I was surprised when Comcast wanted to swap out my modem for an all-in-one modem-wireless router-phone hookup. And to boot more than doubled my speed from 20 to 50 mbps or better at no cost. Cool. Then I notice that all of a sudden I see Xfinitywifi show up as a new UNSECURED wireless connection. Obviously from my new rig as it has 5 bars and my closest neighbor shows up at 3 bars. Then yesterday I got a letter from them telling me all about the new Xfinitywifi service available at thousands of locations. Apparently also out at the street in front of my house. All of a sudden I get this big brother feeling. They say it doesn't affect my internet speed as it is a separate signal, but admit it could affect my wireless speed. To their credit they do say it can be disabled. but how many are going to bother? So for the price of a faster connection they are using my home as a WiFi hot spot for any Comcast customer with a username and password. I have to admit I have real mixed feelings about this.

Double the speed at no cost? Think you just found the hidden cost! I doubt if enough people will use you hot spot enough to slow down your connection by 50%. Otherwise you have a gain most of the time. And you can apparently have it disabled. Not sure I see the downside.

Not as bad as Facebook... if you use Facebook, you should ask your self how a company with little paid service is worth $billions!

Hi Ole,

I expect that there is probably a way to "secure" the wireless part. It will probably take some research on your part. Most of the wireless routers I've worked with in the past sevareal years have their own built-in webpage that you access by typing the IP address (e.g., 192.169.x.x or something similar) instead of a www.xxxxx (http://www.xxxxx)... web address. You might even be able to get help by looking around on the Comcast website.

Of course, that won't help you at the "hundreds of free locations" but that's no different than most any public wi-fi access point.

Hope this helped a little!

Regards,

Marty

In reality, the only folks that could take advantage of my hot spot would be the next door neighbor, but they would already need to be a Comcast customer to have a login and password, so they would already have a connection. Comcast touts it for visitors to your house, you don't need to give them your password, but they need to already be a customer, so that limits its usability for visitors. But I am having on and off wireless issues, so I may disable it to see if that helps.

Interesting. I wonder if someone sits in front of your house and uses your wifi for something illegal. Are you liable? You shouldn't but will the legal fees bankrupt you first? A place like McDonald's has the legal means to swat something like that, do you?

I'd like to see the Xfinity contract and find out if they are going to try to dump the responsibility on you.

-Tom

I would assume(yes, I know) that if they need a user ID and password, Comcast can tell who originated the traffic!

I suspect it may be coming here as well, since Comcast bought Time Warner... yuck.

Ole, did the on and off wireless issue start with the new modem/router install? If so, may be a bad modem/router! I'd contact Comcast if that continues.

By the way, many 3rd party stand alone routers, have the ability to setup a guest SSID. Does pretty much the same thing, except you are in control of the passwords. You can give a guest internet access without access to your LAN that way. I would think that you would assume at least some liability that way though.

I'm not sure I see the problem (once I get past any alarmist fears). They're giving you superior service to what you had for no extra cost, and you can disable the hotspot.

router address 192:168.0.1

Then I notice that all of a sudden I see Xfinitywifi show up as a new UNSECURED wireless connection. .

This is to support their "Xfinity everywhere" desires. They setup their access points in residential subscribers to not only serve the household privately, but also to provide public access points to Xfinity subscribers. You do not pay for this privilege and any use doesn't count against your caps. The traffic for the Xfinitywifi SID is separate from your own traffic in that respect.

And you're correct, only folks who actually notice it will consider disabling. Personally, if I were a Comcast subscriber (I'm Not!), I'd disable it, not just to preserve wireless performance for my own devices, but because I have no way to know if I could have any liability for misuse of access through a device on my premises.

router address 192:168.0.1

Pretty much every router used "out there" as a firewall/router in residential situations uses either 192.168.1.1 or 192.168.0.1 as the default address.

This was actually in the tech news around 6 months ago. Comcast is going to implement this all over the place to create wireless hot spots for their Xfinity Wi-Fi service using your electricity and your internet connection. So, you are paying for a service, while providing a free wireless service for other paying Comcast customers. There are a lot of opinions out there about this on tech-related sites.

One also has to consider that as a Comcast/Xfinity customer you are able to take advantage of this service when you are out and about. I bought my own cable modem so I don't have a Comcast/Xfinity router that does this. Electricity use is going to be almost nothing since you're going to plug in the router for your own use anyhow.

I would probably disable this if I had the router from Comcast/Xfinity. I've never personally used this WI-FI service that Xfinity provides. I mostly just use LTE when I'm not home or at work.

Interesting. I wonder if someone sits in front of your house and uses your wifi for something illegal. Are you liable? You shouldn't but will the legal fees bankrupt you first? A place like McDonald's has the legal means to swat something like that, do you?

