Microsoft-controlled affiliates and subsidiaries. We also share personal data with vendors or agents working on our behalf[…]”
          “[…]we will access, disclose and preserve personal data, including your content (such as the content of your emails, other private communications or files in private folders)[…]”

    • schlusenbach says:

      This article contains information about the Microsofts Privacy Statement and the data they might send back to their servers. I think it’s a desaster.

  4. Risingson says:

    You know, the thing is that, with the Hola affair and this one… I always think that we use too many routers, too many wifis, that it is a waste of resources. This sharing should be a step in a direction where everyone could use everyone’s wifi. The points against that is “someone could do something illegal in my name” sounds a bit “me me”, I don’t know. Maybe playing this card with a (much) better communication from MIcrosoft…

    • SuicideKing says:

      Yeah I know, everyone should get to freeload off my internet connection, and blow past my download cap.

      • Bluestormzion says:

        Totally. I love it when my connection goes to shit because a FAMILY MEMBER is watching something over Netflix. I’d like it even more when my game gets unplayable because some goddamn freeloader, who can’t be bothered to spend his own hard earned goddamn money, is using that bandwith AND I have to deal with everyone complaining that their movie won’t buffer.

        • Risingson says:

          Well, if you have issues sharing your internet connection with your OWN FAMILY, then there is nothing to discuss.

          • Premium User Badge

            Phasma Felis says:

            So you’re totally okay with having your games lag out because a family member (or complete stranger) decides to watch YouTube without consulting you.

        • mattevansc3 says:

          Don’t share the network then. Everytime you connect to a network it asks if you want to share it.

    • aleander says:

      Either you do communal state-maintained (in one way or another, feel free to contract private companies to actually build it) WiFi, and disable all plaintext IPv4/IPv6 traffic (or at least tunnel the last mile through something encrypted, obligatorily), or having everyone share networks is a terribly bad idea.

      Mind you, I totally am for doing the above, but the current legislative effort are going more in the direction of “ban all this sick encryption stuff, poor people might use it to kill us all”.

    • Gaminggumper says:

      In addition to data cap concerns, there is also the issue of legal responsiblity currently associated with how your web presence is tracked. Law enforcement could look at MAC address, but in most cases use IP first to identify illegal behavior and assign blame.

      Not to mention that service is not paid as a commidity.

      • joa says:

        MAC address cannot be used for such things – as it is just on link-by-link basis. So your router sees MAC address of your PC and your friend PC. But the next node from the router, it just sees your router MAC address. Then the next node from that node, it just sees the MAC address from the previous node.

        However, these days if you do something illegal, there are far easier ways to identify individual, such as by cookie and so on. Your browser provide sufficient information to identify you vs your friend.

  5. The Sombrero Kid says:

    It is true that when we designed wifi access points we really wanted them to be completely open to everyone on our facebook but the technology simply didn’t exist at the time so we resorted to using these primitive codes we could only pass to those people we explicitly wanted to have access, thank god microsoft collates a central database of all wifi access keys in the world.

  6. Strabo says:

    Yeah, I don’t think my bank account manager needs my Wifi password just because she’s in my contact list.

    At least you only have to turn it off once, it will be turned off on all your computers with the same account automatically if you turn it off on one.

    • mattevansc3 says:

      Unless your bank manager comes to your home with a Win10/WP8.1 device and WiFiSense enabled they wouldn’t be getting an encrypted file they couldn’t see anyway.

      • LexW1 says:

        You keep saying this like it’s some ridiculous unlikely thing – but Win 10 is going to be very common – pretty much all Windows devices (including phones and tablets) will be on it within a year or three, and as this is innocuous-seeming to the normals of the world, WiFiSense is going to be enabled on the vast majority of them.

        So the only question is whether than person comes anywhere near your network.

        Either way, it’s idiotic that it’s enable by default. It’s okay as an option. It absolutely should not be a default. It’s particularly hilarious when MS is claiming they have to force updates to ensure security, but are also forcing this on unless you turn it off…

        • nearly says:

          Given the response to this of anyone barely tech literate, and the knowledge that the people who created it had to have been more than a little tech literate, I would suspect that there’s more going on under the hood to make this secure than they have any intention of disclosing (though “secure” a bit of a misnomer in the tech industry: still, I suspect the countless people who are perfectly content to let sites store their credit card information won’t balk at Microsoft storing their wi-fi info)… They’re probably still underestimating how many random strangers people are contacts with.

          • hotmaildidntwork says:

            Given microsoft’s track record I don’t think that the authority of the tech literate over what gets made and released can be safely assumed.

    • 10min says:

      Windows 10 license contract says that Microspyware will not only collect, and share, your WIFI password, but any password, so that’s include all your bank passwords.

      You may believe that Microsoft will not do that, but the contract gives it the right to do so. Microsoft gets the right to grab anything, explicitly including your “private files”, and to share that with whoever it pleases.

  7. Heliocentric says:

    I lock my wireless internet because I don’t want my neighbours using my my monthly allowance, So yeah, not cool mocrofist.

    • Zack Wester says:

      Im in sweden we I dont have a Cap and I live in a somewhat Rural place so not that many pass by my router. Yet yy Router wifi security is set to somewhat Hight I dont want anyone to use my net.
      several reason why.
      1: it will use up my limited bandwidths(8Mbit/s).
      2; illegal stuff and yes the cops in Sweden recommended people not to set theres router to open( some years ago), cos if some one used your net for bad stuff you will end up in trouble.
      That killed that ide of people that lived in apartments next to the train station to have a router and internet set aside whit open access for all that are waiting on the train.(I saw one of them connections one time on my phone).

  8. mattevansc3 says:

    “So if you click the Facebook share option, it goes to everyone you have on Facebook. So that annoying guy you accepted the invite from because you didn’t want to upset him might in turn, unknowingly or otherwise, wind up sharing your password with his contacts from /r/makingpeoplesliveshellisfunnylol.”

    Only if YOU tell them your router password. Other users do not get to see your password and as you say in the next paragraph WiFi Sense does not share with friends of friends.

