Slashdot Mirror
Comcast Turning Chicago Homes Into Xfinity Hotspots
BUL2294 writes "The Chicago Tribune is reporting that, over the next few months in Chicago, Comcast is turning on a feature that turns customer networks into public Wi-Fi hotspots. After a firmware upgrade is installed, 'visitors will use their own Xfinity credentials to sign on, and will not need the homeowner's permission or password to tap into their Wi-Fi signal. The homegrown network will also be available to non-subscribers free for several hours each month, or on a pay-per-use basis. Any outside usage should not affect the speed or security of the home subscriber's private network. [...] Home internet subscribers will automatically participate in the network's growing infrastructure, although a small number have chosen to opt out in other test markets.' The article specifically mentions that this capability is opt-out, so Comcast is relying on home users' property, electricity, and lack of tech-savvy to increase their network footprint."
Comcast tried this in the Twin Cities area, and was apparently satisfied with the results, though subscribers are starting to notice.
Not only 2.4 but 5 GHz as well.
Disgusting waste of spectrum.
So what happens when people start connecting to your router and doing unsavory things. A couple I can think of, human trafficking or child porn, or less evil but still evil trying to get on the other side of your router. What about downloading Torrents? I mean we don't really know how good that firmware is do we? What if the FBI come knocking on your door one day saying, We noticed that someone at this address is doing some bad things. Come with us please.
Mean what you say...say what you mean.
SAVE US!
Think of the anonymity. How can I be accused of accessing or doing anything online if my online access point could have been accessed by anyone? My history is your history.
Gently reply
Since I already had routers running dd-wrt (yea..i know I should move to open-wrt/tomato), the first thing I did when I got Comcast was have them disable the wifi on there router and set it up so it runs as a bridge instead. I prefer to have as much control over my network as possible.
I was in the UK last year and you can pick up loads of BT open wifi hotspots you can connect to. These then piggy back on a home consumers network connection.
I'm very suss on this as I would have thought contention alone would be a hell of an issue but I assume it is rate limited in some way. I had a play for a couple of minutes trying to compromise my sister-in-laws setup and couldn't manage it but I am far from skilled in that area.
That, folks, is why you never use an ISP provided router. Of course at some point you'll be forced to "upgrade" to a modem with integrated wifi.
I am becoming gerund, destroyer of verbs.
External WIFI router and a Faraday cage. Just when you thought Comcast couldn't be more evil. Bam! F-you Comcast.
Brave Sir Robin ran away. ("No!") Bravely ran away away. ("I didn't!")
So long as this access point is separate from and invisible to my Internet access, I wouldn't mind. However since they are getting the use of my property and electricity, I would at least like reciprocity in the form of using these wherever else they occur, particularly from a smartphone (thus avoiding the need for a generous data plan). Comcast should also let the property owner decide whether this new access point runs in the 2.4 GHz or 5 GHz band, so as to avoid any slowdown of my own access point.
When you see someone parked in front of your house, masturbating in their car to porn via your network.... unplug your router before they can finish.
So now just make a fake Xfinity access point and harvest credentials of passing visitors. Then use those credentials across the country to pin your unsavory traffic on someone else. Free bandwidth for life!
So my cousin got Comcast internet at the business he owns. To do that Comcast wireless stuff they basically brought some piece of hardware that was separate from the cable modem and router for his business and stuck it in a closet near where the cable wire first came in the building. I'm guessing for homes they're going to do the same thing, have that extra box in your house somewhere but your cable connection wouldn't use it. (Admittedly the thing does use some of my cousin's electricity to run so it's not free for him.)
Did you know 80 to 90% of the moderators on slashdot wouldn't recognize a troll even if one dragged them under a bridge.
Was speaking to my Comcast rep at work, even business routers are bring converted, howevrr they will use a separate channel for the wifi network. Still sounds like a bad iidea to me.
This is nasty. Opt out if you can. If you can't, physically unplug the modem whenever you don't use it.
Cheers!!
Joseph Bacanskas [|] --- I use Smalltalk. My amp goes to eleven.
... it does. Comcast is pure evil.
Wansu, th' chinese sailor
What happened to the bandwidth cap? You know, cause the one household was sucking all the u-pron and warezing?
