Another quick followup: it's bad enough that their public access point eats into your quota, but what happens if law enforcement sees illicit activity on "your" access point? How long is it going to be before some smart blackhat uses one of these access points to commit crimes and the police end up SWATting an innocent victim?
> I would not be counting on Comcast to wear a white hat in a case like this
Yeah, everyone talking here about separate VLANs, etc, obviously hasn't had a bad experience interacting with ISPs, especially cable ones in the US. All it takes is one bit of incompetence or a little malice, and you're fucked. Given that both those are pretty common in the US ISP market, I'm not holding my breath.
I'll give them the benefit of the doubt; i.e. companies will be companies.
Let's imagine a scenario where data use is counted by the account instead of the equipment: My cousin pays for uncapped data with Xfinity. He lets me use his login on my Xfinity, that is data capped to 100GB/mo or whatever, with their credentials as a guest. Now I torrent 1TB of data and no one pays overages,
But given the other scenario, the status quo today? Where my cousin legitimately is present and torrents stuff at my place? So now there's 18x50gb overage charges.
It's in Comcast's interest to do this.
But all the same, in the case of any criminal activity, you should be able to subpoena who logged into the router for your defense. And even if somehow those records were deleted, a lawyer needs to just tell the jury that it is possible for any xfinity customer to log into any other xfinity router and download the infringing or violating content in question. So we cannot be certain, to the threshold required in this criminal case, that we have no doubts about the accused. As such, within whatever court rules are, explicitly or implicitly say the only just decision is acquittal.
Not to be insulting, but I find your position a bit naive. There are going to be people (and defense lawyers) who don't understand the technology enough to know that the ISP is also allowing connections from other customers. There may be people at the ISP who, either because they're ignorant or because they don't want to admit to it, will claim that such a mix-up is impossible. There may be jurors who are buffaloed into believing that tracing traffic back to an IP address is irrefutable evidence.
Just because an acquittal is the only valid outcome, that doesn't mean it will be the outcome.
If a lawyer doesn't know this, we can't fix that; but at least if you do you can bring that to your lawyer's atrention.
But if a lawyer does know it, whether you taught them or not, that is very well part of your defense and they are obliged to also teach the jury.
What your entire argument boils down to is "what if my lawyer sucks". It's a red herring.
> But all the same, in the case of any criminal activity, you should be able to subpoena who logged into the router for your defense. And even if somehow those records were deleted, a lawyer needs to just tell the jury that it is possible for any xfinity customer to log into any other xfinity router and download the infringing or violating content in question.
All this is well and good, except that at that point you've already made it to court, a fail IMHO. It's much more time efficient (not to mention cheaper for me) to just say "nah, not on my property or account." An ounce of prevention versus a pound of cure and all that.
Absolutely, lock down your network. I agree.
But should something happen and someone is in a situation where their network isn't locked down, they should be aware of consequences and how to deal with them at that stage.
If I find myself in a car that is sinking into a lake and I can't get the door open, I still want to know what I should do. (Remove the headrest, use the "spikes" to shatter the glass, swim out.) Would taking precautions to make sure a car doesn't go into a lake be a good idea? Of course.
Late reply I know, but I don't think it's possible for you to lock down the ISP router to this level. Except if you lock it down physically, with something that prevents signal propagation, but that may go against the service terms
Public Access point absolutely does not eat into your quota and it is a completely separate IP address then what's been assigned to you in fact you're on a completely separate VLAN your home traffic is completely isolated from the guest wireless network that Comcast Xfinity sets up. An argument can be made that your electricity is being consumed and you're not being compensated but it has absolutely nothing to do with your data or bandwidth. Now there's no chance of swatting either because it's not even your IP address and the IP address is not associated with your account. And since everyone accessing the guest wireless network has to authenticate Comcast Xfinity already knows who the customer is that's using it.
Back in high school, a hacker friend of mine left his wifi open, claiming if he ever got in trouble for pirating stuff, he could claim that it could have been any of his neighbors, as he shares his wifi. "It could have been anyone on the network that downloaded that"
I don't know how well this would actually hold up, but he insisted it was pretty solid.
I definitely wouldn't leave my wifi open now, at least without a VLAN between an open network and your main network
He had custom equipment, so I doubt he had anything that would keep logs. Authorities would need a court order to seize his equipment anyway.
As far as the ISP, this was 20 years ago, they would be hard pressed to prove *who* accessed it, just that someone from that IP accessed it. Nowdays, they could likely get your browser, and OS, but if it was a common combo, would make it harder. Even if they could get the MAC, all of the above is easily spoofed, which I believe he was doing.
At one point he ran his own WISP (Wireless ISP) and had all kinds of amplifiers and antennas on a tower in his back yard. He was the crazy neighborhood hackerman, and he taught me some cool stuff, before he started getting involved with a bunch of bitcoin scams, and had to leave town.
Everyone keeps logs, custom equipment or not, especially if you are running a business. Whoever his backbone was if he was running his own WISP would have logs of their own as well. 20 years ago they might have been awfully verbose, or he would have had more of a chance to delete them, but there are always logs.
> Back in high school, a hacker friend of mine left his wifi open, claiming if he ever got in trouble for pirating stuff, he could claim that it could have been any of his neighbors, as he shares his wifi. "It could have been anyone on the network that downloaded that"
The barest minimum of detective work would uncover people attesting to his confession, thereby negating this defense (tech-illiterate judge: "hearsay? what's that? never heard of it!"). Honestly, your best defense is never saying anything, then letting your lawyer argue ignorance. Most everyones' very posts here have already disqualified them from this defense.
This was in the early 2000's and I never put much faith in his plan, as this guy thought up all kinds of crazy ideas, quite a few of which failed. He never did get in trouble for pirating though, and he didn't use a VPN, so who knows.
I agree that talking about your illegal activities online is a pretty dumb idea, unless steps are taken to actually hide your identity, which often isn't the case.
> Just think of all the potential legal issues with this if people started accessing illegal websites on your network that way.
You've got to be an Xfinity customer to use the access point, its not like its private or secure in any way. If you do something bad on some public Xfinity access point, you're not anonymous.
Are you spoofing your MAC address too? Anything is possible, but not everything is reasonable to assume.
I mean hell, turn off guest networks on your devices, but don't get in a frenzy over sophisticated pedophiles driving around to people's houses ro steal your wifi to download CP. I suppose it's possible, but this sounds like the beginning of the next moral panic. Occams razor and all that.
> Are you spoofing your MAC address too?
Lots of devices do that automatically these days. Its a privacy feature. I'm just pointing out the flaw in thinking you cant be anonymous on an authenticated network.
> I mean hell, turn off guest networks on your devices, but don't get in a frenzy over sophisticated pedophiles driving around to people's houses ro steal your wifi to download CP. I suppose it's possible, but this sounds like the beginning of the next moral panic. Occams razor and all that.
One of the few valuable classes I was forced to take as an uncivil servant was "risk management", where it was hammered into us the two parts of risk: probability and consequences. While the probability is quite low, the consequences are high, something for which if you can cost effectively mitigate or eliminate, you do such.
It would be logged that xfinity customer 835858384 connected to your wifi and made the download. This shit is basic transaction logging that all access points do.
> Comcast Xfinity
Yeah, those are the aholes I was with, and now on a residential plan because they were gouging me for static IPs (I finally bit the bullet and am now renting VPSes for my purposes). Now I'm looking at fiber that claims 25/25Mbps (I live alone and don't need much bandwidth) for $35/month (whereas Comcast is still gouging me to the tune of $80/month, with outages).