    • LexW1 says:

      But that’s what you’re not getting:

      You’re going to tell them it. Because that’s what you do for friends when they’re over. The problem is unless they are smart enough to ensure it’s not shared, it is, and I’m sorry, but some of my friends, especially their husbands/wives/kids are simply not that smart.

      It’s almost worse with it turned off! With it on, you don’t need to give them the PW, so it won’t be shared further, but you’ve got a lot of stupid insecurity. With it turned off, you give the PW then you’re relying on them not being idiots or not being Windows users.

      The _optout thing is the only real defense here. This should be off by default, and putting in someone else’s password and pressing share on it should require clicking on some sort of BIG OBNOXIOUS warning box saying “You are claiming that you own this WiFi”.

      • nearly says:

        So let’s take your example: you give a friend your password and they spread it to all of their friends. That means your password is getting spread through their friendgroup and network, but still only to people at 1 remove from you. That also means that, even if your friend has 1,000 other friends all on Windows 10, those 1,000 other friends still need to come and try to connect to your particular network to get the okay from Wi-Fi Sense. And while they might reasonably expect that they have access to any other network (say they have 1,000 friends of their own who are all on Win10), the sheer dearth of secure networks out there is going to be a deterrent in and of itself: how long would you spend trying to manually connect to secure networks just in case your friends with someone who has the password?

        But let’s back it up and say you use Wi-Fi Sense. That means you’re NOT giving your friend your password and they can’t spread it around, so that’s been nipped in the bud and it’s not an issue unless Microsoft themselves get hacked and it isn’t properly encrypted (and maybe it isn’t).

        In either scenario, I really don’t see it as likely that your network is being abused by anyone. If you live in close proximity to others, what are the odds that you’re giving them the password (e.g. that they’re not near enough to use their own Wi-Fi network)? If you live in a small town, what are the odds that a friend of a friend is going to set up shop something like 30 feet from your router (and with only a handful of obstructions)? How small does that town/setting need to be before the amount of secured networks is itself a deterrent to trying each and every one of them on the off chance that you’re friends with either the person who owns it or someone who is close enough to have received the passcode outside of Wi-Fi Sense?

        Let’s add in more options though. Wi-Fi Sense gives them internet access but they can’t control anything on the router: you still can, meaning you can go in at any point and kick off unauthorized users. That’s one extreme option. But, as you’ve pointed out, you’re only as secure as your most secure friend. Another option would be to change your password, enable Wi-Fi Sense and ask your friend to connect using it. If you’re not on Win10 but they are, you can ask them to turn off sharing when you give them the passcode (I mean, would you honestly trust someone with the passcode to your router if they would refuse to not share it or if you thought they were the kind of person that would hop on your Wi-Fi just to download things?). If you’re on Win10 or if you’re not, you can just choose not to share your SSID in the first place to drastically reduce the odds of anyone trying to see if they can get in.

        There are definitely issues with the implementation but it’s not really the trainwreck people are making it out to be. Whether you’re on Win10 or not, there are a variety of options to protect yourself, the most simple of which is not allowing people you can’t trust to connect.

  9. SuicideKing says:

    How many times you done that awkward dance where you go to a friend’s house and want to use their wifi, so he’s upstairs with the router, trying to bend the cable further than it will go so he can see the sticker on the back, and shouting “X94 no sorry X49″ down to you, then it takes twelve goes and you still don’t get anywhere?

    Er…never. Everyone remembers their wifi passwords.

    Only exception was my grandfather, in which case I opened up the connection settings from Network and Sharing Center on his laptop, deselected the “hide password” thing to remove the asterisks, and got the password.

    • gunny1993 says:

      Only if you have either a really good memory or changed the password from the default 34CGBX836SCCXSDD or whatever random code most routers come with these days.

      I don’t change the code, just have it on a piece of paper stuck to the router so people can use it when they need to.

      • SuicideKing says:

        Oh. Everyone I know has a changed code, tech savvy or not.

  10. LetSam says:

    Thank goodness my Fritz!Box generates a simple QR code for the guest Wifi account that I can print out and people can scan in when they walk in the door and ask for wifi access.

  11. LionsPhil says:

    It’s 2015, and they still haven’t understood that friending someone on a social network is not a meaningful trust relation? Cute idea, terrible implementation.

    • mattevansc3 says:

      Seeing as the person has to be within a physical proximity that allows the Win10/WP8.1 device to connect to the network before WiFiSense requests the password. If they weren’t a meaningful trust relation the network access would be the least of my concern.

      • aleander says:

        within a physical proximity that allows the Win10/WP8.1 device to connect to the network

        Half my coworkers shop in the department store downstairs. Not everyone lives in the middle of the desertsuburbs

        • mattevansc3 says:

          Those people also need to know your network name.

          • aleander says:

            Whoa, that’s, like, the best guarded secret ever. It’s not like network names are publicly discoverable by default (and convenience). All totally secure then.

          • nearly says:

            Don’t broadcast your network name. When you join your network for the first time on Windows 10, don’t select “Share this network with friends.” When friends come over and want to connect their Win10 devices, ask them not to select “Share this network with friends.”

            Sharing is on by default, but it only adds a network to the list of shareable networks IF you select the box when connecting for the first time. If you do so by mistake, you can still choose to turn it off and no one will be able to connect to your secured network via Wi-Fi Sense afterward.

          • 10min says:

            Microsoft didn’t spend the money to develop that “feature” for it to be useless.

            It would be useless if it does not share all the necessary information to make the connection, even if your “friend” knows nothing about networks, even what is a SSID.

            Is not only the password what is shared, otherwise it would be pointless.

      • LionsPhil says:

        You really are in full damage-control mode, aren’t you?

        By your logic, it’s OK to mail out copies of my house key to everyone I’ve followed online. Hey, they’ve have to find my house first!

        • mattevansc3 says:

          Except that’s not how the system works at all.

          • Ieolus says:

            But if I had a friend house-sit my house one time and gave him a key to borrow, all his contacts will have access to that key as well.

