[ PRIVACY Forum ] Windows 10 will share your Wi-Fi key with your friends' friends

Owen DeLong owen at delong.com
Mon Jul 6 20:28:00 UTC 2015


Yes and no.

It’s not about licensing, but it is about the fundamental difference between open
and closed development models.

When you make a stupid product design decision in a vacuum (closed model),
and only the people drinking the same kool-aid ever see your decision on a source
code level, it’s a lot easier to ship that bad decision out into widespread use. Further,
the people now afflicted with your bad decision are beholden to you in order to get
a fix for the problem(s) it has created.

OTOH, when you try to do something stupid like this in the open source world, there
are far to many eyeballs looking at what gets submitted for it to last long. Anyone and
everyone can contribute a fix. Any victim has access to everything they need in order
to fix it themselves.

Owen

> On Jul 6, 2015, at 11:29 AM, Daniel C. Eckert <dan at drakontas.org> wrote:
> 
> This isn't really an open source issue -- anybody can make foolish product
> design decisions regardless of licensing model. This is more about a vendor
> producing a feature that deliberately and shortsightedly creates a slew of
> problems impacting almost all existing networks anywhere. It's highly
> convenient feature for a specific, limited use case (home users hosting a
> party with a bunch of people that they don't want to have to worry about
> how to give them a network password). However, gat ignores all of the other
> security and user impact issues. Can you imagine how the user experience
> will change when you change your SSID to include the _optout tag and then
> try to verbally tell someone what the new SSID is? Bonus points for dealing
> with users in a context where you've had the same SSID for years.
> On Jul 6, 2015 11:17 AM, "Richard Golodner" <rgolodner at infratection.com>
> wrote:
> 
>> There is a reason why my family loves open source. My kid is learning
>> Linux and she doesn't even know it. Mommy has an Android...
>> 
>> On 07/06/2015 12:53 PM, Jay Ashworth wrote:
>> 
>>>> From Lauren, a new "feature" in Windows 10 I think this community
>>> probably
>>> wants to know about, to the extent you don't already.
>>> 
>>> I *knew* I didn't like W10.  :-)
>>> 
>>> Cheers,
>>> -- jra
>>> 
>>> ----- Forwarded Message -----
>>> 
>>>> From: "PRIVACY Forum mailing list" <privacy at vortex.com>
>>>> To: privacy-list at vortex.com
>>>> Sent: Wednesday, July 1, 2015 8:03:06 PM
>>>> Subject: [ PRIVACY Forum ] Windows 10 will share your Wi-Fi key with
>>>> your friends' friends
>>>> Windows 10 will share your Wi-Fi key with your friends' friends
>>>> 
>>>> http://www.theregister.co.uk/2015/06/30/windows_10_wi_fi_sense/
>>>> 
>>>> In an attempt to address the security hole it has created, Microsoft
>>>> offers a kludge of a workaround: you must add _optout to the SSID (the
>>>> name of your network) to prevent it from working with Wi-Fi Sense. (So
>>>> if you want to opt out of Google Maps and Wi-Fi Sense at the same
>>>> time,
>>>> you must change your SSID of, say, myhouse to myhouse_optout_nomap.
>>>> Technology is great.) Microsoft enables Windows 10's Wi-Fi Sense by
>>>> default, and access to password-protected networks are shared with
>>>> contacts unless the user remembers to uncheck a box when they first
>>>> connect. Choosing to switch it off may make it a lot less useful, but
>>>> would make for a more secure IT environment.
>>>> 
>>>> - - -
>>>> 
>>>> --Lauren--
>>>> Lauren Weinstein (lauren at vortex.com): http://www.vortex.com/lauren
>>>> Founder:
>>>> - Network Neutrality Squad: http://www.nnsquad.org
>>>> - PRIVACY Forum: http://www.vortex.com/privacy-info
>>>> Co-Founder: People For Internet Responsibility:
>>>> http://www.pfir.org/pfir-info
>>>> Member: ACM Committee on Computers and Public Policy
>>>> Lauren's Blog: http://lauren.vortex.com
>>>> Google+: http://google.com/+LaurenWeinstein
>>>> Twitter: http://twitter.com/laurenweinstein
>>>> Tel: +1 (818) 225-2800 / Skype: vortex.com
>>>> _______________________________________________
>>>> privacy mailing list
>>>> http://lists.vortex.com/mailman/listinfo/privacy
>>>> 
>>> 
>> 




More information about the NANOG mailing list