If one house has to provide for twenty or thirty coffee sippers warezing and u-proning, does the cap come into play?
If not, why was there even a discussion of capping bandwidth?
_ _ _ Go for the eyes Boo! GO FOR THE EYES!
dafuq. You are paying for that, plus it is your home network that you are opening up, and the isp believes he can decides who to allow or not in your network??
I will dump my comcast account, call my brother who has to have the best of the best and pays for all things comcast, get his log in info and hop on the neighbors signal.
Net savings? 29.99 a month until july, the 69.99 a moth after that.
Bring it!
_ _ _ Go for the eyes Boo! GO FOR THE EYES!
And get a 3rd party router.
Twinstiq, game news
Wow now Comcast should make them rent free if they want to do this.
Also Knowing how some times they can't even get cable tv right I don't really trust them to make so others can't hack in or lets say overload the box with users.
Sorry to repost - orig post was as AC... maybe someone will actually see this one. This is NOT an open Wifi network. You must sign in with a Comcast / Xfinity User ID in order to use the network, AND you are signing into SSID 'xfinitywifi', NOT your local, private, SSID 'Ithinktheskyisfalling'. I saw it pop up on my router last year and do not have a problem with it. Any activity on the xfinitywifi SSID in going to be associated with a specific user, probably not me. Looking at the current networks in my area, I see xfnintywifi on channels 3 and 6, also another 'un-named' network, on one or more channels, that is probably emanating from the same device or another close by, judging from the MAC addresses and signal strength. I have a Samsung Galaxy Tab 2, wifi only, that I use as my mobile device and connect to the XfinityWifi network, using an ID on my account, at multiple locations. I am glad they set it up and give me access to it. No, I do not have a smart phone. BTW - there are other networks, Optimum and TWC, that can also be used with your Comcast User ID. What was it that Yoda said? - 'The ignorance is strong with some of these...' or something like that.
Yes there are ways around this for tech savvy users. That's not the point. The point is Comcast pulling something like this at all - and the way they have gone about it - all say "we can't be trusted with the power we already have". What's to stop them from mandating customers use their equipment? Especially if they are the only show in town.
I hope this provides further fuel for efforts to stop Comcast's merger with Time Warner.
We have here a similar service with a former incumbent operator, which wonders of wonders has almost a virtual monopoly of cables services. The service itself is very useful and allow us to roam in most of locations without paying anything extra. Apparently it is a roaming authentication setup where you can authenticate in the modem of another customer, in a different VLAN/network and at limited speeds. (whilst at home you have 100 Mbps, roaming speeds appear to be on the range 5 to 2 Mbps). There are no dangers of someone knocking in the door of the other because of hacking/porn/whatever, all remote usage is linked to your account due to you logging with your id/password. The downside of this setup is that the 2.4GHz band is overcrowded, with most of the neighbours taking 2 (B)SSIDs. Often this situation compromises the quality of the service itself, both for the proper customer, and to the roaming service is equipment is providing. The situation has gotten so bad, I know of people installing repeaters at home, and I myself had to migrate to a new router in the 5GHz band to be able to work properly. I also disable the operator equipment and it works only in bridging mode, as the CPU capabilities are weak, and I don not trust the security if brings to my own network. There are also some persons who piggyback on the credentials and the family/friends, and use this service permanently with a (very) reduced Internet capacity. (As a side note, in both of my 2 houses in two different cities I can count as much as 40 BSSIDs when walking around the house)
And what exactly is stopping a bad guy from setting their network's SSID to 'xfinitywifi' and hijacking traffic? That's one reason I don't trust public hotspots in general, it's too easy for someone else to impersonate them and while I can and do protect my computer against attack from malware I can't protect my network traffic from the access point I'm connected to.
As far as "logging in" with their user ID, I doubt Comcast has set up the infrastructure to do 802.1x authentication and most clients aren't configured to handle it. They're using browser-based authentication, which means your computer will connect to any AP using SSID 'xfinitywifi' without prompting you and all your traffic will be accessible by that AP. A simple Web server mimicking the signon page coded to accept any password and you won't notice a thing.
BUT, do the "external" users all get a separate IP address, guaranteed NEVER to be linked to your address for a cop stomp (because they have, and will continue to, assault suspected child porn fans)?
