The promise of this feature, present since Windows 8x and Windows Phone 8x, and now an integral part of Microsoft’s client operating systems is great: with one call to enter your home or business router’s login credentials, you are now forever automagically logged into that router(s) from any device from which you are signed in via your Microsoft Account.
That ease of use, and better than that, the utilization of Microsoft’s global Azure infrastructure as your virtual [router] key-management repository is smart, and forward-thing.
The problem, as it often is, is in the implementation. And, scope expansion, of course.
Second issue first. For the Windows 10 era, Microsoft expanded the scope of the functionality of Wi-Fi Sense to include auto-logins of your friends whenever they come within the range of your routers.
How is this possible?
Well, as I understand it, Microsoft reaches into your account and that of your friend to determine if you are truly ‘friends’. Upon seeing that you both have each other’s contact information, you are deemed friends, and a router connection is created for the ‘friend’.
To Microsoft’s credit, the friend cannot see the password to your router. It is obfuscated.
The Implementation
Again to Microsoft’s credit, it is seamless, almost invisible.
Virtually no user interaction is needed.
Therein lies the problem!
There is no option to selectively allow friends, or to vet them before they are allowed network access.
There isn’t an option to enforce security or malware policies upon the ‘friend’.
There isn’t an option to quarantine the ‘friend’ in a DMZ until security policies have been enforced, or active or potential vulns have been remediated if the friend’s system didn’t pass security muster.
You are NOT informed that someone new has jumped on your network. Granted, the friend cannot easily navigate the devices on the network because of restrictions placed on this kind of access. However, feel confident to know that legions of hackers are probably picking apart this process in order to derive unfettered access channels.
You cannot select which network(s) to include in Wi-Fi sense. It’s all, or nothing.
You cannot remove your network from Wi-Fi sense. It becomes Lazarus. You can delete it from your current device or devices. However, be rest assured that whenever you update your device, all of your current and previous networks reappear, forever attached to your Microsoft account.
You cannot remove them. Even if the devices are no longer active.
You cannot delete them from your account. Even if the devices are no longer active. From all networks previously used by you.
All networks.
Whether temporary or permanent.
Meanwhile, Wi-Fi sense is turned on by default. You have to opt out.
Incredulously, someone at Microsoft thinks this is a customer benefit!
© 2002 – 2015, John Obeto for Blackground Media Unlimited
Follow @johnobeto