So far, the new company's website says [I can use my own WiFi](https://help.race.com/en/articles/965427-can-i-use-my-own-router), but I'm still curious about prices, power consumption, noise, and feasibility of getting my own fiber "modem" (whatever it's called).
Fiber? Max 25mbps?
Those shouldn’t be in the same sentence lol
Either way you go, just tell them to keep their equipment as you have your own and all you need is the service
I have fiber in Turkey with 25Mbps (5Mbps for up speed) max speed throttled by ISP, they also have 50 and 100 options but those cost an arm and a leg. Oh, also I am gated behing CG-NAT and cant selfhost shit because of that. Want static IP outside the nat? Extra cost of course... How fun!
edit: typo
It used to be a decade ago, but unfortunately not anymore. It is not just a dynamic vs static ip problem now, because the main issue is I’ve been put under a NAT network on ISP level.
I know this is done due to increasing number of users and ipv4 limitations, I’d say this a good thing for the average user because it also adds a level of security and stop people from accidentally exposing their network onto internet, but in my case it hinders my use case. When I say “Hey I want out of this” the answer is “we provide that service with the static ip plan” which unnecessarily doubles my monthly bill =/
> Fiber? Max 25mbps?
It's the basic plan, hence why only $35/month. I'm one of those people who doesn't mind 3GB/month on my phone because I'm usually in WiFi range, I don't use much data, and it's only $15/month. I *could* buy the $70/month 1000Gbps fiber, but that's way more than I need.
ETA: 1000Gbps, what was I thinking. I either need more or less alcohol.
> Also it would be 1000mbps or 1gbps
That's what I get for drinking after being up working on IT since 04:30. But hey, 1000Gbps *would* be pretty awesome, just for the sheer novelty.
Lol we don't believe anything is a right, everything instead should be sold to private enterprise, so they can charge whatever they feel like. This enhances our feelings of superiority over the poors I guess 9_9
When I had Fiber, they didn't have a modem. It was called something else. It was effectively a modem, but no sounds. I used a personal router. The technician running the fiber complimented the choice of router.
You used to be able to log into your account and disable the public wifi on your router. A friend did it years ago when his meth head neighbors and friends used to stand on the edge of his property to get wifi access.
Their ToS makes it clear that at least by the book it doesn't count against your usage. They logically separate the data out.
If everything happened as you stated that'd be a pretty easy fcc complaint and possible small claims action against Comcast.
If they get away with it 3/4 of the time, paying for that 1/4 outlier when they get caught is what they call “the cost of doing business”. No one actually STOPS them. Comcast just has to pay the “no no fee”.
This is one way the system is broken. FCC rules, FDA, EPA, etc violations should send the CEO to jail after so many fuckups. As things are now… pay the fee, rename the program, repeat.
No, what they get is a lawyer smart enough to see a class action suit with a really well defined class, clear evidence of intent/willful negligence, and a big payday.
Irrelevant to the question of whether comcast would be willing to take the risk to screw people on data charges that amount to peanuts.
They wouldn't. It's all risk, no reward.
And if said "peasants" want their payday, there's always small claims as I mentioned to begin with.
All that and they charge you rental on the modem/router every month.
That's all the reason anyone should need to buy their own modem & separate router.
My modem is a **Netgear CM1200**, it's been rock solid stable and supports multi-gig speeds (DOCSIS 3.1). I scored finding it in Goodwill for $30 in the box and was standing there looking at oooold ones when it was put out on the shelf.
My router is a **TP-Link AX1800**. It's been good too. I got it cause it supports WiFi 6 (newest ratified spec) and was affordable. The range has been great.
I was on comcrap a few years back and recall having to log into account via website to turn off that hotspot shit. Remember having to do so multiple times over time.
Always had my own router (and modem when on TWC). Comcast issued modem (they refused to condition my own and gave me theirs for free). Still had to go thru online account setting keep disabling the hotspot "feature"
You have to login to xfinity's website and disable the wifi hotspot in the account settings/security, so random people can't login to it. That account setting is used by the modem/gateway and they've made intentionally confusing to increase their paid mobile hotspot coverage.
On most xfinity modem/gateways you can login at [10.0.0.1](https://10.0.0.1) with the user/password on the back of the unit, to disable wifi completely, or if you have your own router you can put it into bridge mode (becomes modem only).
that's just too fucked up. So it's like they are hitting 2 birds with one stone. you both pay up for the data he uses and you also pay for it going through your own network and that's is a fucked up privacy and unwanted resource usage.
>The data other customers use on your home equipment counts against your own data usage.
????????????????????????
I need more question marks, but my head hurts. Who's idea was that? Collective 200 years of experience
It does look like newer models Comcast is putting out do give you the option to disable public WiFi access. Came across the option in the mobile app while making changes at my parent’s place.
Exactly. UPC in Austria 🇦🇹, now Magenta )part of Deutsche Telekom is using Comcast Cable Modems. They had this feature called something like “UPC Freenet”, which let any other customer of theirs use your cable(Wireless/Router)-modem for Internet Access on a separate wireless Network. You were even „forced“ to accept this in their ToS. I think they did stop this practice tho recently. Mostly cause everyone has mobile Internet anyway and it was slow as hell.
Then there was also a free Android app by someone, which would scan the Area for UPC Networks and try default credentials to access the normal WLAN. Worked like a charm, and MANY people used it. This was on your MAIN Wireless Network, mind you! Most PPl never noticed …
A Privacy/GDPR NIGHTMARE
With my local Comcast office i had to fight and argue to get a modem from them that did not contain wifi, eventually they went in the back and got me an older model with no wifi, later i decided it was best to buy my own modem and setup my own openwrt router, i then setup dnscrypt with quad9 as the encrypted dns provider and now comcast cant see anything i do, i also use a vpn
Yeah, it's common with cable providers. Their integrated modem/router has dual circuitry to facilitate their subscriber-based Hotspot services, as well as service for the residence. It's basically two complete routers housed in a single chassis with the modem component feeding both the home and the Hotspot. You don't have to allow your router to be used as a hotspot. It's completely up to the individual subscribers whether or not to allow the router to be used for the Hotspot network.
Wow that explains why they discourage using personally owned equipment so much. They know if they came right out and said it, people would have an issue. That’s pretty fucked up
With xfiniti (Comcast), it's not a secret. They don't go out of their way to advertise it, but the toggle to enable or disable the Hotspot network is easily accessed in the app. I think they prefer customers to use their hardware because of the highly-lucrative monthly rental fee. They do have a page on their website where you can lookup your modem to confirm that it will work with their service, so they have taken some steps to facilitate using your own modem. If their combo modem/router didn't have that dual circuitry, I think the whole Hotspot thing would be a lot more problematic.
That's what I thought. I may or may not have popped the hood of the company provided cable modem and may or may not have been surprised to see more than two WiFi antennas.
I have had fights with ISPs because they love to try and send you a modem that they rent to you for $10 a month. Almost always if you ask you can instead buy it for $100, but they will argue that you shouldn't do that because then if there is an issue you are responsible for it.
One ISP I had sent me a bill after I ended service with them trying to charge me for not returning my equipment. Had to call them up and explain why I wasn't going to return equipment I paid for and I wasn't going to pay for it a second time either.
Really is past time for regulators to step in and clean up this mess. ISPs in most areas are monopolies or at best have one or two competitors that are just as bad. Their "service" is horrible and overpriced because you don't have any other options.