This is nothing new. BT in the UK have been doing it for a while and it all originated (I think) with the Fon project. Which may have started in Spain, (though I'm happy to be corrected).
The bandwidth available to the public network is limited and it collapses to zero if you're using your own network flat out.
Also it doesn't get included in your traffic cap.
So the obvious worries are unfounded.
Whether you trust them technologically to get it right and keep it separate is a different matter. And yes, anyone can set up a rogue hotspot that captures credentials. But that was possible with any branded national hotspot network before.
BT have a smartphone app that will automatically connect a BT broadband subscriber to any shared private/public network of this sort that it finds, making it possible for me to walk most of the way across town with continuous wifi access on my smartphone. But it's a flaky app and also rather stupidly only allows you to search for available hotspots on a local map IF you're already online (doh !!). I'd find the same app for my laptop very useful but it seems not to exist.
The biggest pain I found with the whole dual network thing was that the public side of it is a "freely connectable, fill in your details on the first webpage you see" sort of thing. This means your PC may arbitrarily connect to it instead of your own "proper" network sometimes. (until you actively tell it not to), then find it can't actually do anything.
What they have NOT offered (and which would be rather useful) is the facility to setup a guest network in your house. What they currently offer is only a guest network for BT (or in the OP, Comcast) subscribers.
To be fair, they announced it beforehand and do allow you to opt-out (clunkily) at the price of no partaking for you elsewhere either.
My experience is that the (cisco) CPE firmware is shoddy and will fail in mysterious ways, and that this is pretty hard to tell the support people. They'll just (have you) reset the darn thing and skip on fixing the underlying issues. Too bad it's DOCSIS and so harder to replace with own equipment than, say, ADSL would be. Similarly, the promised "you won't notice a thing" (in your bandwidth) is not quite true either, and the wireless easily becomes downright unstable. As such, nice idea, technical execution not so professional.
Note that they supposedly separate the traffic streams entirely and since the logging in on the "public" hot spot involves a separate username/password from presumably their centralised credential servers, abusing hotspots elsewhere should't reflect on the people yonder, but on whoever is tied to the credentials used. Assuming the ISP does their job right, of course.
it does congest the band though.. if everyone in the area has comcast (likely for a given area), now we have 2x as many accesspoints to contend with.
In theory they should. But you have to trust Comcast to properly research the logs and determine that that IP address assigned to your modem (since the WiFi's part of the modem) was assigned to the public WiFi side and not your account. I'm not sure I'd trust Comcast with that when the consequences of them getting it wrong are so serious, I'd prefer to keep control over access. It may not stop all possibility of illicit access, but at least it'll be something I could have done something about.
Lots of people do this all over the world.
The last time I was in Paris for an extended stay, back in 2009, at least one of the major ISPs was doing this on all their customer routers. The world did not seem to come to an end (or at least I haven't noticed it - maybe I'm oblivious). I can't recall if it was SRF, Numericable or Orange or "free" or one of the other big telecom companies, but they certainly had a lot of hotspots. They might have started working with FON to get an international system going I seem to recall.
https://corp.fon.com/en
The "public" wifi did not eat into the subscriber's bandwidth or whatever data caps they had. I don't know how (or if) they addressed the potential for honeypots stealing credentials.
Same principle here in Germany.
But Deutsche Telekom is not doing this as an opt-out thing, but as opt-in - plus you need a certain router model. I bought the (inexpensive) router and opted in, because now I can use all of these home router hotspots, plus all FON hotspots worldwide, all Telekom hotspots (in public places, at McDonald's, in high speed trains). The public hotspot users get very low QoS, so they don't harm my VDSL connection.
And the best thing: All I have to do to keep using it is connect the home router at least once every 30 days. So since the router is not my primary choice, 99% of time I'm freeloading and using my custom router, all the while keeping my hotspot privileges.
If the WiFi Network is a separate SSID and the traffic is routed straight outside, I don't see any huge problem with this. Except that Comcast was a rip-off last time I checked, so if they are going to be using everyone's private locations to improve their coverage, they could at least give you a discount for it. The whole "But it's using my electricity", etc. is a bit silly. The router is likely to always be on 24/7 in your house anyway, and it's doubtful that it uses much more power over the course of a year just because there is some occasional visitor accessing it from nearby. Opt-in sounds great, but we are talking about cable company internet customers. These are not the informed types that have Covad or Speakeasy run to their homes. These are the Joe Sixpack that buy the local cable or telecom internet (and the crappiest consumer package at that). If you don't make it opt-out, nobody will opt-in because they likely won't understand it, much less bother with it.