          • nearly says:

            lelous, not really. When you give your friend the passcode for your Wi-Fi because you’re either not on Win10 or opted not to use Wi-Fi Sense, they are given an option (if they are indeed on Win10) to share the network with their contacts. Obviously, you could a) type it in for them and make sure this box is not clicked or b) let them type it in and trust that they will make sure the box isn’t checked (because you didn’t just say your “this is my passcode, everything is out of my control!” but can say “here’s my passcode but make sure you’re not sharing it with friends.”)

            You can print “Do Not Copy” on a key but that’s not going to stop someone from sharing it. This makes it so you can’t copy the key because you’re directly in control of who is getting a key that can be copied.

    • C2B says:

      It’s not like that trend has crashed yet, though. *Share everything* is still well on its way and Microsoft by far not the only offender.

  12. Sarfrin says:

    Windows 10 naysayers may commence with the smugness.

  13. Gnoupi says:

    The actual FAQ link (and not the “how to connect” like in the article) addresses some of those concerns : link to windowsphone.com :

    ▼I’m concerned about sharing WiFi networks. Can you tell me a little more?
    Whether you choose to share password-protected WiFi networks with your contacts to give them Internet access is completely up to you. Here are some important things to know and consider:

    – Your contacts don’t see your WiFi network password. For networks you choose to share access to, the password is sent over an encrypted connection and stored in an encrypted file on a Microsoft server, then sent over a secure connection to your contacts’ phone if they use WiFi Sense and they’re in range of the WiFi network you’ve shared. Your contacts can’t see your password, and you can’t see theirs.

    – You’re in control, and you choose which WiFi networks you want to share access to. When you first connect to a password-protected WiFi network, you choose if you want to share access to that network with your contacts. You can share a few networks, a lot or none – it’s up to you to decide which networks you share. You might have more contacts on one social network or service than another, so you could share WiFi network access with one social network or service and not another to help determine how many people can have access.

    – When you share network access, your contacts get Internet access only. For example, if you share your home WiFi network, your contacts won’t have access to other computers, devices or files stored on your home network.

    – Networks are only shared with contacts who use WiFi Sense on their Windows Phone. WiFi Sense doesn’t work for people who use a smartphone that’s running on a different operating system or a version of Windows Phone prior to Windows Phone 8.1. If your contacts turn off Share WiFi networks I select Toggle Off icon in Settings Settings icon > WiFi > WiFi Sense, they’ll stop sharing their networks and they won’t be able to connect to networks you share.

    – You share with your contacts, but not their contacts. The networks you share aren’t shared with your contacts’ contacts. If your contacts want to share one of your networks with their contacts, they’d need to know your actual password and type it in to share the network.

    – Enterprise networks that use 802.1X can’t be shared. If you connect to one of these enterprise networks at work or somewhere else, those network credentials won’t be shared with any of your contacts.

    • LionsPhil says:

      Enterprise networks that use 802.1X can’t be shared. If you connect to one of these enterprise networks at work or somewhere else, those network credentials won’t be shared with any of your contacts.

      Sysadmins working at places that allow staff to use their own devices on the wifi can now resume their heartbeats.

      Except the ones at smaller organizations that just stuck a plastic box access point on the network and set up WPA-PSK.

      • gunny1993 says:

        what about if sysadmin connects with all employes and uses sense, far as I read this doesn’t seem device specific but account specific so as long as all devices are connected to the same account personal devices work fine. So now not only can you have a secure code (rather than “Stopaskingmeforthepasswordyoufuckingcretins”) and no one actually knows the code.

        Not sure how practical that is but hey, its an idea

        • LionsPhil says:

          I somehow doubt any sysadmin wants to be Facebook friends with all their colleagues, and only their colleagues.

          • gunny1993 says:

            lol fair enough

          • Emeraude says:

            But then why not create a company X network page for that sole purpose ?

          • hotmaildidntwork says:

            If I’m understanding this right, doesn’t this idea working rely on the assumption that everyone will have a windows 10 phone anyway?

    • LexW1 says:

      Apart from the 802.1X thing, that addresses literally zero concerns that the article didn’t. Some of it is actually misleading.

    • mwoody says:

      “– When you share network access, your contacts get Internet access only. For example, if you share your home WiFi network, your contacts won’t have access to other computers, devices or files stored on your home network.”

      How would this work? Does it prevent access to local subnets, other than the gateway? Does it require that the access point be the gateway? Couldn’t you just change the gateway to gain access to a local device at that address? Also, since it’s an OS function rather than enforced by the firewall, I’d wager a Win10 hack would easily circumvent that.

      *sigh* Maybe I’m just cranky because this means we’re going to have to change several hundred SSIDs for our clients, and the hundreds of support tickets for people who don’t know how to connect to a wireless network that will result.

  14. Det. Bullock says:

    *groan* Why Microsoft? Fortunately I’ve postponed upgrading our Windows Tablet laptop until we’re closed for winter, it seems there will be a lot of fiddling to do to make this OS usable.

  15. PancakeWizard says:

    Why the hell is this even a thing? Why would you ever want to share your network details with facebook friends?

    • Asurmen says:

      When those Facebook friends are your actual close friends? Seems like an obvious answer to me. Even then unless you regularly have Facebook friends you barely know round to your house, it’s utterly irrelevant.

    • mattevansc3 says:

      Its not as simple as that. Your Facebook friend has to be within physical proximity of the WiFi Network and connect to it. If you have shared that network (this is requested the first time you connect to every network) and they are also using WiFiSense then the program will request the network key from Microsoft. Microsoft then sends an encrypted file to WiFiSense that allows it internet access only through the router. At no point is the end user shown or given access to the network key.

      Realistically the only Facebook Friends who’ll get access to your router are those you know in real life.

    • bills6693 says:

      Not everyone uses skype/outlook extensively (i.e. adding your friends to it – for example on outlook I have work contacts, I don’t e-mail my friends, I facebook message them), but almost everyone uses facebook. Microsoft are realistic enough to know this.

      And combined with what the above comments said about it only being people who are actually basically at your house, it does make sense for it to use facebook.

      • PancakeWizard says:

        I’m replying to you, but this goes for all of you replying cos you all said pretty much the same thing:

        Why would MS feel the need to create a system for something that is largely resolved in seconds in the far more secure way of people in the same house actually talking to each other?

        This is insane levels of over-engineering.

