[181861] in North American Network Operators' Group
Re: [ PRIVACY Forum ] Windows 10 will share your Wi-Fi key with your
daemon@ATHENA.MIT.EDU (Owen DeLong)
Mon Jul 6 16:28:10 2015
X-Original-To: nanog@nanog.org
From: Owen DeLong <owen@delong.com>
In-Reply-To: <CAGNc-gCYtSimijfUZf3PwKR6acdj4UijvqpTMZo2eamukhhevg@mail.gmail.com>
Date: Mon, 6 Jul 2015 13:28:00 -0700
To: "Daniel C. Eckert" <dan@drakontas.org>
Cc: nanog@nanog.org
Errors-To: nanog-bounces@nanog.org
Yes and no.
It=E2=80=99s not about licensing, but it is about the fundamental =
difference between open
and closed development models.
When you make a stupid product design decision in a vacuum (closed =
model),
and only the people drinking the same kool-aid ever see your decision on =
a source
code level, it=E2=80=99s a lot easier to ship that bad decision out into =
widespread use. Further,
the people now afflicted with your bad decision are beholden to you in =
order to get
a fix for the problem(s) it has created.
OTOH, when you try to do something stupid like this in the open source =
world, there
are far to many eyeballs looking at what gets submitted for it to last =
long. Anyone and
everyone can contribute a fix. Any victim has access to everything they =
need in order
to fix it themselves.
Owen
> On Jul 6, 2015, at 11:29 AM, Daniel C. Eckert <dan@drakontas.org> =
wrote:
>=20
> This isn't really an open source issue -- anybody can make foolish =
product
> design decisions regardless of licensing model. This is more about a =
vendor
> producing a feature that deliberately and shortsightedly creates a =
slew of
> problems impacting almost all existing networks anywhere. It's highly
> convenient feature for a specific, limited use case (home users =
hosting a
> party with a bunch of people that they don't want to have to worry =
about
> how to give them a network password). However, gat ignores all of the =
other
> security and user impact issues. Can you imagine how the user =
experience
> will change when you change your SSID to include the _optout tag and =
then
> try to verbally tell someone what the new SSID is? Bonus points for =
dealing
> with users in a context where you've had the same SSID for years.
> On Jul 6, 2015 11:17 AM, "Richard Golodner" =
<rgolodner@infratection.com>
> wrote:
>=20
>> There is a reason why my family loves open source. My kid is learning
>> Linux and she doesn't even know it. Mommy has an Android...
>>=20
>> On 07/06/2015 12:53 PM, Jay Ashworth wrote:
>>=20
>>>> =46rom Lauren, a new "feature" in Windows 10 I think this community
>>> probably
>>> wants to know about, to the extent you don't already.
>>>=20
>>> I *knew* I didn't like W10. :-)
>>>=20
>>> Cheers,
>>> -- jra
>>>=20
>>> ----- Forwarded Message -----
>>>=20
>>>> From: "PRIVACY Forum mailing list" <privacy@vortex.com>
>>>> To: privacy-list@vortex.com
>>>> Sent: Wednesday, July 1, 2015 8:03:06 PM
>>>> Subject: [ PRIVACY Forum ] Windows 10 will share your Wi-Fi key =
with
>>>> your friends' friends
>>>> Windows 10 will share your Wi-Fi key with your friends' friends
>>>>=20
>>>> http://www.theregister.co.uk/2015/06/30/windows_10_wi_fi_sense/
>>>>=20
>>>> In an attempt to address the security hole it has created, =
Microsoft
>>>> offers a kludge of a workaround: you must add _optout to the SSID =
(the
>>>> name of your network) to prevent it from working with Wi-Fi Sense. =
(So
>>>> if you want to opt out of Google Maps and Wi-Fi Sense at the same
>>>> time,
>>>> you must change your SSID of, say, myhouse to myhouse_optout_nomap.
>>>> Technology is great.) Microsoft enables Windows 10's Wi-Fi Sense by
>>>> default, and access to password-protected networks are shared with
>>>> contacts unless the user remembers to uncheck a box when they first
>>>> connect. Choosing to switch it off may make it a lot less useful, =
but
>>>> would make for a more secure IT environment.
>>>>=20
>>>> - - -
>>>>=20
>>>> --Lauren--
>>>> Lauren Weinstein (lauren@vortex.com): http://www.vortex.com/lauren
>>>> Founder:
>>>> - Network Neutrality Squad: http://www.nnsquad.org
>>>> - PRIVACY Forum: http://www.vortex.com/privacy-info
>>>> Co-Founder: People For Internet Responsibility:
>>>> http://www.pfir.org/pfir-info
>>>> Member: ACM Committee on Computers and Public Policy
>>>> Lauren's Blog: http://lauren.vortex.com
>>>> Google+: http://google.com/+LaurenWeinstein
>>>> Twitter: http://twitter.com/laurenweinstein
>>>> Tel: +1 (818) 225-2800 / Skype: vortex.com
>>>> _______________________________________________
>>>> privacy mailing list
>>>> http://lists.vortex.com/mailman/listinfo/privacy
>>>>=20
>>>=20
>>=20
