Ever told someone a secret only to find out later that they blabbed it to everyone they knew? Irritating, huh?
Ever let someone on your home wireless network only to find out later that all their friends now have access as well whenever they get within range? Not yet, but you will …
… unless Microsoft rethinks a new feature they included in the latest and greatest release of their flagship OS — Windows 10.
Generally speaking, the early reviews for Win 10 have been mostly positive. However, there’s one addition that might sound like a good idea on the surface, but once you think it through (which it seems the designers didn’t do), you quickly realize it’s a security nightmare.
The feature is called Wi-Fi Sense and it’s intended to help you overcome the complexity of letting visitors onto your home wireless network by automating the process of sharing the complex, hard to remember, even harder to enter encryption key that grants access. (You do have a complex, hard to remember, even harder to remember key protecting your Wi-Fi, right? Please say “yes.” Good.)
The problem is that it breaks the bounds of any sort of reasonable security standard by oversharing that key with all sorts of people you may not even know — many of whom you would never allow on your private home network.
Graham Cluely has a great description of the problem on his blog that I highly recommend that you read so you will have the details in a clear, understandable way that I couldn’t improve on (so I won’t even try).
Before you dismiss this as something you don’t have to care about because you don’t use Windows 10, think again. All it takes is for you to share your Wi-Fi key with any Windows 10 user who happens to have this (over)sharing feature turned on for them to automatically pass it along to all their friends even without their knowledge.
That’s right. You and all your family could run nothing but Macs or Linux but it only takes one visitor running Win 10 that you give the Wi-Fi key to before you unknowingly have shared this with all of your visitor’s Skype contacts, Outlook contacts, Hotmail contacts and Facebook friends.
I’m not ready to go so far as to say “friends don’t let friends use Win 10,” but I will say you should think twice — make it three times — before you share you home Wi-Fi with them.