        • Distec says:

          It wouldn’t be classic Microsoft if they weren’t so sure they were ten steps into the future where all their over-engineered crap makes sense. GFWL, Metro, Kinect… Let’s see how long it takes for them to get dragged back to the present day.

          I’m reading a lot of excuses and rationalizations in this thread for how this is actually not that bad, or okay even. For all I know, they’re right. But we live in an era where people are getting paranoid about their online security and for good reason. When you’re pushing a feature that makes your customers uncomfortable, all your perks and benefits don’t matter worth shit. It doesn’t matter if your new and improved method of doing the same old shit is actually better.

          Anybody who disagrees can go look up Win8’s acquisition rate.

  16. USER47 says:

    So, basicaly…

    1) If you choose to share the connection with your skype/facebook/outlook contacts, it shares the connection with skype/facebook/outlook contacts.

    2) If you are stupid and tell your pasword some random person, he can share it with other people and they can use your connection.

    How exactly is this newsworthy?:-o

    • Premium User Badge

      FhnuZoag says:

      It defaults to On.

    • Chorltonwheelie says:

      Yes. My thoughts exactly.
      F.U.D

      • Premium User Badge

        FhnuZoag says:

        You think it’s FUD that millions upon millions of computers running the default configuration of W10 are going to start silently beaming company/home wifi details to all their social network contacts until the user realises and goes into options to turn it off?

        • PinkFox says:

          But the thing is, it is not really on by default. You have to specifically enable it for each wireless network separately.

          • LionsPhil says:

            From the FAQ:

            If you decide to manually enter your password on someone’s Windows Phone instead of sharing access through WiFi Sense, make sure they can’t see what you’re typing when you enter it, then untick the Share network with my contacts checkbox before you tap Done to connect.

            This seems to imply it is ticked by default.

          • PinkFox says:

            A picture is worth a thousand words, I guess?
            link to i.imgur.com

          • LionsPhil says:

            Interesting. That makes a pretty big difference.

        • Asurmen says:

          Except that isn’t what is going to happen. If by social contacts you mean people who come round to my house, sure. At that point why would I care? I trust the people I know who visit me in person. Person on Facebook who I know from 10 years ago won’t get access.

          • Premium User Badge

            FhnuZoag says:

            No, the scenario is

            (a) all your Facebook ‘friends’ parked in a car on the other side of the street have access to your wifi network by default.

            (b) all the friends who visit you and you tell your password to, will by default broadcast those wifi access credentials to all their Facebook friends.

            In terms of ‘this just gives them internet access’, (a) there’s plenty of things you can do with just that, (b) I’ll bet in a few weeks people will find a way to get Wifisense on the client computer to expose passwords, and we’ll be in the situation where people will be able to drive by your house and hijack your home our company network.

  17. Premium User Badge

    FhnuZoag says:

    My question is, are historic wifi passwords shared? Like, if I am using win 8 and I upgrade, does my entire history of wifi access and their passwords get sent to MS and my contacts?

    • 10min says:

      Answer: yes.

      Microsoft explicitly collects and share, for profit:

      All your passwords of any nature and purpose.
      All your documents, music, photos and videos, including the ones in you private files and folders.
      Anything at reach of any microphone, 24 hours.
      Your GPS position, including your past history.
      Your fingerprints.
      Any of your “interests”. As vague and general as that, explicitly including the stocks you track.
      Your name, postal address, and any data capable of identifying you.
      Anything from your communications, explicitly including your emails or any form of communication.
      Any data collected by any sensor.
      Any data and information collected or inferred about you by any means, aside of the ones you explicitly provide.
      All your contacts and relatives.
      Your children included on the same terms.

      It is all in the license contract which you sign by using Windows 10, Microsoft Account, Bing and any Bing service or app, Onedrive, etc.

      AND you are impeded to uninstall any spyware Microsoft bundle with Windows 10, including Cortana (24 hour microphone surveying), Bing health, Bing Finance, Onenote, Bing xxx. (actually, you can right click on the icon of some of those “apps”, and click on “uninstall”, but it does not says that it only uninstall the icon, not the software.

  18. jontaro says:

    My company Nokia Lumia already wants to do this, to share my home and companys wifi password to all my Facebook “friends” and Outlook contacts.

    First time it popped up on my cell i thought that i just misunderstood and dismissed it without starting service. Second time i got it and read it properly, i just couldn’t believe sheer stupidity of it.

  19. pepperfez says:

    The part of this story that gets me is why does Windows know who my Facebook friends are? I mean, the other two are MSoft properties, so it’s plausible. But why on earth would I need my operating system to know who my (real or imagined) friends are?

    • drinniol says:

      You have to link your FB account to the Microsoft one, dummy.

      • Sarfrin says:

        Microsoft one dummy? Is that like an Xbox one, but a dummy?

        • Solidstate89 says:

          There’s a comma in there somewhere. I know it I’m not just dreaming it.

          • Sarfrin says:

            I never let punctuation get in the way of some good, solid facetiousness. It was better than just calling drinniol a boor.

      • pepperfez says:

        Well, right, I understand the actual mechanism. I just can’t imagine why one would use it. I feel this way because I am old and cranky, I realize, but the thought of Facebook being hooked right into my operating system just fills me with despair.

    • mattevansc3 says:

      You can link your Facebook account to your Microsoft account. It originally allowed Microsoft services to interact with Facebook services, for example an event invite you’ve accepted on Facebook would appear on your Outlook calender or you could post direct to a friend’s wall via your Microsoft contacts list.

      That functionality is mostly broken now because Facebook changed their system and Microsoft couldn’t/wouldn’t update their systems to work with it so there’s little point in connecting them.

  20. PoulWrist says:

    It’s funny how noone actually read the article.

  21. drinniol says:

    Windows 10 must be pretty solid if the big outrage is that contacts
    a) you’ve given permission to
    b) on social media you have linked to your Microsoft account
    c) on networks you’ve given permission on
    d) when they are physically present
    e) connect to the network, and
    f) using a Windows phone or device,

    will get an encrypted passcode that gives them internet access.

