Windows 10’s Wi-Fi Sense draws security concerns

With Microsoft’s Wi-Fi Sense, people connect to open Wi-Fi networks. But does simplifying the connection process increase the peril? Some security experts think so.

Wi-Fi Sense is a Microsoft Wi-Fi connection program that was first introduced in Windows Phone 8.1, and is now being ported to Windows 10. Microsoft considers Wi-Fi Sense a convenient and simple way to connect to Wi-Fi networks. However, any time the word convenient is associated with software, security pundits get nervous, and this time is no different. Let’s look under Wi-Fi Sense’s bonnet and see what has the pundits worried.

Connect to open networks

Linksys_WRT1900AC_Router_Front_Final1-640x353Wi-Fi Sense facilitates connections to Microsoft crowd-sourced open Wi-Fi networks by automatically accepting terms of use and providing additional information on the user’s behalf.

The term “crowd-sourced open Wi-Fi networks” might need explaining. Microsoft has accumulated a huge database repository of open hotspots. Each entry consists of networking specifics plus any additional sign-in requirements. All this data — over one million entries from around the world — was obtained from consenting Microsoft users as they logged into the open hotspots, hence the label crowd-sourced.

When Wi-Fi Sense is enabled, it searches for open hotspots. Upon finding one, Wi-Fi Sense will check the hotspot’s beacon information against the database. If information about the hotspot is located, Wi-Fi Sense will send the required information automatically, removing the need for user intervention.

Security professionals dislike open Wi-Fi networks, and adding the ability to connect automatically to open Wi-Fi networks just adds fuel to the fire. The security pros I have talked to about this also mention that Microsoft’s decision to have the automated connection feature on by default is a mistake and feel it should be opt-in.

Share networks via Wi-Fi Sense

This feature allows the sharing of a Wi-Fi network without having to enter the “hopefully” long and cryptic SSID password. This Microsoft FAQ explains: “When you share Wi-Fi network access with Facebook friends, contacts, or Skype contacts, they’ll be connected to password-protected Wi-Fi networks you choose to share and get internet access when they’re in range of the networks.”

An important note: Guest connections are only for internet access; other computers, devices, or files stored on the network are not accessible.

Sharing networks via Wi-Fi Sense is theoretically better than handing out the connection password, simply because individuals getting access never see the Wi-Fi network’s password.

However, the passwords have to be stored somewhere, and that is a concern to security professionals. The process is explained in Microsoft’s FAQ: “For networks you choose to share access to, the password is sent over an encrypted connection and stored in an encrypted file on a Microsoft server, and then sent over a secure connection to your contacts’ device if they use Wi-Fi Sense and they’re in range of the Wi-Fi network you shared. Your contacts do not see your password, and you do not see theirs.”

The big security concern

Lee Munson in the Sophos Naked Security blog writes, “What we do know is that access to your network can, depending on your choices, be shared between all your contacts on, Skype and/or Facebook. So, you could be inadvertently granting access network to people you don’t know all that well.”

Munson’s concern is valid, especially if users do not fully understand how Wi-Fi Sense works. He adds, “That means you could find yourself in the position where a comparative stranger who has a tenuous link to you — say, the man you emailed about painting your kitchen, your Zumba instructor or your babysitter — could lurk near your home and connect to your wireless network using the access rights you inadvertently gave them.”

Additional user options

Microsoft, in a manner of speaking, allows users to be a bit sneaky. When asked for additional information, Wi-Fi Sense will try to use non-representative answers. “Some Wi-Fi hotspots require you to provide a name, phone number, or email address in to connect,” from the Microsoft’s FAQ. “In some countries or regions, these fields may be populated by default with generic information that’s not related to you specifically. For example, the email-address box may default to [email protected], but not your Microsoft account email address.”

Microsoft added the ability to prevent Wi-Fi Sense from using a Wi-Fi network by including _optout in the network name (SSID) of the Wi-Fi device. Microsoft explains how to make the change.

Too early for conclusions

Wi-Fi Sense is too new to tell if it’s a security issue, said most IT managers I asked about the connection program. One manager pointed out Wi-Fi Sense has no bearing on enterprise networks that use 802.1X. “If you connect to an enterprise network at work or somewhere else, those credentials will not be shared with any of your contacts.”

SOHO businesses and consumers will be the first to make use of Wi-Fi Sense. Road warriors should like the auto-connection feature. And, security managers aren’t going to worry until the company decides to upgrade to Windows 10. It will be interesting to see how this plays out.