Xfinity WiFi Trojan Horse

| by Ken | in Technology Add comments

Have you noticed a WiFi network near your house with the name “xfinitywifi”?  Have you thought it interesting that the signal seemed to be as strong as your own network in your house?  If you are a Comcast network customer, it’s probably your own networking hardware offering you an alternate connection.  Comcast has their hardware default to a setup that provides a public access point for everyone under the name “xfinitywifi”.  Their idea is somewhat admirable: save the ordinary customer the trouble of configuring a guest network and at the same time, enable every customer of theirs able to access any Comcast WiFi network anywhere.

There are a few problems, though.  First is that you have to be a Comcast customer to use the guest network and I assume you don’t select your friends based on whether or not they use the same ISP as you.  Secondly, the sign in requires you to sign in to Comcast meaning you have to go through extra login with credentials that you hopefully remember every time you connect.  Third, any knucklehead with a Comcast account walking down the street can pause in front of your house and use your bandwidth.

I had seen xfinitywifi show up in a site survey and I concluded that it was my neighbors who hadn’t bothered to customize their SSID.  I replaced my cable modem as part of a network overhaul at my house and after I did so, I noticed a new and stronger xfinitywifi signal.  I was able to look at the network info and MAC address and figure out that that new network was coming from my hardware in addition to the private network.  (And I realized that while I was correct about the previous conclusion about the signal coming from my neighbors, I didn’t realize that I was effectively seeing two signals from each Comcast neighbor.)  Since I use my own routers, I set the Comcast cable modem to “bridge mode” which means it disables the wireless signal.  Except it actually leaves the xfinitywifi network active!  And there’s no way in the configuration pages to disable it.

The way you manage it, believe it or not, is through your Comcast account.  The easiest thing to do is to login to your Comcast account in your web browser.  Then open a new tab and paste in this URL:  https://customer.xfinity.com/WifiHotspot  Choose the “Disable” radio button and click Save.  So it’s pretty easy to do when you know where to go.  But who would have thought to do that?

I wonder why Comcast wants to have users control this behavior through their site.  Perhaps this is something they want to track and the settings in an individual cable modem are not things they can “see”?  Okay, so it isn’t really a Trojan Horse, since the public network packets that are sneaking through the cable modem that you let into your house aren’t going to escape the cable modem and unlock your front door.  But still, it seems that Comcast should be more upfront about what’s going on in the hardware they give you.

3 Responses to “Xfinity WiFi Trojan Horse”

  1. BikingBrian says:

    If the “xfinitywifi” is coming from the cable modem and not the router, perhaps it doesn’t count against your bandwidth? I suppose that’s easy enough to test, though why bother?

  2. Ken says:

    Great question – and one I almost answered in the post when I was typing but ended up skipping to try and keep the post from getting too long. So what I meant by “bandwidth” was not the amount Comcast allows; I’m talking about what I can use at any particular instant. That’s because while the traffic through xfinitywifi network may not “count” against my usage, it certainly does use a portion of the network bandwidth between my cable modem and Comcast HQ.

    You could argue that it is an advantage that guests to my house would use xfinitywifi and that it would be charged against my usage limits (if that were true). But I have never hit any usage limit and I’m not sure I actually have one. And I’m more irked by the possibility that while I’m using the network, I might not get full speed because somebody is parked on the street in front of my house and streaming video.

  3. BikingBrian says:

    I’m assuming that the maximum speed from Comcast HQ to your modem (as well as the speed the modem can handle) has got to be faster than the speed you’re paying for (and are therefore throttled at). If that’s the case, then it’s possible that the modem could be set up to prioritize giving you your speed, and then the “guests” get the rest of the available bandwidth. But you don’t know for sure.

Leave a Reply

Human Verification *

All content Copyright © Katharsys LLC Created with Wordpress, Theme "Synergy" by Pagelines modified by Katharsys LLC