Was the threat of lawsuits from what people did on your connection enough to abandon the thought of everyone being cool to each other?
God spoke to me
How hard is it to set up a router with the network ssid "xfnintywifi " and gather up all the username/password combinations that people use to log on? Not hard at all.
Best Slashdot Co
In general... Request any important statements IN-WRITING. When they ask why, you can tell them that you want your lawyer to review it... They might say they don't / can't do that, but just insist, and they will do so, as they must.
Mark my words, what you get in writing is often completely and totally different than what you've been told verbally. You can record your calls, too, and it's legally admissible if you tell them you're recording, or their system tells you it might be recording... but it doesn't have the same psychological effect as explicitly telling them you want a hard copy for reference.
IMHO, nothing they've claimed is impossible, just unlikely... A combined DOCSIS modem and wifi AP *can* certainly uncap your bandwidth when third-party users log-on. It *could* also have dual radios, so 3rd parties are not even on the same channel as your WiFi. It *could* be issuing a second IP so customers can't troll /. and get your IP perma-banned. And the firewall *MIGHT* just be good enough to ensure that those customers can't possibly reach your inside network even with lots of forged packets... But I doubt it. And I bet what you get officially, in writing, will instead say there's potential for problems, and offer you some minor compensation if they've screwed up and your home network is hacked wide open...
Slashdot gets worse every day... Pipedot: News for nerds, without the corporate slant
Comment removed based on user account deletion
One small comfort for these consumers would be, "Well, this IP address that downloaded prOn via tor and paid for it using bitcoins stolen from MtGox was assigned to my home address, I don't dispute that. But some one using Xfinity wifi account piggy backed on my router without my permission and did that. It must be that way. *I* would never do such a thing. And one the neighborhood kid was seen walking around with eyes glued to the smartphone screen oblivious to everything. He must have done it."
sed -e 's/Chuck Norris/Rajnikant/g' joke > fact
There is a clear different network between you and the "public connectors".
They also need to log in with their Comcast credentials, so it's only them whom can use this "public access".
The point is not other users leeching of your connection, the point is you get to use wifi in a lot of places where other Comcast users opened their network.
I have a client (a business) in Montpelier, Vermont who had their residential cable service upgrade to "business" class. I was there while they did the work. While they were still there I checked out their work and found the extra cable modem and WiFi router and asked them about it (this was two additional devices off of a splitter). They informed me that it was part of the Xfinity service to provide a public hotspot. I said great, what is the login credentials so visitors to the office can use it. I was informed that since they were a business they (the client) was not permitted to use it and it was only for other Comcast users. I then proceeded to closet where everything was and unplugged the modem and hotspot and only left the business class modem they left. You could tell that they were pissed but could do nothing about it.
What pissed me off is that the client is paying for the electricity and hosting the device for Comcast and not allowed to use it. To top it all off, the stuck a sticker on the clients front window advertising the hotspot with out asking (this is a law office). Needless to say, I ripped that sticker off the minute I saw it.
In the UK, BT has partnered with FON and automatically advertises BT-Fon hotspots on consumer routers.
I haven't seen any objections to this.
One upside (which I did occasionally find useful when I was on BT) is that they allow the homeowner free access to any wifi hotspot in the BT-Fon network.
VLC Remote for iPhone and Android
It is important to remember that Comcast subscribers pay extra for a Comcast supplied wifi cable modem (at least in Minneapolis). Really silly of people not to notice.
And that's a fair model. Make it opt-in with a caveat: you can only use *other* people's public hotspots if you opt-in to providing one yourself.
That gives you not only a choice, but a fair value return for the service of hosting wifi from your property.
Unless Comcast assigns the public side of their router a second IP. Better check before visiting those CP websites.
Have gnu, will travel.
As long as Comcast keeps the free wireless on its own network,
Can I hack my 802.11 stack and increase my bandwidth using channel bonding?
Have gnu, will travel.
Bunch of calls. I had tech questions about their product. They had no answers. Gave me the run around. One person even hung up on me.