    • Emeraude says:

      What do you mean the “big outrage” ? Have you somehow missed all the other bigger, actually outraged instead of just concerned outcry?

    • RC-1290'Dreadnought' says:

      They are uploading information that shouldn’t really leave your own devices to the cloud. It doesn’t really matter if something is encrypted if information is leaked in a different way:
      – Buggy encryption software
      – Bad passwords
      – Deliberate backdoors
      – Personal threats to someone (or their family) who can provide access to the entire database.

  22. fish99 says:

    Is it true that the home version of Win10 auto installs new drivers, including video card drivers, and is there any way to stop it doing that?

    • gunny1993 says:

      Don’t know about optional things like graphic card drivers (well, only Nvidia, AMD drivers aren’t whql) but important security updates are uncontrollable in the home version. This is mostly to stop the main cause of large scale computer infections … I.E the fucking idiots who don’t instal the really important security updates.

      It also looks like they’ve done a backtrack link to forbes.com

      • fish99 says:

        Thanks for that. I don’t get why they extend it to drivers though, they’re not usually a security risk. It means if I need to go back to an old driver to get some game to work, that’s now difficult, and I suspect it also means optional software bundled with drivers, like GeForce Experience, will get installed whether I want it or not.

      • gwathdring says:

        A very minor backtrack; it lets you block bad updates AFTER they’ve gone out, but it won’t let you take pre-emptive action or handle your own driver updates. Yes, it’s bad when everyone isn’t up to date on their security patches … but of the bad patches Microsoft has released, most of them have been security patches as best I can tell. That is, a home user should be able to decide for themselves if better security or better stability is more important to them. It’s my computer, and my computer security. If Microsoft wants me to view their product as a service they should damn well start providing a service rather than a necessary evil.

        I think this means my next gaming machine is a console.

    • subedii says:

      It’s true. There was a pretty significant kerfuffle earlier this week with the system forced installing Nvidia drivers, and that clashing with Nvidia’s own driver manager.

  23. salgado18 says:

    Maybe, you know, a small pop-up comes up from the task bar, asking if you want to share your wifi with a device? Maybe freaking ask the user??

    • bills6693 says:

      Meaning it would only work when the user was on their laptop/device? If my friend comes round and wants to connect to my wifi on their windows phone, I don’t want to have to start up my laptop to allow them – at that point I may as well just go get the password.

      Wait, windows phone? Never mind, this is not a realistic situation :P

      • salgado18 says:

        Or a popup on your windows phone. There’s a chance you are using yours (yeah, right), or that your pc is on.

        In anyway, this should be the default option, with a full sharing (like it is now) on the system settings. UAC comes on by default, asking you to allow stuff to happen in your system, so why not the same care with your network?

        Also, don’t routers have that button to connect a device without using a password?

        • bills6693 says:

          Yeah I can see that, default to notification, can change to ‘NEVER!!!’ and ‘ALWAYS’.

          Yeah they are meant to but I rarely see one and I’ve never gotten a button thingy to work.

          Also I guess for some people the router might be hidden away wherever is near to the random point in the house where the cable comes in – in my parent’s house the router is among some crap on top of a chest of draws in my/guest bedroom, not in a ‘communal’ area like the living room/kitchen – so guests would have to go find it there. Thats the kind of situation its designed for an to be honest, its with the best of intentions and actually pretty clever, to link to your facebook friends if you’ve allowed it.

          Its just that maybe there should be more warning – personally I’m sure I’ll enable this feature but others may be more wary and I guess informing people is the best tool in allaying their concerns.

        • nearly says:

          This is actually the case with Windows Phone 8.1 where Wi-Fi Sense has been around for a while. If you’re sharing to contacts, you may be prompted to grant permission when they actually do try to connect. There’s an entry about that particular occasion in the FAQ.

          The thing people aren’t really addressing here is that you need to enable “Share this network” when you join a network for the first time or re-input the password to turn it on for one that your device already remembers. So while “Share networks with contacts” is On by default, it’s actually only pulling networks from ones that you’ve given it permission to share individually. Hopefully it won’t default all known secure networks to “Sharing” when people upgrade from Win8; if it doesn’t (and I’m guessing it won’t), then it’s still on you to make sure you’re sharing your network information only with people that you can trust to do the complicated task of deselecting a button as requested.

          Theoretically, Microsoft should have put “Do I have to share all networks?” at the very top of the FAQ (or even on the main page) with a big, bold “NO AND YOU WON’T ACTUALLY DO SO BY DEFAULT” to avoid a good deal of the complaints here, but maybe that’s asking too much.

  24. jroger says:

    This is actually a huge security problem, especially for company networks. This means you cannot allow trusted employees to connect with their private laptops, even temporarily. While doing so normally has a fairly low risk, now potentially all their friends and even Facebook friends (and that might include competitors) can access private company information.

    • gunny1993 says:

      Firstly in the FAQ: – Enterprise networks that use 802.1X can’t be shared. If you connect to one of these enterprise networks at work or somewhere else, those network credentials won’t be shared with any of your contacts.

      Secondly it sounds much better for them to me, they just stop telling people the passwords and just make them all use this sense thing, passwords don’t get shared through contacts contacts so you can directly control who can uses the network and not a single person actually knows the password.

      Also also it just gives internet access not sever or file access

      • LionsPhil says:

        Also also it just gives internet access not sever or file access

        Client-side security isn’t.

        • gunny1993 says:

          I don’t know what that means but

          – When you share network access, your contacts get Internet access only. For example, if you share your home WiFi network, your contacts won’t have access to other computers, devices or files stored on your home network.

          • bills6693 says:

            He was saying that client-side security is not actually secure.

            I don’t have an informed opinion on that, just translating

          • LionsPhil says:

            Yep. Once MS have handed over the password (via the cloud, without showing it to the user), and that laptop has associated with the AP, all bets are off. What you can and cannot reach from there can only be usefully restricted by the AP (since in practice it’s probably doing double-duty as a router), but it’s not part of this little game and as far as it knows someone else with the right password just connected.

            The Windows device might try to knobble itself to block traffic to LAN addresses, but this is entirely client-side. It’s an “I’ll be good, honest”, not actual security.

