I hate having the XFINITY hotspots app on my phone, managing my WiFi, requiring location to work fully, etc. Previously I was able to just enter the MAC address and it would automaticaly log me on. But now that feature seems to be missing from my account management. Fortunately, you can easily optimize your Xfinity® internet speed using NetSpot, a professional wireless site surveys, WiFi analysis, and troubleshooting app for Windows and Mac OS X. NetSpot can help you discover WiFi networks around you and create detailed WiFi strength heatmaps. To use the tool, all you need is a laptop or desktop computer running Windows 7 or higher or Mac OS X 10.10 or higher.
About a year ago, Comcast started modifying the routers of some of their customers to create a quasi-public wireless system called XFINITY WiFi intended for use, mainly, by Comcast customers. Home users would see a new Wi-Fi network called 'xfinitywifi' alongside their existing private wireless network.
In pushing the program, Comcast points out that when one of their customers visits another, the visitor can use the xfinitywifi network rather than the homeowners wireless network. They tout it as a security feature, since the homeowner gets to keep their Wi-Fi password secret. Of course, this ignores the fact that many routers offer guest networks to solve just this problem.
The big benefit is that when Comcast customers are traveling to an area served by Comcast, they can use this public Wi-Fi to get online. XFINITY Wi-Fi can save on typically limited 3G/4G bandwidth and it should be faster too.
Comcast makes XFINITY WiFi available to their business customers too and they have installed it at some public areas, such as the Universal Orlando Resort. It may even let someone get away with a cheap Wi-Fi only tablet as opposed to a model with built-in 3G/4G/LTE.
The company claims to have over a million XFINITY WiFi hotspots, another source put the current number at 3 million. Either way, Comcast plans to have 8 million by the end of 2014. To put this in perspective, Comcast has roughly 21 million Internet customers.
Is XFINITY WiFi a good thing or a bad thing?
On his This Week in Tech podcast on June 15th, Leo Laporte didn't know what to think. At Lifehacker, Melanie Pinola recently wrote 'It isn't necessarily a terrible thing.'
They, like many others who have addressed the topic, have probably not considered all the security issues. Here I will cover the obvious downsides to the service, some less than obvious drawbacks, and finally, a new security risk that no one has yet raised.
Focused on Defensive Computing as I am, XFINITY WiFi seems like a bad idea for Comcast customers, both those offering the free Wi-Fi on their routers and those using the system away from home. If you read this entire article to the end (warning: it's long), I am sure you will agree.
THE OBVIOUS OBJECTIONS
The knee-jerk objections have been addressed by Comcast.
The first reaction that many have is the fear that outsiders connecting to their home router will hog the bandwidth and slow down the Internet connection speed of the homeowner.
In response, Comcast says that they do not allow more than 5 xfinitywifi guest users at a time on any one router. https://kbusio.weebly.com/visio-2019-professional-for-mac.html. They also say that 'The broadband connection to your home will be unaffected by the XFINITY WiFi feature . We have provisioned the XFINITY WiFi feature to support robust usage, and therefore, we anticipate minimal impact to the in-home WiFi network.'
DOCSIS 3.0 cable modems get their speed, much like the ac flavor of Wi-Fi, by using multiple channels. Unlike Wi-Fi channels, DOCSIS channels refer to wired connections between the cable modem and the home office of the cable provider.
Some DOCSIS 3.0 modems have 4 channels in each direction, others have 8 downstream channels (from the Internet to you) and 4 upstream (from you to the Internet). It is possible Qr code app for mac. that the Comcast gateway devices (Arris Touchstone models in Houston) are configured to send guest traffic over a different channel or channels than traffic from the homeowner. But, to be clear, this is speculation on my part.
I have not run across any tests with hard numbers, but my expectation would be that the bandwidth impact would be minimal.
Another obvious issue is that visitors might be able to interact with computers and other devices on the personal network (wired or wireless) since everything connects to the same gateway device. Addressing this, Comcast says 'The XFINITY WiFi service is designed to work on a separate network so that your home network remains entirely secure.' Here too, I have not run across any reports that put this claim to the test.
Samara Lynn, of PC Magazine, raised another concern - physical security. She writes that 'People locate Comcast hotspots via an Xfinity app or through the Xfinity hotspot locator site. I would be concerned about my address being broadcast by the app or the website'. Comcast does address this, but Lynn says 'Comcast's vague statement on the matter is not reassuring'.
IT WASN'T ME
![]()
The last of the obvious objections is accountability. What if a guest, using the Internet connection in your home, does something illegal? Something so bad that law enforcement agencies get involved. This has come up many times before and is, perhaps, the most important reason not to share your home Internet connection.
Xfinity Wifi App For Mac
To the outside world, all computing devices in your home look the same. That is, they share a common public IP address (an IP address is the unique number that identifies a single entity on a TCP/IP network). You can see your public IP address at ipchicken.com, ip2location.com and many other places.
