The recent release of Windows 10 may have amazed the masses, but critics are expressing some concern over a few of its features. Wi-Fi Sense, originally a function of Windows Phone, permits the sharing of passwords for crowdsourced Internet networks so contacts across Skype, Outlook.com and social media can freely access it.
In effect, the feature bypasses any potentially awkward conversations between you and your acquaintances, granting password permission without needing to ask for it. A connection is then established and no future prompts will be issued when users come within hotspot range.
A More Interconnected Global Network?
The first thing you need to know about Wi-Fi Sense is that it’s automatically enabled upon installation of the new operating system if express settings were used. It can however, be disabled from the Wi-Fi settings submenu and doesn’t share your information until:
- You’re signed into your Microsoft account, and
- Check the “share my network with contacts” option
Once users are connected, they won’t be able to share the network and they won’t be able to view any other connected devices or files. However, the problem with such technology is that it turns on trust and social responsibility.
While the Wi-Fi Sense FAQ assures that all passwords are encrypted, stored on a secure Microsoft server and are perfectly safe, the idea is perhaps a little ahead of its time considering the rate at which privacy policies are breached.
Fortunately, there is one alternative security measure for people who’d prefer to have some piece of mind when booting up their desktop and digital devices.
Virtual Identity Servers (VIS) as Proxy Firewalls
Microsoft includes an active directory in most of its Windows Server operating systems to protect sensitive data. However, an active directory alone can be vulnerable and allow applications more access than they need.
A Virtual Identity Server (VIS) deployed as an LDAP Proxy Firewall offers more security for your sensitive data by only accessing essential information. Nonessential data remains hidden behind the firewall making it more difficult for unidentified users to breach.
Choosing to Opt Out of Wi-Fi Sense
If you’re dead set on upgrading to Windows 10 but still want to protect your connection and don’t want to change any of the passwords you’ve been using, you can try opting out. To do this, you need to update the network name or SSID so it reads something like “mynetwork_optout.”
Wi-Fi Sense will then recognize that you’re prohibiting anyone else from accessing your system. Just note that it will take several days for the change to come into effect and this is no guarantee that your emails, photos and other personal data will be kept safe.
Specifically, it’s unclear if the “_optout” extension will be enough to remove a user’s SSID from Google’s index as it requires the phrase “_nomap” to be included. It’s unlikely that a network name ending in “_nomap_optout” will negate every security threat and users may have to choose the lesser of two evils.
Not the First Time and Not the Last
The Wi-Fi Sense feature is reminiscent of Apple’s iCloud Keychain, a free opt-in service that allows stored passwords and other credentials to be synced across people’s personal constellation of iDevices.
Hopefully, Microsoft will have learned from the vulnerabilities of iCloud Keychain and made something more solid and secure. Only time will tell. For now, Windows 10 users should take the necessary precautions to safeguard their information and online identity.
This technology is still only in its infancy and it seems tech companies are willing to push the new paradigm before they show any signs of scaling back.
Image by okubax via Flickr