          • nearly says:

            But the simple solution (actually the safest for the company) is to just not give out the password to the network. Have IT create the network (maybe on a company managed IT account rather than an individual’s Exchange account), make sure everyone is contacts with the main IT account or is in some company Exchange directory, ensure that account remains isolated from out of company contacts, and then enable Wi-Fi sense. Even if you’re a smaller business and don’t have an Enterprise or Exchange subscription, you can still register free accounts on any of the 3 services and make sure all of your employees (and only your employees) are contacts with the directory account.

            Result? Employees can come and go and connect all devices that they’re logged in from, and they can’t share the passcode with anyone outside the company because they don’t have access to it. You’ve just locked down your entire network while still making it incredibly easy for anyone running Windows 10 to connect: and if they’re not on Win10, you have the same headache of granting individual users access to the network because they’re as able to share it as they always were. Nobody can share the network outside the office because no one has access to the passcode and you have whatever advanced security permissions you already had in place to gatekeep (because surely if you’re this concerned with security, your network access is a little more secure than WEP).

          • Hobbes says:

            Not entirely true. Whilst your employees won’t know the passwords, they’ll be stored in encrypted tokens on the devices, and worse, those encrypted tokens do get moved around it seems on Wi-fi sense indiscriminately.

            So, example – Consultant on Win 10 with wi-fi sense logs into corprate intranet normally, gets encrypted token on his BYOD laptop, because he’s an employee, doesn’t need to worry about the device in question, doesn’t worry about the network passwords, just logs in with his own userspace account and gets on with his usual stuff. Goes home, wi-fi sense then connects to home network, shares encrypted token with all the other connected devices on the basis that now those devices might connect to the corporate intranet in the future (because hey, if corporate consultant connected with device A, he may want to connect with device B, so we’re being helpful, right?).

            Now we’ve encrypted tokens all over consultants home network, now his kids who are also on his home network and have their windows phones hook up and do their evening facebooking and whatnot, they get the tokens because the wi-fi sense doesn’t discriminate, it’s being helpful, it sees devices that may connect to the corporate intranet, so it banks the tokens onto those, and suddenly those tokens are now in the wild…

            Here’s the problem with wi-fi sense as it works, it basically acts as a big ongoing pool of distributed tokens that constantly gets added to, discarded and refreshed over time. Think of it as a sort of “living phonebook” of networks that your device might consider connecting up to, if your device MIGHT connect to it in the next 28 days or so, it’ll get a token which enables it to connect to that network, though YOU may not have the appropriate creds (and thus need to log on to USE this token), the token is there to get you as far as the doorway, and if you’re on the right account, well, you get in without any hassle. For most people, this is great and wonderful because it makes their lives easier, and most people don’t actually care if they have tokens which don’t necessarily relate to their networks or whatever because they won’t be able to find them or do anything useful with them.

            However, if you know how to grab those tokens out of the protected space, and more importantly, can brute force the info back out of them, you can then run escalation attacks on the target network. For APT’s, this is a goldmine in the making. Seeing as local access to encrypted tables reduces getting information out of them into a matter of time and effort, I’d rather not be handing out my network information, tyvm.

      • jroger says:

        How many networks of small to mid-size companies are using 802.1X? And sharing a password through Outlook if you just want to give someone access quickly sounds like a lot of hassle instead of just quickly entering the password. And how exactly will it manage to “only give internet access”? How will it distinguish between “the internet” and a company intranet, for example? Just blocking access to CIFS is not enough by far. Sorry, this is a gigantic hole.

        • mattevansc3 says:

          If companies are allowing BYOD then they should be implementing systems more secure than just password protected WiFi.

          • jroger says:

            This is not even about BYOD. Even a temporary access is enough. And welcome to the real world, because that is what happens there. There are thousands of reason, why a “guest” device needs to connect to the network. This used to carry a fairly insignificant security risk in an otherwise well maintained, not high-security network. Not anymore. This is a security nightmare.

        • Hobbes says:

          Word on the grapevine is that several IT departments are going to veto Windows 10 deployment until this feature is sufficiently neutered to allow for BYOD without the risk of encrypted password tokens randomly wandering out of the company buildings every five minutes. Simply using “_optout” is in no way an acceptable solution, at all. If you think a consultant’s or otherwise mobile workers’ laptop is going to withstand sustained attack from a remotely interested APT who gets local access to those tokens and then is able to use those to get privileged access to the network they’re after, you’re either delusional or -severely- optimistic.

          Retired Sysadmin (ill health reasons, not old age). I would not deploy Win 10 commercially until this (along with a few other interesting issues) have been cleared up.

      • KDR_11k says:

        Secondly it sounds much better for them to me, they just stop telling people the passwords and just make them all use this sense thing

        The problem with that plan is that you’d need a network connection of some kind to receive information shared via Outlook.

  25. Solidstate89 says:

    I forgot this would be in Windows 10, as it’s been a feature of Windows Phone for a couple years now. I guess that’s why it doesn’t seem like it was “quietly” done to me. Perspective is everything I suppose.

    • Hobbes says:

      And in Windows Phone (due to the fact WP8.1 is a relatively low profile environment, and not really a high value target for anyone unless they’re aiming at something/one specific) it’s not really a big concern. Sticking it in the most hostile envrionement imaginable (the PC) alongside the highest attack profile possible (the most widely used OS) is just asking for people to get creative with ways to … expand upon it’s usefulness.

  26. Glow says:

    Anyone know what happens if say, I keep WiFiSense turned off, a friend comes over, I give them the router password after making sure they also have WiFiSense turned off, then they turn back on WiFiSense later after they’ve left?

    • ZakG says:

      I would assume that Windows 10 would continue to collect as much personal data as possible? It was hinted at in 8 (starting to collate many different accounts etc).

      I wonder what would happen to someone like me that does not use Facebook, or american based email etc? Would windows 10 just not work until i did? (i’m half joking here)

    • 10min says:

      Your friend phone and computer does not know that the networks doesn’t really belongs to your friend, so it is treated as your friend property.

  27. Premium User Badge

    FhnuZoag says:

    You also wonder what ‘internet access only’ means. Given that the majority of home routers are still using their default admin passwords, if this includes access to router admin pages, then it allows your facebook friends to start reprogramming your router, and then the real fun starts.