Nothing I have read says that XFINITY WiFi guests are assigned their own public IP address. If they are not, anyone offering the service from their home, runs the risk of men with guns knocking on their door.
Comcast says that if the FBI comes knocking, there is no need to worry; illegal activity can be traced back to the guest who is a known Comcast customer.
That Comcast has to say this, however, shows that illegal activity is not easily traced to real culprit.
And even if Comcast can relate any illegal activity to their customer who was a guest on your home router at 9:56pm on Tuesday, would you trust one of the most hated companies in the U.S. to have your back in this case? That there are no detailed explanations of how this works, just makes one more doubtful.
Xfinity Wifi App For Laptop
In addition, XFINITY WiFi is not limited to Comcast customers, making the task of identifying the real perpetrator of illegal activity that much harder. https://ameblo.jp/ernavicka1989/entry-12640293931.html.
As shown in the screen shot below of the Comcast FAQ page, there are two ways that anyone can hop onto the system: a free trial and a short term access pass. Bad guys with stolen credit cards can get online for an hour ($2.95), a day ($7.95) or a week ($19.95). Bad guys without a credit card can use two free sessions of an hour each.
In fairness, Comcast offers the one hour free sessions only at 'select XFINITY WiFi hotspot locations'. But exactly what that means, they don't say. Likewise, the access passes are not available in all locations. Whether that means you can't buy them everywhere or you can't use them everywhere is, again, not spelled out.
THE LESS OBVIOUS DANGERS
The first problem with the Comcast claim that the guest network is separate from the homeowners private network is that there are no technical details on how this is done. The data traffic needs to be separate over the air, in the router and as far as anyone on the Internet can discern.
Comcast has not said if xfinitywifi traffic is encrypted over the air, a huge omission. Their FAQ page has one relevant sentence: 'Whenever you sign in, we help protect your privacy and the safety of your Comcast Email or username and password by providing 128-bit encryption on the sign in page'. In other words, their sign-in page uses HTTPS. WPA2? None of our business.
Heck, they don't even say which Wi-Fi frequency band (2.4GHz or 5GHz) they use.
Is this miserable documentation due to incompetence or was it carefully crafted to hide oversights in the technology?
However it is done, the device that separates the public and private networks in your home is the gateway device, a combination modem and router.
Next month, at the Hackers On Planet Earth (HOPE) conference, I will be giving a presentation on 'Securing a Home Router'. Touch mouse app for mac. In part, I was drawn to the subject because of the huge parade of ghastly security flaws in routers. It seems when it comes to router firmware, quality is job 326.
With 8 million of them in the field, the devices used for XFINITY WiFi will surely be prime targets for bad guys. If they have flaws, someone is sure to find them.
Another security issue involves the userid/password used to logon to XFINITY WiFi. It is the same one used to logon to the Comcast website to manage an account. If a bad guy got hold of it (more on this below) there is a huge potential for abuse.
Xfinity Wifi App Download
They can see your billing details and read your webmail. They can add HBO and Cinemax to your account. Worst of all, they can logon to XFINITY WiFi as you, do something illegal and have everything point back to you.
A much better approach would have been for Comcast to let their customers create a new userid and password, one that is only valid for XFINITY Wi-Fi. Better yet, there should be a Wi-Fi only userid/password for each member of the family. A single userid/password being used for everything is too tempting a target.
MAC ADDRESS SPOOFING
Perhaps the biggest security issue Download messages app for mac. with XFINITY WiFi involves the 'Automatic Sign In'.
![]()
According to Comcast anyone using XFINITY WiFi when away from home only has to logon with their Comcast userid/password once from any given wireless device. Afterwards, the system recognizes the device automatically.
. Ftdi usb driver download xp. once you have successfully signed in using a Wi-Fi enabled device, your device will be registered for Automatic Sign In and you will not be required to provide your Comcast ID and password to connect to the XFINITY WiFi network using the same device . You can register up to 20 of your Wi-Fi-enabled devices with our automatic sign-in feature.
After the previous point, this may sound like a good thing, since the Comcast userid/password is not being sent over the air. I suspect, however, that it is a big security flaw.
How does this work? Needless to say at this point, I could find no relevant documentation.
How might it work?
If Comcast required their software on wireless devices, then their software could generate some type of unique identifier that was only known to Comcast. But their software is not required. Any wireless enabled device can logon to XFINITY WiFi. So, how might Comcast uniquely identify a particular device?
By MAC address (MAC, all upper case, is a network identifier; Mac, with the ac in lower case, is a computer from Apple).
All wired and wireless network hardware has a unique 48 bit identifier called a MAC address. From the start, MAC addresses were designed to be globally unique. The first 24 bits identify the company that made the hardware, the last 24 bits function as a serial number for the device.
