nanog mailing list archives

Re: Fwd: [ PRIVACY Forum ] Windows 10 will share your Wi-Fi key with

From: Joe Greco <jgreco () ns sol net>
Date: Wed, 8 Jul 2015 19:32:00 -0500 (CDT)

On 7/7/2015 5:39 PM, Joe Greco wrote:

Unclear at best. The way it is implemented, the user has the potential 
to go either way. A network might not want the user to have the 
choice, clearly, but there is certainly a subset of users who will opt 
out of the feature and I cannot see how those would be in violation of 
any sane network usage policy. It's certainly a mess in any case.


Now that windows mobile and desktop versions are converging, I doubt 
there is a way to really tell if a device is a PC or a phone or a 
tablet.  Some network administrators banned mobile phones from wifi 
connections because of Google's password storage violating their 
security policy.

Now administrators don't even get that knob.

We could fix it in a couple of ways (or, they could fix it.. depending 
on who pushes around money and if anyone cares enough to bother):

1.  Wifi sends password policy during handshaking.  If you save 
passwords you aren't allowed to connect here (or, you aren't allowed to 
backup/share this password) but we will allow the user to connect.  This 
can be transparent to the user and handled by the OS.*
2.  The client device sends "I am configured to backup/share passwords" 
to the wifi.  This allows the AP to either deny the user outright, or 
redirect them to a page explaining what is wrong or whatever.  This 
might be accomplished via DHCP option if we want to keep it all in software.

* The fact that we need an IEEE level fix for a security problem created 
by Google and then propagated by Microsoft is just pathetic.  These are 
two companies that should know better than to do this.


Yes, I agree.

It makes me wonder how much of this is new-feature-ism promoted by a
management that is looking at the(ir) big picture, then having people
without sufficient technical depth "do that new feature."

Or are they really drinking their own koolaid and thinking that everything
is in "the cloud" today and so there aren't local security concerns?

I best go before I delve into the truly cynical.

... JG
-- 
Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net
"We call it the 'one bite at the apple' rule. Give me one chance [and] then I
won't contact you again." - Direct Marketing Ass'n position on e-mail spam(CNN)
With 24 million small businesses in the US alone, that's way too many apples.

Current thread:

Re: Fwd: [ PRIVACY Forum ] Windows 10 will share your Wi-Fi key with your friends' friends, (continued)
- Re: Fwd: [ PRIVACY Forum ] Windows 10 will share your Wi-Fi key with your friends' friends Octavio Alvarez (Jul 06)
  - Re: Fwd: [ PRIVACY Forum ] Windows 10 will share your Wi-Fi key with Joe Greco (Jul 06)
    - Re: Fwd: [ PRIVACY Forum ] Windows 10 will share your Wi-Fi key with Sean Donelan (Jul 06)
    - Re: Fwd: [ PRIVACY Forum ] Windows 10 will share your Wi-Fi key with Bacon Zombie (Jul 07)
    - Re: Fwd: [ PRIVACY Forum ] Windows 10 will share your Wi-Fi key with Joe Greco (Jul 07)
    - Re: Fwd: [ PRIVACY Forum ] Windows 10 will share your Wi-Fi key with Valdis . Kletnieks (Jul 07)
    - Re: Fwd: [ PRIVACY Forum ] Windows 10 will share your Wi-Fi key with Joe Greco (Jul 07)
    - Re: Fwd: [ PRIVACY Forum ] Windows 10 will share your Wi-Fi key with Octavio Alvarez (Jul 07)
    - Re: Fwd: [ PRIVACY Forum ] Windows 10 will share your Wi-Fi key with Joe Greco (Jul 07)
    - Re: Fwd: [ PRIVACY Forum ] Windows 10 will share your Wi-Fi key with Robert Drake (Jul 08)
    - Re: Fwd: [ PRIVACY Forum ] Windows 10 will share your Wi-Fi key with Joe Greco (Jul 08)