WiFi sense breakdown.
Almost as idiotically controversial as Windows 10's privacy settings is WiFi sense. Most people are jumping the gun and proclaiming this feature to be something that it ABSOLUTELY IS NOT.
One of the biggest misconceptions is that the problem can propagate (IE - If I allow my contacts access, and one of my contacts has WiFi sense enabled then all of their contacts have access as well). This is absolutely FALSE. Here is the official FAQ on the feature from Microsoft. Expand the "I'm concerned about sharing Wi‑Fi networks. Can you tell me a little more?" section and read away. Second last bullet says it all. Your networks are shared ONLY with your contacts.
That right there should tackle the biggest concern of all. Your WiFi passwords are not proliferating out in the wild without your knowledge granting access to random people.
The next concern is that people might then gain access to your WiFi password. Again, incorrect. Passwords are encrypted and sent over HTTPS to your contacts. The passwords aren't stored on the users phone, either in plain text or even in the encrypted form. Again, out of those remaining, this should knock down yet more of those concerned.
The last major one worth debunking is gaining access to the network on the whole, either to devices on the network or to the router. Again, not happening. Same section as the above two points, you'll find that it indicates that computers that connect to a network via a WiFi sense password from another user do not gain access to other network resources, just an internet connection, and it certainly does not get them control over the router or the traffic passing through it.
In other words, the worst possible problem is if you have a bandwidth cap and you have friends who come over (whom you wouldn't have given access to your WiFi network) who then abuse your internet. Lets face it, that is probably a problem for only a small number of people.
And, if used correctly (though admittedly, most people won't) this actually serves to make WiFi networks MORE secure. How? Well the underlying principle here is that while most people password protect their WiFi networks, people tend to choose VERY weak WiFi passwords because they need to be able to remember them to give to friends and family and to get their own devices on the network. WiFi sense basically allows you to make your WiFi password as arbitrarily complex as you'd like, set it on one WiFi sense enabled device, and then you don't have to worry about remembering.
There are a few problems though. But that was just a point to illustrate how a thing that everyone is concerned about weakening network security may actually serve to improve it. The problems are twofold though, firstly, propagation isn't instantaneous or anywhere near it according to some reports with a new password taking as much as a few days to propagate and a lack of cross platform support would be the other problem. Propagation speeds mean initial setup or after a password change you'd need to manually update ALL of your devices and not just one if you want to use them in a timely fashion which would discourage long and complex passwords. And also, because it isn't a cross platform solution you still need to be able to remember the password to provide to anyone running an iOS, Mac or Android device, which once again means you can't really make your passwords any simpler.
The feature still has benefits without the added security gains. The way most people will use it will mean that their networks effective security level will remain pretty much unchanged. But, it will be easier for Windows 10 device users to move from network to network. I just don't see it affecting an increase in WiFi password strength even if the potential is there. That part to me is a pipe dream and likely to stay that way. To get it cross platform would mean that other platforms would need to A) be able to accept an encrypted password from the service and B) restrict things like network access as well as any other network sharing software/apps from passing the connection along.
One of the biggest misconceptions is that the problem can propagate (IE - If I allow my contacts access, and one of my contacts has WiFi sense enabled then all of their contacts have access as well). This is absolutely FALSE. Here is the official FAQ on the feature from Microsoft. Expand the "I'm concerned about sharing Wi‑Fi networks. Can you tell me a little more?" section and read away. Second last bullet says it all. Your networks are shared ONLY with your contacts.
That right there should tackle the biggest concern of all. Your WiFi passwords are not proliferating out in the wild without your knowledge granting access to random people.
The next concern is that people might then gain access to your WiFi password. Again, incorrect. Passwords are encrypted and sent over HTTPS to your contacts. The passwords aren't stored on the users phone, either in plain text or even in the encrypted form. Again, out of those remaining, this should knock down yet more of those concerned.
The last major one worth debunking is gaining access to the network on the whole, either to devices on the network or to the router. Again, not happening. Same section as the above two points, you'll find that it indicates that computers that connect to a network via a WiFi sense password from another user do not gain access to other network resources, just an internet connection, and it certainly does not get them control over the router or the traffic passing through it.
In other words, the worst possible problem is if you have a bandwidth cap and you have friends who come over (whom you wouldn't have given access to your WiFi network) who then abuse your internet. Lets face it, that is probably a problem for only a small number of people.
And, if used correctly (though admittedly, most people won't) this actually serves to make WiFi networks MORE secure. How? Well the underlying principle here is that while most people password protect their WiFi networks, people tend to choose VERY weak WiFi passwords because they need to be able to remember them to give to friends and family and to get their own devices on the network. WiFi sense basically allows you to make your WiFi password as arbitrarily complex as you'd like, set it on one WiFi sense enabled device, and then you don't have to worry about remembering.
There are a few problems though. But that was just a point to illustrate how a thing that everyone is concerned about weakening network security may actually serve to improve it. The problems are twofold though, firstly, propagation isn't instantaneous or anywhere near it according to some reports with a new password taking as much as a few days to propagate and a lack of cross platform support would be the other problem. Propagation speeds mean initial setup or after a password change you'd need to manually update ALL of your devices and not just one if you want to use them in a timely fashion which would discourage long and complex passwords. And also, because it isn't a cross platform solution you still need to be able to remember the password to provide to anyone running an iOS, Mac or Android device, which once again means you can't really make your passwords any simpler.
The feature still has benefits without the added security gains. The way most people will use it will mean that their networks effective security level will remain pretty much unchanged. But, it will be easier for Windows 10 device users to move from network to network. I just don't see it affecting an increase in WiFi password strength even if the potential is there. That part to me is a pipe dream and likely to stay that way. To get it cross platform would mean that other platforms would need to A) be able to accept an encrypted password from the service and B) restrict things like network access as well as any other network sharing software/apps from passing the connection along.
Comments
Post a Comment