A router has at least three MAC addresses, one for its WAN connection to the Internet, one for its LAN connection and one for its Wi-Fi radio. A dual band router will have a MAC address for each wireless band. You can usually find the MAC addresses of a router on a sticker on the bottom.
If you have ever dealt with configuring a router, you may have run across a security feature called MAC address filtering. This lets you tell the router the MAC addresses of known trusted Wi-Fi devices. These devices are allowed in, all others get blocked. You can see a demo of configuring MAC address filtering for an Asus router here.
Sound like a great security feature? No one uses it.
In reality, it offers hardly any security, at least for wireless.
MAC addresses are always broadcast unencrypted over the air. The underlying communication protocol requires this. So, anyone who found themselves blocked by a router using MAC address filtering, could just listen for a valid MAC addresses communicating with the target network and then pretend to be that device. The pretending (called spoofing) is not all that hard.
Getting back to XFINITY Wifi, we can now understand what I see as its biggest security problem. Rather than use a free one hour session, a bad guy can park near an xfinitywifi network and make a note of the MAC addresses of the devices using the network. Then all they need to do is fake their MAC address, get automatically signed in, do something illegal, and an innocent Comcast customer is in for all kinds of hell.
There is no defense here either.
The best security for public Wi-Fi networks, a VPN, does not protect prevent a bad guy from seeing the MAC address of your wireless device. The VPN will encrypt stuff, but that stuff gets sent to the router in a clump of bits ('packet' is the official term) that includes the unencrypted MAC address.
That said, Comcast has been rolling out XFINITY WiFi for an entire year. At the least, they have over a million hotspots. It's hard to believe that I am the first person to publicly raise this issue.
So I did some searching, and found a six month old reddit posting where someone claimed that spoofing their MAC address to aa:bb:cc:dd:ee:ff (all valid hexadecimal digits) got them on a 'CableWiFi' network without having to provide credentials. If true, it would not be a surprise. It would also mean (if it was true) that the CableWiFi system keyed off MAC addresses. And if they do, it is likely that XFINITY WiFi does too.
EVIL TWIN NETWORKS
Then too, there is the classic Wi-Fi issue - evil twin networks.
Download XFINITY Stream for PC and Laptop (Windows and Mac)
Now you can get XFINITY Stream for PC and Laptop powered up with Windows XP, Windows 7, Windows 8, Windows 8.1, Windows 10 and MacOS/OS X. You can download XFINITY Stream for PC and Laptop from AppsforLappc.com. The game offers amazing new features. Read out what it has to offer and then go through the guide to install XFINITY Stream for PC and Laptop right away.
XFINITY Stream for PC Features and Description:Xfinity Wifi App For Microsoft Surface
Only XFINITY gives you more to stream on any screen. Watch live TV and XFINITY On Demand on any device at home or on the go. If you’re an X1 Cloud DVR customer, you can also stream or download your Cloud DVR recordings to your device and watch anywhere.
Key Features:
– Watch more than 200 channels of Live TV on the go from any available WiFi or cellular connection in the U.S. if you filter by “Available out of home”. – Choose from tens of thousands of TV shows and movies available for streaming On Demand—some of which are available to download for offline viewing by filtering for “Available for Download”. – X1 Cloud DVR customers can watch saved recordings from anywhere in the U.S. with an internet connection. Once downloaded, videos can be viewed offline—anytime, anywhere (i.e. in planes, trains, and automobiles—ANYWHERE!). – Choose from the full guide or filter by popular categories such as Sports, Kids, and Movies. – Forget to schedule a recording? X1 Cloud DVR customers can schedule or modify DVR recordings right from the XFINITY Stream app. – If you have previously made a movie purchase On Demand, you can take these purchases with you wherever you go right from the XFINITY Stream app! – Trying to find your favorite show or movie? Use the search function to see if it is available On Demand or airing soon.
Exclusive In-Home Features:
– Watch live TV streams from your entire channel lineup when on in-home Xfinity WiFi – Choose from XFINITY’s full Video On Demand library, filtered to show only the content already included in your subscription at no extra charge. – Stream rented TV shows and movies right to the app during the rental period.
Requirements:
– Reliable WiFi or cellular internet connection for video streaming and downloading – XFINITY service with a subscription to one or more eligible channels to watch live or On Demand video. – XFINITY username and password. Universal serial bus usb controller driver cyberpoweer. Forget your username or need to create one? See help links directly below! – Some programmer content restrictions apply.
Get Help Signing In:
– Create an XFINITY username and password: xfinity.com/getstarted – Look up your existing XFINITY username: xfinity.com/username – Reset your XFINITY password: xfinity.com/password
Questions:
– Help and support page: customer.xfinity.com/help-and-support/xfinitytv Method#1: Download XFINITY Stream for PC and Laptop (Windows and Mac)
Method#2: Download XFINITY Stream for PC and Laptop using APK file
Xfinity Stream for PC Video Guide:Comments are closed.
|
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |