Funny coincidence. I've just spent the last hour on the phone with Comcast support asking them to disable the "xfinitywifi" my router is broadcasting and when it was all over decided to unwind and read some NH... And see this!
For anyone who needs to, call "1-855-845-6834" and ask them to disable the "xfinitywifi" hotspot on your router.
This will save you the 4 transfers, giving your info many times, and listening to the upgrade options you don't care about. It may also save you from the $70 support they'll try to charge you (should you choose to agree), and possibly one redirect to a number that no-longer exists (all of which I just went through).
First, there isn't enough technical info about how the feature is implemented for me to not be worried about it affecting me in terms of security and bandwidth; and from my subjective experience so far, I don't trust Comcast enough to accept their claim of no / minimal impact.
Second, the way I see it, Comcast is asking us to donate our resources (bandwidth, etc.), as minimal as they may be. Now, I don't mind donating to a good cause. I do, on the other hand, mind being forced to do so, without my consent; and especially so when a company is profiting from it ($3 daily access pass for non-subscribers).
So, if (a) I could be sure that it will not affect me, and (b) this would be a free for anyone who is in the area to use, and (c) they'd ask me to opt-in, I'd enable it.
It's a public wifi network that is broadcast from a device that is (probably) on your LAN. Attacker connects, finds some vulnerability, and has unrestricted access to the LAN. That is just one attack vector.
;tdlr it degrades your security, and is generally annoying.
Essentially you have two WiFi networks in your house. What they call your "private WiFi" network and the Xfinity WiFi network. The biggest question I have is - do they both utilize the same publicly facing IP address?
This brings up some interesting questions. Consider 6 residents in an apartment building, each with their own Comcast Internet connection. I utilize my private network and the other 5 people for whatever strange reason chose to connect to my Xfinity WiFi connection instead of their own connection. One of them surfs for highly illegal content (take your pick). Whose door are the police going to break down?
IIRC the MO for raiding nonviolent criminals is first to find and kill any dogs in the residence, so it really just depends where the barking is coming from.
As far as security is concerned, I'm much more worried about ISPs providing WiFi routers that uses WEP encryption AS A DEFAULT.
For those who don't know, WEP can be hacked in a matter of minutes with no technical knowledge required. There's plenty on scripts on the internet that automates the whole process for you.
This looks like a step toward what is variously called "hotspot 2.0" (Wi-Fi Alliance)[1], "next generation hotspot" (Wireless Broadband Alliance)[2], and "het-net" (4G Americas)[3].
The problem is the exponential growth in demand for cellular bandwidth. Its very expensive for the cellular industry to increase capacity by building new towers. So the idea is to get consumers' cellular devices using wifi data connections wherever possible, offloading demand for 3G/4G.
This looks like a way for cell phone companies to lease an "xfinity password" from Comcast. Then the cell company can seamlessly offload the data connection of any subscriber near enough to an xfinity hotspot.
Interesting. Any idea why AT&T can't make their hotspots around nyc not suck? I'd love to use them to save data, but I end up disabling my WiFi just to keep my phone from auto-connecting and then not functioning.
On some versions of Android it is possible to set the system up to check for the existence of a working Internet connection and then disconnect from wifi if there isn't one.
No, Hotspot 2.0 (and its underlying standard, 802.11u) are focused on enabling a mobile device to automatically “discover” APs that have a roaming arrangement with the user’s home network and then securely connect.
Multiple [E|B]SSIDs (which I co-invented, and patented about 14 years ago) are fundamentally different. Hotspot 2.0 requires client changes, whereas multiple SSID does not.
It's a good feature. The open wifi is separated from your wifi, and it doesn't use your bandwidth. Plus - If you have BT wifi, you get to use all those hotspots for free.
I question "doesn't use your bandwidth." BT is a DSL provider. Your circuit is provisioned for the speed you pay for, and the maximum attainable speed is limited based on distance from the DSLAM as well as other factors (copper gauge, copper condition, etc.).
If you're paying for the highest speed BT offers at your location and you're near the limit for that speed, they don't have any capability to overprovision a few extra mbps on that circuit for guest Wi-Fi use. The closest they can do is provision a new circuit entirely, but that isn't a very cost-effective solution just to provide Wi-Fi as it requires another physical pair, another DSLAM port, and more expensive CPE that can support 2 pairs.
Comcast on the other hand is a cable provider and due to the shared architecture of DOCSIS, can conceivably do that. In fact, since they're saying guest Wi-Fi users will not impact your connection speed, I am betting that is exactly what they are doing - guest Wi-Fi users probably have access to any unused capacity on the node.
* maybe they have FTTP in some areas (like pretty much every telco) in which case this won't apply. And I know they have FTTC in many areas too, but that's still xDSL and these shortcomings still apply (just to a lesser extent since the loops are much shorter).
* The public wifi usage doesn't eat up any of the private bandwidth allowance
* The public wifi is limited to 512kbps but private usage gets precedence (meaning that the bandwidth available for public wifi could be 0kbps at any point in time)
Heh. Is there such a thing as a consumer ISP-supplied router that isn't a total POS?
Does BT not let you override their DNS servers? I don't know why ISPs seem to think DNS hijacking is such a good idea. I find it hard to believe they could make any substantial amount of money on it, it just pisses people off.
The average customer probably doesn't know what DNS is, let alone that switching to a server that doesn't to DNS hijacking will make the <ISP> search pages go away.
Here in the Netherlands XS4ALL provides me with a AVM Fritzbox 7390 on my fiber connection (100/100 $75), quite a nice piece of kit ($311,- retail if I look it up today)
Title is misleading. I interpret this as they broadcast a separate wifi signal that connects to a different LAN. I don't see anything terribly wrong with this.
I was in the Bay Area a few weeks ago and was able to try out the Xfinity WiFi. It was actually really convenient being able to work from the small coffee shops in Berkeley and in the city. The speeds were awesome too, around 27Mbps down and 10Mbps up. Most places require you to pay for WiFi or the speeds are just throttled way too much (1.5Mbps/0.5Mbps). As long as your own service isn't being hindered by the Xfinity hotspot and your own network isn't vulnerable due to the additional piggybacking, I don't see anything wrong with it.
In short, at BT, no way. Your IP is your LAN. Other users get different IPs.
BT runs three SSIDs. Your network, BT-Wifi (FKA OpenZone), and BT-FON.
Your network is your network. Private IP, different encryption. The packets leave your house, travel over the ADSL, exit the DSLAM, into a BRAS. There (more or less) it exits onto the "internet" connectivity of BT, with the IP of your ADSL modem.
FON and BT-WiFi leave your house, travel over the ADSL, exit the DSLAM, into a BRAS, but there's a difference now. Instead of exiting onto the "internet", it is stuck in a channel that goes to a different part of the network. This part hosts the server where you login/etc. and where your traffic eventually leaves, with a different IP address than the home network, to the internet. I'm fairly sure the IP is a proxy address, assigned to the logged in user's session, and not tied to the specific router. That channel used to be 256kbps reserved. I think it is now 512kbps. This channel has lower priority than your normal internet traffic.
There is also another channel for BT Vision, that IIRC has 2Mbps reserved for their video. I assume this never leaves the BT network for the internet :-) This has a higher priority than your normal internet traffic (for obvious reasons).
AFAIK the BRAS is where the quality of service is enforced. The router is requesting the different classes of service though, and is tagging the packets. (And I think it's also running a tunnel for the FON and BT WiFi).
EDIT: Corrected a mistake, added some clarity for other q's raised elsewhere.
The TV side of this can be found by searching TPG IPTV and FetchTV, but on the whole we don't have enough bandwidth for this to be deployed successfully.
Where you say 2Mbps reserved, is this set up in the router as a separate virtual circuit? In this case, does it make a hypothetical 20MBit connection 18MBit to the end user?
Caveat: this is info based on a quick chat with a BT WiFi engineer, backed up with random internet reading.
It's set up in the router and BRAS, but it will only take that bandwidth away if you're watching IPTV. I should have used the word "allocated" :-)
Something important to note - even if you see sync speeds on your DSL modem of 34.95Mbit down, you're likely to have a DSLAM profile set to something like 31Mbit. Most providers use profiles in the DSLAM to give you a consistent speed, rather than trying to squeeze the last little bits out of what is often quite a lossy line.
So in reality your 20Mbit sync speed might result in an 18Mbit profile, of which 2Mbit is allocated for IP TV traffic.
They are trying to meet customer demand for wider bandwidth with VDSL, and nearly stopped selling modems; it's all cheapo routers now, loaded with customized firmware complete with DNS spoofing to route you to their "new customer setup" page that seems to always be down. They have to be reset once in a while, when their internals contort into reboot loops.
The free hotspot is branded and the name contains a short string unique to your router. It might not be using "your" bandwidth with your ISP, but it is sitting on your uplink which could get stuffed as a result. The hotspot is completely open for anyone to connect, but is limited by the max_client setting which is global to the router and set at 16 clients by default.
I have Comcast, with one of their wireless routers, but I don't see any network named "xfinitywifi." Is it only certain router models? Or only certain areas?
> Visitors who are XFINITY Internet subscribers can simply select the XFINITY WiFi network “xfinitywifi” on their device and open a Web browser to get started. They will be able to sign in with their XFINITY email or username and password.
So now anyone can create a hotspot named "xfinitywifi" and phish for passwords from folks who doesn't look for an https connection. I hope Comcast does some good training beyond "connect and enter your password."
It will affect the latency on the actual internet link. The second you add extra traffic latency shoots up...it doesn't matter where that traffic comes from. You can mitigate the effect somewhat with QoS but it doesn't go away.
The issue isn't the number of networks, but rather the number of frequencies used.
The second ssid being broadcast will probably run on the same frequency as your usual ssid.
Switching to super high frequencies will mitigate the overlap, since these won't travel through thick walls, but then you may need to put wifi points in all you rooms.
I've used it, my local network connection was down and I found there was a wireless Comcast hotspot available.
I figured that was the case (Comcast wifi piggybacking on someones business/residential connection) but wasn't sure. It's not from me as I'm using my own modem and router.
There's a an interactive wi-fi location map on the Comcast page that shows where hotspots are, two are in town so far.
So does Portugal Telecom (in Portugal), at least in its triple-/quad-play services, locally known as MEO and M4O packages. Those who enable this sharing service (called "community hotspot") can also benefit from it.
I believe it started out as a response to the competition giving their clients access to the (global?) Fon WiFi network.
For anyone who needs to, call "1-855-845-6834" and ask them to disable the "xfinitywifi" hotspot on your router.
This will save you the 4 transfers, giving your info many times, and listening to the upgrade options you don't care about. It may also save you from the $70 support they'll try to charge you (should you choose to agree), and possibly one redirect to a number that no-longer exists (all of which I just went through).
GL.