My question was whether I could turn off the wifi permanently, or would it always default on after a reboot. Never got an answer.
The other question I have is the wireless radiation level. My new NetGear puts out 22,000 microwatts per meter squared.
Anyone taken a meter to their Comcast router? With multiple bands I bet it is also in the 20,000 range...
I come here for the love
it does congest the band though.. if everyone in the area has comcast (likely for a given area), now we have 2x as many accesspoints to contend with.
Wrong. Just because an access point now handles two SSIDs does not mean it grew the extra hardware to handle two separate WiFi channels overnight. All access points have been able to handle 4 independent SSIDs for the past 10 years at least, but all four are always on the same frequency.
Will Comcast sign a legally-binding agreement that, in the event that someone uses your hotspot to plot with Al Queda, or d/l kiddie porn, or whatever, that they'd defend you to prevent you from being charged in connection with it? Which of them will go in your place to Gitmo, or San Quentin, or whatever....?
mark "not a chance in hell I'd agree"
You'd think that Comcast would segment the public wifi traffic from your LAN traffic. You know, that would be the smart thing to do...
Do they do this? I have no idea. I got tired of reavering my neighbors and gave in to paying for Comcrap late last year. Fortunately I'm in such a remote location, I doubt they'll ever enable this feature in a town with two stop signs and a grave yard.
640k ought to be enough for anyone.
So for once Comcast actually brings a new useful feature. What is the reaction? Legitimate criticisms like (it seems) the lack of share and share alike rule (1) or the lack of a partnership with Fon which would extend the community abroad.
No, instead we get everyone trotting their paranoïa about this newfangled functionality that they don't know anything about. It does not matter that this new functionality has been in use in many countries without trouble for years. They worry about hotspot users accessing their private Wifi (non issue as the separate Wifi channel and routing keeps things separate), complain about spectrum pollution caused by the extra SSIDs (moot as the extra SSID is on the same channel), worry about the FBI breaking their door for copyright violations caused by other customers (hotspot access is tracked so the ISP will give the right name and address to the FBI), worry about data caps (again hotspot access is tracked separately), bandwidth usage (it's easy to limit the hotspot bandwidth usage and lower its priority).
Has the USA really become the land of the backward and tehnophobic people?
(1) The rule would be: if you disable this feature, that is if you don't share your bandwidth with other customers; then you cannot use the other customers' access points/bandwidth when you're away from home.
As long as it does not impact personal use at home, this will be a great service no one will want to give up once they are used to it. Of course, there will always be leechers that want to use, but not provide.
Love the map available without credentials (hotspots.wifi.comcast.com). Comcast just told everyone in the world, "Hey! There be laptops and tablets in this house!"
Reminds me of pleaserobme.com.
If the routers were able to simultaneous wifi networks the whole time, why wasnt this functionality made available to the device renter? I wouldnt have minded a separate network accessible only to my guests. I suppose the company figured out that we would use it for exactly what they wouldnt want us to use it for. Namely, run two separate networks and split the bill for the connection with a neighbor.
Aside from the security and bandwidth issues which can be dealt with, the real issue here, IMO, is that Comcast is doing this and STILL charging their customers out the yingyang. They want to create a public Wifi network around the urban areas, fine, great I am all for it. However, prior to this feature, which lets them do it, they would have to pay rent on antenna and transmitter/receiver space. Now they put it in your home and then charge you to let them create this public net? I don't think so, not for me. The would need to either pay me or give me a steep discount to allow this and every single one of their customers should say the same thing. Why am I going to pay to support Comcasts infrastructure?
Knowledge is Power The Power to Heal The Power to Harm The Burden of Choice
All routers supplied by major UK ISP BT (British telephone) reserve 10% of bandwidth for public access to router, but on a separate log in. BT-Wifi OR BT-FON, thus you as a deal if you permit this 10% sharing [Itis an opt in service] can thus access any free BT WiFI or BT FON elsewhere away from home or in home. On 'find all wireless signals' my router detects My WiFi , neighbours's WiFi all named and locked encrypted and two other signals BT FON and BT Wifi unencrypted available to visitors (thus their doings not on "my ISP" logs or outsiders not on "my ISP" logs). I find it useful at home and abroard.
Regards Eion MacDonald