  28. KDR_11k says:

    Surprise features like this are why I’m waiting for other people to use 10 and give their reports before I switch.

    • RC-1290'Dreadnought' says:

      The problem is that people who have your wifi password might not wait to switch.

      • nearly says:

        Change your password and make sure they de-select the “Share this network” box when you allow them to connect with the new one. Crisis averted.

        • Hobbes says:

          Yeah, or use “_optout” on your network name, which is clearly not a kludge -at all- >.>

          Oh Microsoft. How you turn a seemingly innocent feature into a security hole the size of goatse…

  29. Monggerel says:

    This is only a problem if you have something to hide, surely!
    And me, I have nothing to hide.
    Nothing.
    ( ͡° ͜ʖ ͡°)

  30. Premium User Badge

    Don Reba says:

    I checked the setting, and it was off by default. Is it on for some others? That would be strange.

    • nearly says:

      I think what people are responding to is that the “Share my networks with contacts” setting is on by default, and people don’t realize that they still have to choose “Share this network” when joining for the first time (and maybe there’s no option if you’re doing upgrade rather than clean install, though I haven’t seen anyone mention that scenario).

      If you’re giving your passcode to someone on Win10, obviously you’d want to warn them to de-select it if it’s something you care about, which makes it a non-issue. The only way for them to re-select it would be to re-input the passcode and, if you’re really serious about security, you should make sure it’s not something they’d be able to memorize or just input it for them.

  31. Rane2k says:

    Is such a feature even required?
    Feels like a really risky move, just for a little convenience.

    After reading all these comments I´m not entirely sure if its “default always on”, but if it is, here´s a thought:
    When you buy a toaster and plug it into the socket, it starts OFF. When you buy a lawnmower, it starts OFF.
    When you buy any electronic device, it starts OFF.
    The why do we software engineers always have the need to have everything “default ON, forever, until it breaks”.
    Even worse, when you can´t turn stuff off at all, and just have to live with unwanted “features”.

  32. MazokuRanma says:

    Thanks for this. I don’t use express setting so I would have caught that part, but the ‘_optout’ requirement to fully disable it for your network would have been missed completely.

  33. Black Scalp says:

    Can you seriously just fuck off now with your left wing, feminist, Microsoft, valve and anything useful hating hipster bullshit. No one gives a fuck about your trying to be be cool politicly correct guardian twaty lazy journalism. You were once a quality journal with genuine opinions now you chuck out 100 word nonsense crap click-bait bullshit. Kieron would not be proud. This isn’t a student union rag, and it’s certainly not something i’m proud to read anymore.

    • gwathdring says:

      What does this have to do with “left-wing” let alone all those other things?

      There are far right elements that believe in privacy and don’t trust the corporations and/or government, too, last I checked. In America we have right-wing elements that tote around weapons and get in standoffs with law enforcement. It’s not just Marxists and hippies that want internet security! Indeed, many of them don’t give a shit about it.

  34. racccoon says:

    If you really think thats a flaw well its not we get attacked all day anyway. you just got to BLOCK!
    Use PeerBlock this will show just how many people or auto’s want to get in.
    I use all the time I block currently 3,327,617,746 IP’s

  35. NarcoSleepy says:

    So much FUD. I don’t even know where to start…

  36. ZephaniahGrey says:

    This is a REALLY crazy idea. I live in a condo, and share walls with my neighbors. If this works the way I think, they could easily hop onto my network and use my internet. Now, you make think, “Oh! They don’t have access to the network itself, just the internet, and none of your personal info!” But there’s a problem with that. I have limited data usage every month!! If I go over, I get charged! If my neighbor hops on Netflix, and starts streaming movies, they’re going to blow right past my limit and cost me a fortune! Did MS really not think of this? Did it even dawn on them that not everyone has unlimited data!? This is insane!

  37. ninnyjams says:

    HAH! Not having any friends pays off ONCE AGAIN

    -sobs-

  38. gwathdring says:

    A lot of people saying that it’s not a problem because they have to be at your house and so forth seem to be missing a key detail: whether or not someone is at your house asking WiFi Sense to send them your password, your wi-fi passwords are getting beamed up into the cloud. If you disable this, you have to rely on anyone in your house also disabling. Enabling this feature when they enter your wifi password requires them accidentally checking the box or misunderstanding what the box does or thinking it’s a good idea because you didn’t remember to explicitly request otherwise.

    That is to say, nobody’s perfect and this system makes it unnecessarily easy for imperfect people to submit your wi-fi passwords to the cloud.

    While that turns out to not be on by default, Microsoft is being cagey even by their standards with what kinds of information they collect and a lot of end users don’t think too hard about this sort of thing. The end result is going to be a lot of wi-fi passwords/router keys being sent to a server somewhere. It really doesn’t matter how easy it is for this to happen without your GUI-level permission. It really doesn’t matter what is or isn’t on by default. Ultimately, Microsoft thinks it’s just fine to potentially store millions of wireless internet security credentials in one fucking place.

    That’s. Abysmally. Stupid.

    It doesn’t matter how nicely it asks your permission. It doesn’t matter if you can batten down the hatches of your personal home wi-fi connection.

    That’s. Abysmally. Stupid.

    • Premium User Badge

      Harlander says:

      Google also does a similar thing where it keeps your wireless passwords on its server – though at least they never thought automatically sending them to your facebook friends was a good idea.

    • bills6693 says:

      I am not a paranoid/secure person online so maybe I am missing something but I just don’t see why that in itself is a problem. Why should I care if Microsoft has a server with my router keys and passwords on? In what way is that information able to be manipulated against me except by being used by someone who is physically present in the vicinity of my router?

      • Hobbes says:

        *stares blankly*

        Right. For you, home user, probably not a big deal. For SOHO or startup who may not have full on security or the protection of someone like myself, i.e. a proper sysadmin, imagine that you’ve set your network up and forgot to disable wifi sense and it sends these lovely little tokens out to all and sundry. Now let’s assume that some bright spark decides to try getting access to your network, as long as they can acquire a token for your network, this just became analogous to handing out keys coated in a ball of beeswax. All it needs is time for them to get the wax off.