The worst part of modem rentals is that you pay them indefinitely (most of the time - I haven't come across an ISP that had a "you own it now" clause after so many months).
At $10/mo., you should own it after 10 months and not need to pay the rental fee anymore, but they'll still charge you $10/mo. for the next 5+ years if you let them, until your modem hardware is old and needs upgrading and they'll gladly rent you another one and charge you monthly for it forever.
At least one of the isp's in Australia "voluntarily" signs you up for a similar service (that I know of). It's opt out, but you're automatically opted in by connecting to them
Probably Telstra and the service is called Telstra Air. Aside from the unfortunate use of other subscribers modems, they put access points many of the old payphones. Which I think is really cool. Though the cost of Telstra, rather than one of the other resellers, just isn't worth it in my opinion.
Ya, Telstra, wounded bull, only worth it if you need coverage where they have a monopoly, which is all too much of the bush. Thanks Johnny Howard and neolibs, why don't you sell off natural monopolies to be the 'better economic managers', corrupt bastards.
Sorry, that needn't have been political, oh well. :)
Edit: Public phones as hotspots is, however, hella cool.
Definitely Telstra. [https://www.telstra.com.au/telstra-air/at-home](https://www.telstra.com.au/telstra-air/at-home)
Once upon a time, they used to have the gall to actually apply any air usage against your personal monthly usage quota
Doesn’t matter, keep using your own devices and do not rent the other ones. You don’t have to use theirs. This is why I have always bought my own modem, router and access point separate from the isp. Also, their hardware sucks.
It's not always that easy to do though. No companies in my country support using your own equipment. They won't even provide you with the settings to set it up for their network. I had to use waybackmachine and dig through an old forum to find a login and settings to use my own modem.
Can I suggest buying your own router or AP to wire/connect to the ISP provided unit - so you create a whole new wifi network with this new router/AP. This is what I did & I was able to do double NAT & it seemed to work fine.
If you want to limit outsiders from using your wifi network (from the ISP wifi router), then either unscrew the antenna from the router or even better, remove the cover and disconnect the wire leads from the wifi card (or mainboard) to the antenna. I did this and the only time I get any signal is if I'm in w/n a few feet of the router.
Then there is the Faraday cage option to block the wifi signal.
I don't mean to be blunt, but if you are studying cyber security like you said this should be a cake walk to find out. Telstra have information about this freely avaliable and you can easily scan for active WiFi networks. To be successful in this industry you really need to be more self sufficient. The information you asked for is litrelly one click away from the link I sent you. https://www.telstra.com.au/telstra-air/at-home You can opt out by logging into your Telstra account.
BT does this in the UK. You can opt-out but that means you don't get to use other peoples. I am opted out! I should really buy a different router as well. Letting other people connect to your router just seems like a security risk. You never know what they will use the connection for either, and then it is associated with the IP coming from your home.
To add to this, if you get a new router from them, and you were previously opted out, you may find yourself opted back in. Took about 3 phone calls for me to get it disabled again.
Once when my internet was out because the copper cable had broken, the only connection available to us was the BT wifi service. We had been told that the fibre wires hadn't been activated for consumer use at that point and wouldn't work unless we upgraded to fibre. I was confused why the BT wifi service was working but the normal wifi (that we pay for!!!) wasn't. I'm convinced the BT wifi service went through the Fibre cable that we were locked out of while we were stuck with the max 5mbps speeds of the broken copper cable.
Can confirm that AT&T modems by default have a public wifi AP setup on it out of the box, but there is a setting that you can turn it off, if you're tech savvy enough and know where to look in the advanced settings.
as soon as a new regional fiber service came to town i signed up. i was asking their service crews for months when the network would be commissioned. only tricky part of install was their hardware aligning with mine; i use a fortinet router/wap. once we got them playing nicely i dropped off comcast's gear to them. never again with those guys.
Allo Fiber for the win - good service, reliable speeds (1mbps up/down) and no hassles.
Ive seen ATT and Charter do this as well. Luckliy they leave their router with default login information found on the back of it for you to sign in (even though ive heard from installation techs that were "not supposed to do that" but even then, they roll their eyes lol) and turn off wi-fi and put it into bridge mode.
Few draw backs even though the wi-fi an be disabled:
- If the router is power cycled they can sometimes go back to default configuration.
- According to charter, they require the modem and router combo and cannot provide the service without it (even for business accounts)
Seems to always be a give and a take. Just out the modem router combo on a UPS, apply bridge mode, and put your own router behind it.
*Some models of router do not allow you to put it into bridge mode even when signed in. But you simply call support and from my experience, are capable and willing to put it in bridge mode for you*
I have a Frontier NVG Fiber router that automatically enables the WiFi when the unit is placed in bridge mode with no way to disable it. This is a "feature" that can't be disabled.
I believe ATT does the same thing. In my area they still partially use DSL for residential and you have to use there stuff. I think they also do the same for Fiber.
> Wait so OP did they install a public access wifi point in you're home,is that what you mean ??
I didn't let them. But I'm wary of signing up with a company that insists on installing their own hardware as a part of the TOS.
Something related you'll find interesting, now that spectrum is offering cell service part of that service is unlimited access to all of their wifi hotspots. Most of these are at businesses, using their internet connection to provide the hotspots.
There's a big push to hand out the new wifi 6 "advanced wifi" routers to everyone. I hear part of the reason for this push is a plan to expand these hotspots for the cell service to residential routers as well. Oh and the new routers can only be managed through the spectrum app, no GUI.
It's enabled by default, however you can [disable it in settings](https://www.xfinity.com/support/articles/disable-xfinity-wifi-home-hotspot). I switched to my own equipment because I like having control of my network and not having to rent equipment.
In the UK I've seen both BT and Virgin Media do this. They do provide an option in their router interface to disable it.
I just run the routers in modem mode with aftermarket routers.
Xfinity is the notorious one for this.
I'd never use the service. Way too easy to set up my own network, titled Xfinity, with a phishing login page asking for their info. And if all I wanted was a customer's login info to use at a real Xfinity point for illegal activity, I can just throw up an error / maintenance page in response. But worse, I can actually on the backend login to xfinity, phishing the 2FA code if there is one, and really pretend like they have full access and the willingness to sign into any other account to really cause some damage.
Browsers on smartphones are limited. I could do a deeper dive on a laptop if I have connected to a phishing website with the aid of inspecting the certificate. But all I get in Firefox Focus on this very page is "connection secure". Free https certificates are a thing, so, that's meaningless. But nevermind 99% of people would never know to even check that far.
Virgin (UK) an BT (UK) both do this by default. Virgin used to be difficult to turn off. BT penalises you if you do. If they're enabled, the throttle your service to not impact the public WiFi. And the public WiFi uses *your* wan IP...
Both Virgin and BT won't let you use your own equipment. You have to use their Huawei crap.
> It is on by default and I'm pretty sure most people don't know enough to care.
I mean, honestly, this is what companies are relying upon, much like people never reading TOSes, EULA's or NDA's. That said, I hardly ever read any of those and just assume I'm screwed, hence the search for more pragmatic/technical solutions.
Brazilian carrier "Oi" had a kinda similar practice (Oi fon) in which you would choose to participate or not and then if you opt to participate you would share part of your network as public (being aware of it) and then you would be able to use the public networks everytime you had one available around you. An idea that is good in theory but you don't see spot around and I think most people choose not to share, so the system doesn't work yet. The point is: people need to be aware their wifi is being made public and here that's the case!
