Story image

Windows 10 WiFi Sense: Security risk?

03 Jul 2015

The Windows 10 feature WiFi Sense is raising security concerns due to the fact that it automatically shares WiFi passwords with a user’s contacts.

WiFi Sense was first available on for Windows Phone 8.1 users. However, the Windows 10 version opens up potential security risks for WiFi networks.

The feature allows a user to automatically connect to any detected crowdsourced WiFi network, acquires network information and provides ‘additional information’ to networks that require it, and can be used to automatically share their WiFi password with contacts on Facebook, Skype and Outlook.

It requests permission to connect to Outlook, Skype and Facebook to share information and passwords are shared via an encrypted link.

The WiFi passwords are sent via an encrypted link to Microsoft, who stores the data in their own servers and then sends the file over a secure connection to their contacts’ phone - provided they use Wi-Fi Sense and are in range of the Wi-Fi network shared.

Microsoft says WiFi Sense saves users the frustration of sharing passwords with friends and improves security.

On the company’s Windows Phone FAQ page, Microsoft says, “Some WiFi hotspots ask you to accept the terms of use in a web browser, provide additional information or do both before you can connect. WiFi Sense can do these things on your behalf to get you connected quickly.

“You can determine what information does or doesn't get provided and change your settings at any time.”

On exchanging WiFi network access with contacts, Microsoft says,“You can share access to password-protected WiFi networks to give your Facebook friends, contacts or Skype contacts Internet access without seeing each other's WiFi network passwords.

“Your contacts and friends are then automatically connected to the WiFi network you share if they're using WiFi Sense on their Windows Phone.

“Likewise, your phone will automatically connect to WiFi networks they share with you to give you Internet access.”

Providing internet access only ensures contacts don’t gain access to other computers, devices or files stored on the network, according to Microsoft.

One of the concerns with WiFi Sense is that internet encryption standards have experienced multiple bugs in the past year.

Furthermore, the fact that it doesn’t have any granularity beyond the service level means users can’t choose every person they are sharing their WiFi code with.

Microsoft has offered a potential solution: users can now prevent their network from working with WiFi Sense by adding ‘_optout’ to the SSID.

Users can also uncheck a box when they first connect, to disable the Wi-Fi Sense feature and ensure access to password-protected networks aren't shared with contacts.

Dropbox invests in hosting data inside Australia
Global collaboration platform Dropbox has announced it will now host Australian customer files onshore to support its growing base in the country.
Opinion: Meeting the edge computing challenge
Scale Computing's Alan Conboy discusses the importance of edge computing and the imminent challenges that lie ahead.
Alibaba Cloud discusses past and unveils ‘strategic upgrade’
Alibaba Group's Jeff Zhang spoke about the company’s aim to develop into a more technologically inclusive platform.
Protecting data centres from fire – your options
Chubb's Pierre Thorne discusses the countless potential implications of a data centre outage, and how to avoid them.
Opinion: How SD-WAN changes the game for 5G networks
5G/SD-WAN mobile edge computing and network slicing will enable and drive innovative NFV services, according to Kelly Ahuja, CEO, Versa Networks
TYAN unveils new inference-optimised GPU platforms with NVIDIA T4 accelerators
“TYAN servers with NVIDIA T4 GPUs are designed to excel at all accelerated workloads, including machine learning, deep learning, and virtual desktops.”
AMD delivers data center grunt for Google's new game streaming platform
'By combining our gaming DNA and data center technology leadership with a long-standing commitment to open platforms, AMD provides unique technologies and expertise to enable world-class cloud gaming experiences."
Inspur announces AI edge computing server with NVIDIA GPUs
“The dynamic nature and rapid expansion of AI workloads require an adaptive and optimised set of hardware, software and services for developers to utilise as they build their own solutions."