I'd like to see the Xfinity contract and find out if they are going to try to dump the responsibility on you.

-Tom

From their FAQ:
Will the homeowner be accountable for the visitor's activities and data usage on the wireless gateway? (answer) No. The activities and usage of visiting users are tied back to the visitors’ accounts, not the homeowner’s. Homeowner’s activities and usage on the Home Hotspot are tied to the homeowner’s account.

and: What if I choose to disable the Home Hotspot feature?: We encourage all subscribers to keep this feature enabled as it allows more people to enjoy the benefits of XFINITY WiFi around the neighborhood. You will always have the ability to re-enable the XFINITY WiFi feature on your Wireless Gateway by calling 1-800-XFINITY or by visiting My Account at http://customer.comcast.com/, clicking on “Users & Preferences”, and then selecting “Manage XFINITY WiFi.”

Twice today I tried to access the disable feature on my preferences pull down on the Xfinity web page, no luck, not working. Not ready to call customer service yet.

Not even sure if I want to disable it other than to see if it has any affect on my spotty wireless issues. I am able to quickly move my laptop to the Ethernet cable and when I do, it seems to be a wireless issue not a internet issue.

Can you unscrew the antennas from the XFinity router and just plug in your own secured wireless router? Or you could put their router in a Faraday cage by wrapping it in metal screen or foil.

Let me put a spin on this many may not be seeing...

I refuse to use hotspots. It's like promiscuous sex without using a condom... you never know how dirty the hotspot is (or how promiscuous), and once you log on, you could be opening yourself up to infecting your own system, identity theft, etc.

So, it may seem like a convenience if you're a ComCast customer, but it's a serious risk to be taking... significantly more risky than standing behind your own firewall. At least there you have a pretty good idea what kind of traffic has flowed.

More information:

http://www.dslreports.com/shownews/Comcast-Turns-Houston-Users-Routers-Into-Public-Hotspots-129306

And I agree with Dan on this one...I'm very, very, VERY careful about what public WiFi I use with my devices. You cannot just go by the name of the SSID...that's something easily spoofed, too.

Well, I was finally able to disable Xfinitywifi, but I had to plug into the LAN port to do it, I kept getting a fail at the final step at their website when tried wireless. Go figure. And, every time I do a speedtest on the LAN I am hitting 57/11, on wireless it is still all over the place, and always slower, sometimes only a third of the LAN speed. I need to find a way to fish an Ethernet cable from my router to my laptop location. And disabling the Xfinitywifi didn't seem to solve my wireless issues.

Well, I was finally able to disable Xfinitywifi, but I had to plug into the LAN port to do it, I kept getting a fail at the final step at their website when tried wireless. Go figure.

This doesn't surprise me... router management is best done via wired anyway.

And, every time I do a speedtest on the LAN I am hitting 57/11, on wireless it is still all over the place, and always slower, sometimes only a third of the LAN speed. I need to find a way to fish an Ethernet cable from my router to my laptop location.

It's normal behavior for you to get lower performance from a wireless connection than you do with a wired connection, Ole. They work differently and that, combined with the nature of wireless signal degradation in the in-building environment reduces effective speed/throughput. 25%-50% of wire speed isn't unusual and that assumes you are using the latest standards (802.1n, for example) and have your AP set to a channel that doesn't have a lot of interference from other nearby APs and other devices, such as cordless phones. Nature of the beast!

Let me put a spin on this many may not be seeing...

I refuse to use hotspots. It's like promiscuous sex without using a condom... you never know how dirty the hotspot is (or how promiscuous), and once you log on, you could be opening yourself up to infecting your own system, identity theft, etc.

So, it may seem like a convenience if you're a ComCast customer, but it's a serious risk to be taking... significantly more risky than standing behind your own firewall. At least there you have a pretty good idea what kind of traffic has flowed.

How does using a software firewall and a VPN service such as https://www.privateinternetaccess.com/pages/buy-vpn/ affect that? I'm not clear if using a VPN service would help with malware infections or not.

You have attached yourself to someone else's router (possibly an infected one)... by doing so, you have significantly increased your risk of infection.

About a year ago I wrote a paper and gave a series of talks on hacking COTS wifi routers. It's disgustingly easy, even for beginners, to do some nasty things to them. At the end of every talk, I always had folks come up and say two things: 1) They were frightened by how easy it is to attack them, and 2) They wanted to know what the more secure router brands were.

The answer to #2 is... "There aren't any!" For the most part, one design is similar to the next, and quite often they're loaded with practically identical firmware (based upon the same code). D-Link, Netgear, Belkin, Linksys, Cisco, etc... same basic designs, and the same basic attacks work in one form or another. Only when you get into the high-end series of something like a Cisco do you begin to have any real protection (and even then they leak like sieves if you know where to look).