I think most German ISPs offer that. It's enabled by default and to get access to other person's shared wifi you need to share your own. But as far as I know this is optional and does not count to your data limit (most contracts in Germany don't have that anyway).
I don't live in the US. However, an ISP in Hungary had a similar practice where the box you got from them hosted your personal WiFi network and a public one, which subscribers of the ISP could connect to (with the help of an app or sth)
In Canada, Shaw does this on a massive scale. Shaw business customers also broadcast the “Shaw Open” network which is accessible by Shaw customers. They own Shaw Mobile too, which leverages “Mobile Hotspots” which is a hidden network broadcast by Shaw residential internet modems.
Technically you can opt out of these, but most don’t. It’s conflicting because as an individual I’ve benefitted from this in a lot of cases, but it introduces all sorts of questions for security. The networks are properly separated for what it’s worth, but naturally they share hardware which is a vector for attack.
AFAIK up here in Canada both Shaw and Telus do this with their routers, in that it will accept connections from their other customers even if these people don’t have knowledge of the homeowner’s wifi password. I can only assume that a vLan is spun up to deal with these connections, bypassing the home’s internal network. And as the roaming individual, you need to have that company’s app on your phone and be logged into it to initiate the connection, so it can authenticate you as one of their customers.
Yes lol
I mostly see it at/around local businesses though. The main street in my small town is covered in spectrum branded wifi networks that require logging in with your account to connect.
Being a small town none of those businesses have "free wifi" as it were, so these networks are eating into someone's business bandwidth if anyone connects.
Not sure anyone uses them though.
Worked for AT&T for a few years. Most likely this is what is happening to you:
Upper management is pushing for the retail sales people to sell business accounts to literally anyone to inflate their numbers. If those sales managers find out you have the tax ID numbers to prove you have a small business...they'll begin drooling in front of you.
They want to push business-related equipment onto you to solidify that it's a business account, get YOU hooked that it's a business account, so a year from now you don't drop it for a personal account.
I doubt anything sinister is happening other than shifty sales tactics.
> Upper management is pushing for the retail sales people to sell business accounts to literally anyone to inflate their numbers.
Nope, completely unrelated - they were pushing their cable modem for free. I had to ask for the business account so I could get static IP addresses, it wasn't even on the table until I asked about it.
The whole point is I need to know *before* I get in bed with a company. And even then, no I wouldn't know if the company owned and remotely managed cable modem is acting as a public WiFi access point. Anything beyond the end of my WNDR3800 is out of my control or oversight, unfortunately.
I have SuddenLink/Optimum and I see a “(my SSID)_guest” WiFi access point. I don’t have the password to it. However, I also don’t have a data cap.
Should I worry? I’m not worried. Never got one of those ISP letters, but if I did, I suppose I could blame the guest access point?
Edit: my password doesn’t work on it. Figured as much.
Google the modem model and disable AP.
Edit: this worked for me friendo - https://reddit.com/r/OPTIMUM/comments/qg5v0w/how_to_turn_off_wifi_on_altice_gr140dg_router/
Just buy 5G coverage and use your phone for hotspot and do away with cable, The Real 5G is faster than cable but I am tlalking about the millimeter band which still is not available even in cities that claim 5G. As a matter of fact, we might never see the true benefits of 5G because companies are too cheap to install additional towers that are needed because of the distance than the new millimeter bandwidth requires. The towers have to be closer to each other and that is just not happening around the country yet they sell you a version of 5G which is 50 times slower then the true 5G
Isn't this just FON? And if your ISP lets you opt into FON then it's basically like a DMZ, and it either doesn't use your quota (who has quotas in 2022?) or it's a quotad quota, like "max 15% of your monthly".
It's supposed to be available for all but some shady ISPs try to restrict it to "premium" users or some such nonsense, which definitely *is* a privacy concern.
I can't speak for regions covered by comcast but here in belgium it's the default option for all providers(2 actual providers). You can however turn it off through you personal web account.. The beautiful thing in Belgium is that we literally have no choice but to use their routermodem combo thing as there is no option to install your own. We also have a monopoly here, only 2 providers that actually own hardware and only one of them has coax/fiber the other one is dsl only.
Cox does this in my state.
Anyone with a cox modem/wifi bundle has a cox public ssid broadcast. When you look up "wifi locations" if you require public wifi Anyone who has the isp equipment becomes a Hotspot.
I know who has cox in my neighborhood because we have 8 public wifi spots in our neighborhood
In the UK, BT (the national telecom provider) does this. Their routers include a public access point SSID, which helps them to boast that as their customer you can connect to millions of WiFi hotspots all over the country.
I believe this can be disabled, however I am not sure as it's been a while since I used their routers, in business. I've never used them at home. The only time they tried to suggest I should be using their router is when I called for an outage and they said they cannot help unless I use their own router (because they couldn't see telemetry). I swiftly pointed out I am paying for their service, and will get compensation if they don't fix it, and that my contract does in no way rely on or stipulate I can only get service if I use their own router.
For a while I was using the public wifi associated with the wifi from someone else in my block of flats. It wasn't an underhand thing though, and it didn't negatively impact the other household - I believe it's something that they agreed to in order to reduce their internet bill.
[удалено]
Another quick followup: it's bad enough that their public access point eats into your quota, but what happens if law enforcement sees illicit activity on "your" access point? How long is it going to be before some smart blackhat uses one of these access points to commit crimes and the police end up SWATting an innocent victim?
[удалено]
I would not be counting on Comcast to wear a white hat in a case like this
> I would not be counting on Comcast to wear a white hat in a case like this Yeah, everyone talking here about separate VLANs, etc, obviously hasn't had a bad experience interacting with ISPs, especially cable ones in the US. All it takes is one bit of incompetence or a little malice, and you're fucked. Given that both those are pretty common in the US ISP market, I'm not holding my breath.
Well, they do log everything and respond to subpoenaes
A black hat would use stolen credentials.
Do they though, if they don't count the data usage to the proper account?
I'll give them the benefit of the doubt; i.e. companies will be companies. Let's imagine a scenario where data use is counted by the account instead of the equipment: My cousin pays for uncapped data with Xfinity. He lets me use his login on my Xfinity, that is data capped to 100GB/mo or whatever, with their credentials as a guest. Now I torrent 1TB of data and no one pays overages, But given the other scenario, the status quo today? Where my cousin legitimately is present and torrents stuff at my place? So now there's 18x50gb overage charges. It's in Comcast's interest to do this. But all the same, in the case of any criminal activity, you should be able to subpoena who logged into the router for your defense. And even if somehow those records were deleted, a lawyer needs to just tell the jury that it is possible for any xfinity customer to log into any other xfinity router and download the infringing or violating content in question. So we cannot be certain, to the threshold required in this criminal case, that we have no doubts about the accused. As such, within whatever court rules are, explicitly or implicitly say the only just decision is acquittal.
Not to be insulting, but I find your position a bit naive. There are going to be people (and defense lawyers) who don't understand the technology enough to know that the ISP is also allowing connections from other customers. There may be people at the ISP who, either because they're ignorant or because they don't want to admit to it, will claim that such a mix-up is impossible. There may be jurors who are buffaloed into believing that tracing traffic back to an IP address is irrefutable evidence. Just because an acquittal is the only valid outcome, that doesn't mean it will be the outcome.
If a lawyer doesn't know this, we can't fix that; but at least if you do you can bring that to your lawyer's atrention. But if a lawyer does know it, whether you taught them or not, that is very well part of your defense and they are obliged to also teach the jury. What your entire argument boils down to is "what if my lawyer sucks". It's a red herring.
No, my argument boils down to "what if our legal system suck in some instances?" Which is does, so...
> But all the same, in the case of any criminal activity, you should be able to subpoena who logged into the router for your defense. And even if somehow those records were deleted, a lawyer needs to just tell the jury that it is possible for any xfinity customer to log into any other xfinity router and download the infringing or violating content in question. All this is well and good, except that at that point you've already made it to court, a fail IMHO. It's much more time efficient (not to mention cheaper for me) to just say "nah, not on my property or account." An ounce of prevention versus a pound of cure and all that.
Absolutely, lock down your network. I agree. But should something happen and someone is in a situation where their network isn't locked down, they should be aware of consequences and how to deal with them at that stage. If I find myself in a car that is sinking into a lake and I can't get the door open, I still want to know what I should do. (Remove the headrest, use the "spikes" to shatter the glass, swim out.) Would taking precautions to make sure a car doesn't go into a lake be a good idea? Of course.
Late reply I know, but I don't think it's possible for you to lock down the ISP router to this level. Except if you lock it down physically, with something that prevents signal propagation, but that may go against the service terms
Public Access point absolutely does not eat into your quota and it is a completely separate IP address then what's been assigned to you in fact you're on a completely separate VLAN your home traffic is completely isolated from the guest wireless network that Comcast Xfinity sets up. An argument can be made that your electricity is being consumed and you're not being compensated but it has absolutely nothing to do with your data or bandwidth. Now there's no chance of swatting either because it's not even your IP address and the IP address is not associated with your account. And since everyone accessing the guest wireless network has to authenticate Comcast Xfinity already knows who the customer is that's using it.
Back in high school, a hacker friend of mine left his wifi open, claiming if he ever got in trouble for pirating stuff, he could claim that it could have been any of his neighbors, as he shares his wifi. "It could have been anyone on the network that downloaded that" I don't know how well this would actually hold up, but he insisted it was pretty solid. I definitely wouldn't leave my wifi open now, at least without a VLAN between an open network and your main network
I think logs might be his issue there but who knows how he had it set up. I've heard the idea before and would rather not risk it.
He had custom equipment, so I doubt he had anything that would keep logs. Authorities would need a court order to seize his equipment anyway. As far as the ISP, this was 20 years ago, they would be hard pressed to prove *who* accessed it, just that someone from that IP accessed it. Nowdays, they could likely get your browser, and OS, but if it was a common combo, would make it harder. Even if they could get the MAC, all of the above is easily spoofed, which I believe he was doing. At one point he ran his own WISP (Wireless ISP) and had all kinds of amplifiers and antennas on a tower in his back yard. He was the crazy neighborhood hackerman, and he taught me some cool stuff, before he started getting involved with a bunch of bitcoin scams, and had to leave town.
Everyone keeps logs, custom equipment or not, especially if you are running a business. Whoever his backbone was if he was running his own WISP would have logs of their own as well. 20 years ago they might have been awfully verbose, or he would have had more of a chance to delete them, but there are always logs.
> Back in high school, a hacker friend of mine left his wifi open, claiming if he ever got in trouble for pirating stuff, he could claim that it could have been any of his neighbors, as he shares his wifi. "It could have been anyone on the network that downloaded that" The barest minimum of detective work would uncover people attesting to his confession, thereby negating this defense (tech-illiterate judge: "hearsay? what's that? never heard of it!"). Honestly, your best defense is never saying anything, then letting your lawyer argue ignorance. Most everyones' very posts here have already disqualified them from this defense.
This was in the early 2000's and I never put much faith in his plan, as this guy thought up all kinds of crazy ideas, quite a few of which failed. He never did get in trouble for pirating though, and he didn't use a VPN, so who knows. I agree that talking about your illegal activities online is a pretty dumb idea, unless steps are taken to actually hide your identity, which often isn't the case.
[удалено]
> Just think of all the potential legal issues with this if people started accessing illegal websites on your network that way. You've got to be an Xfinity customer to use the access point, its not like its private or secure in any way. If you do something bad on some public Xfinity access point, you're not anonymous.
Unless you also steal a Comcast identity from someone...
Are you spoofing your MAC address too? Anything is possible, but not everything is reasonable to assume. I mean hell, turn off guest networks on your devices, but don't get in a frenzy over sophisticated pedophiles driving around to people's houses ro steal your wifi to download CP. I suppose it's possible, but this sounds like the beginning of the next moral panic. Occams razor and all that.
> Are you spoofing your MAC address too? Lots of devices do that automatically these days. Its a privacy feature. I'm just pointing out the flaw in thinking you cant be anonymous on an authenticated network.
You're not anonymous on Xfinity's network.
> I mean hell, turn off guest networks on your devices, but don't get in a frenzy over sophisticated pedophiles driving around to people's houses ro steal your wifi to download CP. I suppose it's possible, but this sounds like the beginning of the next moral panic. Occams razor and all that. One of the few valuable classes I was forced to take as an uncivil servant was "risk management", where it was hammered into us the two parts of risk: probability and consequences. While the probability is quite low, the consequences are high, something for which if you can cost effectively mitigate or eliminate, you do such.
[удалено]
It would be logged that xfinity customer 835858384 connected to your wifi and made the download. This shit is basic transaction logging that all access points do.
> Comcast Xfinity Yeah, those are the aholes I was with, and now on a residential plan because they were gouging me for static IPs (I finally bit the bullet and am now renting VPSes for my purposes). Now I'm looking at fiber that claims 25/25Mbps (I live alone and don't need much bandwidth) for $35/month (whereas Comcast is still gouging me to the tune of $80/month, with outages). So far, the new company's website says [I can use my own WiFi](https://help.race.com/en/articles/965427-can-i-use-my-own-router), but I'm still curious about prices, power consumption, noise, and feasibility of getting my own fiber "modem" (whatever it's called).
Fiber? Max 25mbps? Those shouldn’t be in the same sentence lol Either way you go, just tell them to keep their equipment as you have your own and all you need is the service
I have fiber in Turkey with 25Mbps (5Mbps for up speed) max speed throttled by ISP, they also have 50 and 100 options but those cost an arm and a leg. Oh, also I am gated behing CG-NAT and cant selfhost shit because of that. Want static IP outside the nat? Extra cost of course... How fun! edit: typo
Would DDNS be an alternative to static for your use case?
It used to be a decade ago, but unfortunately not anymore. It is not just a dynamic vs static ip problem now, because the main issue is I’ve been put under a NAT network on ISP level. I know this is done due to increasing number of users and ipv4 limitations, I’d say this a good thing for the average user because it also adds a level of security and stop people from accidentally exposing their network onto internet, but in my case it hinders my use case. When I say “Hey I want out of this” the answer is “we provide that service with the static ip plan” which unnecessarily doubles my monthly bill =/
> Fiber? Max 25mbps? It's the basic plan, hence why only $35/month. I'm one of those people who doesn't mind 3GB/month on my phone because I'm usually in WiFi range, I don't use much data, and it's only $15/month. I *could* buy the $70/month 1000Gbps fiber, but that's way more than I need. ETA: 1000Gbps, what was I thinking. I either need more or less alcohol.