        Does this help you understand the problem?

        Not every small business can afford people like me, even on contract. Not every large business will have departments with fully clued up admins who will ensure that the network is locked down tighter than a ducks’ butt. All it needs is one router to have wifi sense on and you’ve got tokens being spawned which can readily allow for escalation into your corporate intranet. Lovely.

        For honest to god Sysadmins, this kind of thing is the sort of security issue that makes us reach for the coffee, paracetamol and tazer gun, and go looking for the BYOD consultants (who invariably are going to cause the problems, because y’know, they’re going to bring all the unsecured crap onto the network…)

      • gwathdring says:

        Internet Security is about keeping it simple and being at worst only a few steps behind the curve. That we can’t necessarily think of how it would be exploited doesn’t mean it won’t be exploited. In this case, there are ways it could for sure be exploited already and even if there weren’t … it’s just not a good idea to send security credentials all over the damn place.

  39. Dances to Podcasts says:

    Ars responds.

    • gwathdring says:

      Ars does a fair job clearing up misconceptions but fails to respond to the bit that actually matters, and lampshades it themselves:

      “For a start, when a Wi-Fi passkey is shared with your PC via Wi-Fi Sense, you never actually see the password: it comes down from a Microsoft server in encrypted form, and is decrypted behind the scenes. There might be a way to see the decrypted passkeys if you go hunting through the registry, or something along those lines, but it’s certainly not something that most people are likely to do.”

      “Perhaps more importantly, though, just how sacred is your Wi-Fi password anyway? Corporate networks notwithstanding (and you shouldn’t share those networks with Wi-Fi Sense anyway)”

      “Ultimately, Wi-Fi Sense probably isn’t the most secure feature in the world, but it isn’t that bad either. As with many things in life, you have to choose between convenience and absolute security. ”

      And the big one: “Microsoft notes that, even if you opt out in this way, “It can take several days for your network to be added to the opted-out list for Wi-Fi Sense.””

      • gwathdring says:

        A lot of people who hear about the opt-out aren’t going to know that Microsoft might still be beaming their security credentials home to Redmond (or wherever) for a few days anyway.

      • gwathdring says:

        But in any case “certainly something most people aren’t likely to do” misses the point. Sure, I doubt anyone who comes to YOUR house is going to sneak into YOUR network by mucking around in the Windows backend to get your security credentials. But it just takes a bunch of clever people who have good reason to mess with wi-fi networks in general to start coming up with a solution to that problem. The less we throw security credentials around the place the better. It’s simply more hatches the security team at Microsoft has to batten down and keep straight at minimal benefit.

        It’s good to address problems like stored wireless keys being easy to pull off a computer and insufficiently bespoke internet security setups available to the average user who needs to share their wifi with people but should probably have easier to use tools to do that as securely as possible. But I just don’t think flinging security credentials around in a dedicated database full of security credentials is the best way to do that right now.

  40. 10min says:

    There is no liberty without privacy.

    Be aware that if you value your privacy at all, you should stay away, and very far, from Windows 10.

    If you install Windows 10, be sure to READ THE LICENSE CONTRACT. THIS TIME IT MATTERS.

    If you already installed Windows 10, you are doomed. At least know your lost rights. Start Windows 10, click on search>settings icon>Other privacy settings>Privacy statement

    Then you will get the atrocious contract, including, between many offenses, this:

    (google “Microsoft Privacy Statement” if you do not have Windows 10, and want the full text)

    “Reasons We Share Personal Data
    We share your personal data with your consent […]”

    Ask any lawyer. That does mean that you are giving your consent to Microspyware for your personal data to be “shared”. It is a statement of fact: Microspyware shares your personal data, and you consent to it.

    It does not says that you will be asked for your consent, it says that you consent to it.

    It does not impose any limitation on the “sharing”. Anything goes.

    It also says:

    “Personal Data We Collect”
    […]
    “Name and contact data. We collect your first and last name, email address, postal address, phone number, and other similar contact data.”

    “[…] the content of your documents, photos, music or video […] the content of your communications sent or received […]

    subject line and body of an email,
    text or other content of an instant message,
    audio and video recording of a video message, and
    audio recording and transcript of a voice message you receive or a text message you dictate”

    “Contacts and relationships”

    “Credentials. We collect passwords, password hints, and similar security information”

    Note that it does not says that it collect the passwords you provide to Microsoft. It just says “passwords”. ANY password.

    “[…] (GPS) data, as well as data identifying nearby cell towers and Wi-Fi hotspots, […] location derived from your IP address […] a city or postal code level.”

    “[…]age, gender, country and preferred language[…]”

    “Interests and favorites. […] such as the teams you follow […] the stocks you track […] In addition to those you explicitly provide, […] may also be inferred or derived from other data we collect. ”

    THE STOCKS YOU TRACK. That would be absolutely illegal without a contract.
    ASIDE THE INFO YOU EXPLICITLY PROVIDE. That means that Microsoft gets the right to survey you by any means, aside Windows 10.
    It does not need to survey you only trought a computer, phone, or website running Windows 10, it can survey you trough any way.

    There is no opt out.

    “Usage data. […] such as the features you use, the items you purchase, the web pages you visit, and the search terms you enter. […]”

    “[…]This also includes data about your device, including IP address, device identifiers, regional and language settings, and data about the network, operating system, browser or other software you use […]”

    Worse, there is another clause that says that MICROSOFT WILL CHANGE ANY CLAUSE AT WILL.
    “Changes to This Privacy Statement
    We will update this privacy statement […]”

    So, by using Windows 10, or any MS product or website, including Microsoft Account or Bing (which you are forced to use each time yo do a local search in W10), you are signing a BLANK CONTRACT IN FAVOR OF MICROSOFT.

    You effectively give Microsoft unlimited rights. Microsoft can walk into your house and claim it. It can demand any of your properties, any payment, any personal debt, anything.

    • gwathdring says:

      The legality of such a contract would, in many places, be immensely suspect. The more important takeaway isn’t that they can do this legally, but that they feel confident they can get away with it.