Windows 10 has a feature, dubbed Wi-Fi Sense, that allows you to share any Wi-Fi pre-shared keys with your friends. Needless to say the security community hasn’t received this feature with open arms. Just because you trust a friend to connect to your wireless network doesn’t mean you trust all of their friends. But a lot of people have been trying to argue that this feature isn’t a big deal and people should stop being so worried about it. Some are even claiming that this feature is beneficial to security because it makes it easier for people to find encrypted Wi-Fi networks to join.
My focus when it comes to security is the individual. From my vantage point I see this feature as a risk to individuals who want to control who has access to their wireless networks. Ars Technica, while trying to argue that Wi-Fi Sense isn’t that big of a deal, inadvertently made the best case against it:
For a start, when a Wi-Fi passkey is shared with your PC via Wi-Fi Sense, you never actually see the password: it comes down from a Microsoft server in encrypted form, and is decrypted behind the scenes. There might be a way to see the decrypted passkeys if you go hunting through the registry, or something along those lines, but it’s certainly not something that most people are likely to do.
Emphasis mine. You can’t base your security model on the assumption that so long as something isn’t easy to do it won’t be done. Although Wi-Fi Sense encrypts pre-shared keys before transmitting them they have to be decrypted before they can be used. Once they’re decrypted they’re fair game for anybody who knows where to look. To make matters worse once somebody finds where the unencrypted keys are stored it will be trivial to write an automated tool for extracting and displaying them.
The biggest problem with Wi-Fi Sense it makes it extremely easy to lose any control over who has access to your pre-shared key. While it’s true that you potentially lose control over who has your pre-shared key the second you share it with somebody else this makes the problem worse because even a trustworthy person may inadvertently shard the key with all of their friends.
As with anything there are pros and cons. I’m not saying Wi-Fi Sense doesn’t offer any benefits. But I think a lot of people are sweeping major security concerns about the feature under the rug. You should be fully aware of the risks involved in using the feature and you especially can’t assume just because something is potentially difficult nobody is going to do it.
“but it’s certainly not something that most people are likely to do.” This is a flaw for thinking about security security is never about most people. most people are relatively benign creatures that do not actively seek to harm others in a physical or virtual sense, most people are good people so security measures to stop most people are mostly wasted. Its the minority who know about a potential vulnerability and exploit it. Wifi sense is a decent tool for a family to setup a network but once you let in an outside force your only security is how much you trust that someone else to protect your interests.