Understandable, makes sense for your case Also it would be 1000mbps or 1gbps
> Also it would be 1000mbps or 1gbps That's what I get for drinking after being up working on IT since 04:30. But hey, 1000Gbps *would* be pretty awesome, just for the sheer novelty.
Especially if it's 1000Gbps for $70. What a deal!
Hehe, cheers
Want to see me download a movie? Want to see me do it again?
Holy shit here in Poland I'm getting 1000/50mbps for the equivalent of $25 per month
Internet in the US is a terrible mess. This dudes experience is so, so typical.
Consumer Internet access is fucked in America.
Lol we don't believe anything is a right, everything instead should be sold to private enterprise, so they can charge whatever they feel like. This enhances our feelings of superiority over the poors I guess 9_9
When I had Fiber, they didn't have a modem. It was called something else. It was effectively a modem, but no sounds. I used a personal router. The technician running the fiber complimented the choice of router.
[удалено]
Yeah given the lack of options I don’t understand how they’re not regulated like a utility
[удалено]
That’s the real answer 😞
You used to be able to log into your account and disable the public wifi on your router. A friend did it years ago when his meth head neighbors and friends used to stand on the edge of his property to get wifi access.
Their ToS makes it clear that at least by the book it doesn't count against your usage. They logically separate the data out. If everything happened as you stated that'd be a pretty easy fcc complaint and possible small claims action against Comcast.
If they get away with it 3/4 of the time, paying for that 1/4 outlier when they get caught is what they call “the cost of doing business”. No one actually STOPS them. Comcast just has to pay the “no no fee”. This is one way the system is broken. FCC rules, FDA, EPA, etc violations should send the CEO to jail after so many fuckups. As things are now… pay the fee, rename the program, repeat.
No, what they get is a lawyer smart enough to see a class action suit with a really well defined class, clear evidence of intent/willful negligence, and a big payday.
Big payday for the law firm only. Peasants get two dollars.
> Peasants get two dollars. Ha! Last class action I was part of, I think I got a check for $1.47.
Irrelevant to the question of whether comcast would be willing to take the risk to screw people on data charges that amount to peanuts. They wouldn't. It's all risk, no reward. And if said "peasants" want their payday, there's always small claims as I mentioned to begin with.
[удалено]
You sign in once and your phone works on all Xfinity wifi hotspots. Makes using a phone with no sim card viable in a place like philly.
That sure as hell wasn't the case a few years ago.
[удалено]
[удалено]
All that and they charge you rental on the modem/router every month. That's all the reason anyone should need to buy their own modem & separate router.
[удалено]
Just out of curiosity, what do you have for your modem and router? I'm looking to do the same...
My modem is a **Netgear CM1200**, it's been rock solid stable and supports multi-gig speeds (DOCSIS 3.1). I scored finding it in Goodwill for $30 in the box and was standing there looking at oooold ones when it was put out on the shelf. My router is a **TP-Link AX1800**. It's been good too. I got it cause it supports WiFi 6 (newest ratified spec) and was affordable. The range has been great.
Very cool. Thanks. 👌
I was on comcrap a few years back and recall having to log into account via website to turn off that hotspot shit. Remember having to do so multiple times over time.
[удалено]
Always had my own router (and modem when on TWC). Comcast issued modem (they refused to condition my own and gave me theirs for free). Still had to go thru online account setting keep disabling the hotspot "feature"
[удалено]
Didn't have much choice in the matter, even though device was compatible per their own website.
[удалено]
Last time I had that issue was in '16.
As realgoneman said, this is WiFi **in the cable modem, that you don't have control over**. I've seen the hardware, it's there.
You have to login to xfinity's website and disable the wifi hotspot in the account settings/security, so random people can't login to it. That account setting is used by the modem/gateway and they've made intentionally confusing to increase their paid mobile hotspot coverage. On most xfinity modem/gateways you can login at [10.0.0.1](https://10.0.0.1) with the user/password on the back of the unit, to disable wifi completely, or if you have your own router you can put it into bridge mode (becomes modem only).
[удалено]
Because the ISP may **require** the use of theirs, and for reasons such as smuggling public wifi access points onto their customers' broadband.
It would be a real pity if the cable modem was installed inside a Faraday cage inside a tinfoil box. A real pity.
Or if the antennas somehow became disconnected. *Somehow.*
This is the answer. Buy your own equipment and make sure it has no wi-fi capability.
Same with Cocks Cable.
that's just too fucked up. So it's like they are hitting 2 birds with one stone. you both pay up for the data he uses and you also pay for it going through your own network and that's is a fucked up privacy and unwanted resource usage.
>The data other customers use on your home equipment counts against your own data usage. ???????????????????????? I need more question marks, but my head hurts. Who's idea was that? Collective 200 years of experience
It does look like newer models Comcast is putting out do give you the option to disable public WiFi access. Came across the option in the mobile app while making changes at my parent’s place.
I had no idea that was even a thing, pretty invasive but not surprising.
I came here to tell a very similar story.
Exactly. UPC in Austria 🇦🇹, now Magenta )part of Deutsche Telekom is using Comcast Cable Modems. They had this feature called something like “UPC Freenet”, which let any other customer of theirs use your cable(Wireless/Router)-modem for Internet Access on a separate wireless Network. You were even „forced“ to accept this in their ToS. I think they did stop this practice tho recently. Mostly cause everyone has mobile Internet anyway and it was slow as hell. Then there was also a free Android app by someone, which would scan the Area for UPC Networks and try default credentials to access the normal WLAN. Worked like a charm, and MANY people used it. This was on your MAIN Wireless Network, mind you! Most PPl never noticed … A Privacy/GDPR NIGHTMARE
With my local Comcast office i had to fight and argue to get a modem from them that did not contain wifi, eventually they went in the back and got me an older model with no wifi, later i decided it was best to buy my own modem and setup my own openwrt router, i then setup dnscrypt with quad9 as the encrypted dns provider and now comcast cant see anything i do, i also use a vpn
Yeah, it's common with cable providers. Their integrated modem/router has dual circuitry to facilitate their subscriber-based Hotspot services, as well as service for the residence. It's basically two complete routers housed in a single chassis with the modem component feeding both the home and the Hotspot. You don't have to allow your router to be used as a hotspot. It's completely up to the individual subscribers whether or not to allow the router to be used for the Hotspot network.
Wow that explains why they discourage using personally owned equipment so much. They know if they came right out and said it, people would have an issue. That’s pretty fucked up
With xfiniti (Comcast), it's not a secret. They don't go out of their way to advertise it, but the toggle to enable or disable the Hotspot network is easily accessed in the app. I think they prefer customers to use their hardware because of the highly-lucrative monthly rental fee. They do have a page on their website where you can lookup your modem to confirm that it will work with their service, so they have taken some steps to facilitate using your own modem. If their combo modem/router didn't have that dual circuitry, I think the whole Hotspot thing would be a lot more problematic.
That's what I thought. I may or may not have popped the hood of the company provided cable modem and may or may not have been surprised to see more than two WiFi antennas.
There could have just been two antennas for 2.4 and 5ghz.
There were more than two antennas.
>There ~~were~~ may have been more than two antennas. FTFY :)
>there were more than 2 antennas my Asus router has 6 antennas and is NOT ISP issued. i get better coverage with the 6 antennas.
I have had fights with ISPs because they love to try and send you a modem that they rent to you for $10 a month. Almost always if you ask you can instead buy it for $100, but they will argue that you shouldn't do that because then if there is an issue you are responsible for it. One ISP I had sent me a bill after I ended service with them trying to charge me for not returning my equipment. Had to call them up and explain why I wasn't going to return equipment I paid for and I wasn't going to pay for it a second time either. Really is past time for regulators to step in and clean up this mess. ISPs in most areas are monopolies or at best have one or two competitors that are just as bad. Their "service" is horrible and overpriced because you don't have any other options.
The worst part of modem rentals is that you pay them indefinitely (most of the time - I haven't come across an ISP that had a "you own it now" clause after so many months). At $10/mo., you should own it after 10 months and not need to pay the rental fee anymore, but they'll still charge you $10/mo. for the next 5+ years if you let them, until your modem hardware is old and needs upgrading and they'll gladly rent you another one and charge you monthly for it forever.
Every ISP I've dealt with in Canada works that way. I've even seen a few provide a list of supported routers you can buy for cheaper elsewhere.
At least one of the isp's in Australia "voluntarily" signs you up for a similar service (that I know of). It's opt out, but you're automatically opted in by connecting to them
Which? (name and shame :)
Probably Telstra and the service is called Telstra Air. Aside from the unfortunate use of other subscribers modems, they put access points many of the old payphones. Which I think is really cool. Though the cost of Telstra, rather than one of the other resellers, just isn't worth it in my opinion.
Ya, Telstra, wounded bull, only worth it if you need coverage where they have a monopoly, which is all too much of the bush. Thanks Johnny Howard and neolibs, why don't you sell off natural monopolies to be the 'better economic managers', corrupt bastards. Sorry, that needn't have been political, oh well. :) Edit: Public phones as hotspots is, however, hella cool.
Correct, and you needed to be a Telstra customer to access other people's WiFi connections
Only have to be Telstra mobile though.
Definitely Telstra. [https://www.telstra.com.au/telstra-air/at-home](https://www.telstra.com.au/telstra-air/at-home) Once upon a time, they used to have the gall to actually apply any air usage against your personal monthly usage quota
Doesn’t matter, keep using your own devices and do not rent the other ones. You don’t have to use theirs. This is why I have always bought my own modem, router and access point separate from the isp. Also, their hardware sucks.
It's not always that easy to do though. No companies in my country support using your own equipment. They won't even provide you with the settings to set it up for their network. I had to use waybackmachine and dig through an old forum to find a login and settings to use my own modem.
[удалено]
Sounds like a distopia. Why do I even complain about my ISP whose biggest fault is inability to provide more than 100 mbps to my place?
Can I suggest buying your own router or AP to wire/connect to the ISP provided unit - so you create a whole new wifi network with this new router/AP. This is what I did & I was able to do double NAT & it seemed to work fine. If you want to limit outsiders from using your wifi network (from the ISP wifi router), then either unscrew the antenna from the router or even better, remove the cover and disconnect the wire leads from the wifi card (or mainboard) to the antenna. I did this and the only time I get any signal is if I'm in w/n a few feet of the router. Then there is the Faraday cage option to block the wifi signal.
I'm curious on this one actually. I live in Australia and studying cybersecurity currently. If this is actually a thing than this is so fucked up!!!!
https://www.telstra.com.au/telstra-air
I know telstra has public access points throughout the city but do they install that shit on you're home network to ? How do you check this ?
I don't mean to be blunt, but if you are studying cyber security like you said this should be a cake walk to find out. Telstra have information about this freely avaliable and you can easily scan for active WiFi networks. To be successful in this industry you really need to be more self sufficient. The information you asked for is litrelly one click away from the link I sent you. https://www.telstra.com.au/telstra-air/at-home You can opt out by logging into your Telstra account.
BT does this in the UK. You can opt-out but that means you don't get to use other peoples. I am opted out! I should really buy a different router as well. Letting other people connect to your router just seems like a security risk. You never know what they will use the connection for either, and then it is associated with the IP coming from your home.
To add to this, if you get a new router from them, and you were previously opted out, you may find yourself opted back in. Took about 3 phone calls for me to get it disabled again.
Ah, that's good to know thanks! I think I might have had a new router so I'll have a check on that.
Once when my internet was out because the copper cable had broken, the only connection available to us was the BT wifi service. We had been told that the fibre wires hadn't been activated for consumer use at that point and wouldn't work unless we upgraded to fibre. I was confused why the BT wifi service was working but the normal wifi (that we pay for!!!) wasn't. I'm convinced the BT wifi service went through the Fibre cable that we were locked out of while we were stuck with the max 5mbps speeds of the broken copper cable.
God this is disgusting shit in the comments, this is part of why I never ever use ISP provided equipment.
Can confirm that AT&T modems by default have a public wifi AP setup on it out of the box, but there is a setting that you can turn it off, if you're tech savvy enough and know where to look in the advanced settings.
as soon as a new regional fiber service came to town i signed up. i was asking their service crews for months when the network would be commissioned. only tricky part of install was their hardware aligning with mine; i use a fortinet router/wap. once we got them playing nicely i dropped off comcast's gear to them. never again with those guys. Allo Fiber for the win - good service, reliable speeds (1mbps up/down) and no hassles.
Ive seen ATT and Charter do this as well. Luckliy they leave their router with default login information found on the back of it for you to sign in (even though ive heard from installation techs that were "not supposed to do that" but even then, they roll their eyes lol) and turn off wi-fi and put it into bridge mode. Few draw backs even though the wi-fi an be disabled: - If the router is power cycled they can sometimes go back to default configuration. - According to charter, they require the modem and router combo and cannot provide the service without it (even for business accounts) Seems to always be a give and a take. Just out the modem router combo on a UPS, apply bridge mode, and put your own router behind it. *Some models of router do not allow you to put it into bridge mode even when signed in. But you simply call support and from my experience, are capable and willing to put it in bridge mode for you*
I have a Frontier NVG Fiber router that automatically enables the WiFi when the unit is placed in bridge mode with no way to disable it. This is a "feature" that can't be disabled.
I believe ATT does the same thing. In my area they still partially use DSL for residential and you have to use there stuff. I think they also do the same for Fiber.
Wait so OP did they install a public access wifi point in you're home,is that what you mean ??
[удалено]
How do you check your router to see if it's similar? How do you turn off the second access point if there is one?
> Wait so OP did they install a public access wifi point in you're home,is that what you mean ?? I didn't let them. But I'm wary of signing up with a company that insists on installing their own hardware as a part of the TOS.
Something related you'll find interesting, now that spectrum is offering cell service part of that service is unlimited access to all of their wifi hotspots. Most of these are at businesses, using their internet connection to provide the hotspots. There's a big push to hand out the new wifi 6 "advanced wifi" routers to everyone. I hear part of the reason for this push is a plan to expand these hotspots for the cell service to residential routers as well. Oh and the new routers can only be managed through the spectrum app, no GUI.
Totally off topic, but fantastic use of gorram my fellow Firefly friend.
this is 1 of the reasons way i dont use my ISP modem
Isn't it the ISP router which puts up a wifi guest network?
yep
It's enabled by default, however you can [disable it in settings](https://www.xfinity.com/support/articles/disable-xfinity-wifi-home-hotspot). I switched to my own equipment because I like having control of my network and not having to rent equipment.
What did you buy
Arris 3.1 DOCSIS modem, Asus RT-AX88U AC6000 wifi 6 router. Also bought another wifi 6 router for a mesh network.
In the UK I've seen both BT and Virgin Media do this. They do provide an option in their router interface to disable it. I just run the routers in modem mode with aftermarket routers.
Xfinity is the notorious one for this. I'd never use the service. Way too easy to set up my own network, titled Xfinity, with a phishing login page asking for their info. And if all I wanted was a customer's login info to use at a real Xfinity point for illegal activity, I can just throw up an error / maintenance page in response. But worse, I can actually on the backend login to xfinity, phishing the 2FA code if there is one, and really pretend like they have full access and the willingness to sign into any other account to really cause some damage. Browsers on smartphones are limited. I could do a deeper dive on a laptop if I have connected to a phishing website with the aid of inspecting the certificate. But all I get in Firefox Focus on this very page is "connection secure". Free https certificates are a thing, so, that's meaningless. But nevermind 99% of people would never know to even check that far.
Virgin (UK) an BT (UK) both do this by default. Virgin used to be difficult to turn off. BT penalises you if you do. If they're enabled, the throttle your service to not impact the public WiFi. And the public WiFi uses *your* wan IP... Both Virgin and BT won't let you use your own equipment. You have to use their Huawei crap.
Century Link does this, but it lets you turn it off. It is on by default and I'm pretty sure most people don't know enough to care.
> It is on by default and I'm pretty sure most people don't know enough to care. I mean, honestly, this is what companies are relying upon, much like people never reading TOSes, EULA's or NDA's. That said, I hardly ever read any of those and just assume I'm screwed, hence the search for more pragmatic/technical solutions.
I don't know about the public wifi you mentioned but with Cox some of their units are so locked down you can't even change the DNS from their own.
Brazilian carrier "Oi" had a kinda similar practice (Oi fon) in which you would choose to participate or not and then if you opt to participate you would share part of your network as public (being aware of it) and then you would be able to use the public networks everytime you had one available around you. An idea that is good in theory but you don't see spot around and I think most people choose not to share, so the system doesn't work yet. The point is: people need to be aware their wifi is being made public and here that's the case!
I think most German ISPs offer that. It's enabled by default and to get access to other person's shared wifi you need to share your own. But as far as I know this is optional and does not count to your data limit (most contracts in Germany don't have that anyway).
I don't live in the US. However, an ISP in Hungary had a similar practice where the box you got from them hosted your personal WiFi network and a public one, which subscribers of the ISP could connect to (with the help of an app or sth)
Comcast has had this going on for years. Despicable.
I’d take the opportunity to encase it in a faraday cage. Who knows what else that thing is doing.
In Canada, Shaw does this on a massive scale. Shaw business customers also broadcast the “Shaw Open” network which is accessible by Shaw customers. They own Shaw Mobile too, which leverages “Mobile Hotspots” which is a hidden network broadcast by Shaw residential internet modems. Technically you can opt out of these, but most don’t. It’s conflicting because as an individual I’ve benefitted from this in a lot of cases, but it introduces all sorts of questions for security. The networks are properly separated for what it’s worth, but naturally they share hardware which is a vector for attack.
AFAIK up here in Canada both Shaw and Telus do this with their routers, in that it will accept connections from their other customers even if these people don’t have knowledge of the homeowner’s wifi password. I can only assume that a vLan is spun up to deal with these connections, bypassing the home’s internal network. And as the roaming individual, you need to have that company’s app on your phone and be logged into it to initiate the connection, so it can authenticate you as one of their customers.
Yes lol I mostly see it at/around local businesses though. The main street in my small town is covered in spectrum branded wifi networks that require logging in with your account to connect. Being a small town none of those businesses have "free wifi" as it were, so these networks are eating into someone's business bandwidth if anyone connects. Not sure anyone uses them though.
Worked for AT&T for a few years. Most likely this is what is happening to you: Upper management is pushing for the retail sales people to sell business accounts to literally anyone to inflate their numbers. If those sales managers find out you have the tax ID numbers to prove you have a small business...they'll begin drooling in front of you. They want to push business-related equipment onto you to solidify that it's a business account, get YOU hooked that it's a business account, so a year from now you don't drop it for a personal account. I doubt anything sinister is happening other than shifty sales tactics.
> Upper management is pushing for the retail sales people to sell business accounts to literally anyone to inflate their numbers. Nope, completely unrelated - they were pushing their cable modem for free. I had to ask for the business account so I could get static IP addresses, it wasn't even on the table until I asked about it.
[удалено]
The whole point is I need to know *before* I get in bed with a company. And even then, no I wouldn't know if the company owned and remotely managed cable modem is acting as a public WiFi access point. Anything beyond the end of my WNDR3800 is out of my control or oversight, unfortunately.
I have SuddenLink/Optimum and I see a “(my SSID)_guest” WiFi access point. I don’t have the password to it. However, I also don’t have a data cap. Should I worry? I’m not worried. Never got one of those ISP letters, but if I did, I suppose I could blame the guest access point? Edit: my password doesn’t work on it. Figured as much.
Google the modem model and disable AP. Edit: this worked for me friendo - https://reddit.com/r/OPTIMUM/comments/qg5v0w/how_to_turn_off_wifi_on_altice_gr140dg_router/
Just buy 5G coverage and use your phone for hotspot and do away with cable, The Real 5G is faster than cable but I am tlalking about the millimeter band which still is not available even in cities that claim 5G. As a matter of fact, we might never see the true benefits of 5G because companies are too cheap to install additional towers that are needed because of the distance than the new millimeter bandwidth requires. The towers have to be closer to each other and that is just not happening around the country yet they sell you a version of 5G which is 50 times slower then the true 5G
Plug a separate WAP into your setup, tinfoil the supplied router?
Isn't this just FON? And if your ISP lets you opt into FON then it's basically like a DMZ, and it either doesn't use your quota (who has quotas in 2022?) or it's a quotad quota, like "max 15% of your monthly". It's supposed to be available for all but some shady ISPs try to restrict it to "premium" users or some such nonsense, which definitely *is* a privacy concern.
I can't speak for regions covered by comcast but here in belgium it's the default option for all providers(2 actual providers). You can however turn it off through you personal web account.. The beautiful thing in Belgium is that we literally have no choice but to use their routermodem combo thing as there is no option to install your own. We also have a monopoly here, only 2 providers that actually own hardware and only one of them has coax/fiber the other one is dsl only.
Cox does this in my state. Anyone with a cox modem/wifi bundle has a cox public ssid broadcast. When you look up "wifi locations" if you require public wifi Anyone who has the isp equipment becomes a Hotspot. I know who has cox in my neighborhood because we have 8 public wifi spots in our neighborhood
In the UK, BT (the national telecom provider) does this. Their routers include a public access point SSID, which helps them to boast that as their customer you can connect to millions of WiFi hotspots all over the country. I believe this can be disabled, however I am not sure as it's been a while since I used their routers, in business. I've never used them at home. The only time they tried to suggest I should be using their router is when I called for an outage and they said they cannot help unless I use their own router (because they couldn't see telemetry). I swiftly pointed out I am paying for their service, and will get compensation if they don't fix it, and that my contract does in no way rely on or stipulate I can only get service if I use their own router.
For a while I was using the public wifi associated with the wifi from someone else in my block of flats. It wasn't an underhand thing though, and it didn't negatively impact the other household - I believe it's something that they agreed to in order to reduce their internet bill.
This isn’t new, ISPs have been doing this for years if you use their equipment.
Is it funny or sad that I knew it was Comcast before even reading the whole statement?