If you haven’t heard about it, Comcast has plans to build a wifi network for its subscribers, on the back of its other subscribers’ routers. What’s worse is it’s an opt-out service. If you don’t hear about it and say something, you’re a hotspot for any other Comcast customer who happens to wander by.
I’m not a Comcast customer. I’m in Charter territory, and I’m not a Charter customer either. But I have so many problems with this it’s hard to know where to begin, so I sure hope other ISPs don’t copy this.I have to start somewhere, so I guess I’ll start with what I do best, and move on from there.
Security. Comcast says the guest network is separate from your network, so the other Comcast subscribers won’t be able to get onto your home network. There are certainly ways to do that, and some higher-end consumer routers that you can buy have a similar feature. I believe them when they say they’ll try to make it secure. Will it be possible to defeat that security? Give it a year and I’ll bet there will be multiple people who find ways to do it.
Many people recommend treating ISP-issued routers as a hostile device and putting another router/firewall between it and your computers. I don’t think that’s a bad idea, and when Comcast is doing this, it’s yet another reason to do it.
Presumably, these guests will have to authenticate somehow, so only Comcast subscribers can use it, rather than anybody and everybody. That will at least keep the traffic and potential attackers down a little.
Liability. So if someone connects to this hotspot and does something illegal, is Comcast going to log who connected to that hotspot and when, so the authorities or the RIAA/MPAA don’t come banging on the wrong door? Because if you don’t think that’s going to happen, you’re kidding yourself.
Bandwidth. There are 30 countries that have faster Internet than the United States does. Thirty. Including powerhouses like Estonia. Estonia! And Belarus. We invented the Internet, but we’ve been overtaken by countries that are barely older than the Web itself. In Hong Kong or Korea, you can get 500-megabit Internet for $30 a month. That’s 10 times as fast as my Internet connection, for half the price. Cable providers offer 300-megabit service, but then they charge $350 a month and then claim nobody wants it.
Companies like Comcast refuse to provide reasonable speeds for a reasonable price, and now they’re going to make their subscribers share their itty-bitty backwater pipe? That’s wrong. Comcast claims they’ve added bandwidth to accommodate this extra usage. Why can’t they give everyone more speed then? Charter is about to increase its minimum speed to 100 megabits–a reasonable level–but Comcast is still offering 20 megabit service.
I think this is a smokescreen to avoid upgrading its infrastructure to offer reasonable speeds. It’s cheaper to just do this, and they can tell most people it was a choice between one or the other, and the majority of people will probably believe it.
What problem are they trying to solve, anyway? I’m in a residential area, surrounded by other houses in all directions for probably a good mile or two. I can’t for the life of me think of why someone would need to hop on a public wifi anywhere on my street. There’s a busy commercial district not far from me, and I could see someone needing to hop on public wifi from there, but guess what? Most of those businesses already offer free public wifi.
On Saturdays when I’m running around on the estate sale circuit, from time to time I’ve wished I had a wifi connection, especially in the areas where they don’t allow cell towers so I struggle to get even a 2G connection. But in St. Louis there are really only a couple hundred people in that situation, and that’s two or maybe three days a week. This is a metro area with 2.5 million people. I just don’t see that typical people have a problem that this is going to solve.
And would I want to connect to it anyway? If Comcast were in St. Louis, we could reasonably assume they would have 50% of the market. I can’t think of a good reason to connect to a wifi network with 1.2 million other people potentially on it. Maybe they segment this network better than that, but still, I’d be sitting on a network with a lot of strange devices. A PC running Windows has a pretty good firewall built in and enabled by default, and a PC running Linux can easily have a good firewall enabled, but most smartphones don’t. You can root an Android phone and enable a good firewall on it, but most people don’t want to do that and risk voiding their warranty.
I know when I take my kids to a hands-on children’s museum in January, they’re going to get sick because all it takes is one sick kid out of the thousands who visit that day to contaminate stuff and realistically probably more like 20% of the kids visiting are sick with something. This Comcast wifi network is going to be the digital equivalent of a children’s museum in January, but all year round.
Why do I assume the network segmentation stinks? Because I’ve never seen a security-first consumer product. And there’s no reason to believe this will be the first.
David Farquhar is a computer security professional, entrepreneur, and author. He started his career as a part-time computer technician in 1994, worked his way up to system administrator by 1997, and has specialized in vulnerability management since 2013. He invests in real estate on the side and his hobbies include O gauge trains, baseball cards, and retro computers and video games. A University of Missouri graduate, he holds CISSP and Security+ certifications. He lives in St. Louis with his family.
2 thoughts on “A Comcastic-ally bad idea”
I found this out by accident. I have a scanner on my cell phone that tells me what wireless networks are near me, and noticed a comcast network appear one day. It was a stronger signal than the router in the room. I contacted Comcast via their on-line chat app, and it took me about ten minutes to get through to “Steven” that I did not want to pay my bill to his company to let THEM use my bandwidth. I don’t think he fully understood, but he went off for about ten minutes, and the thing disappeared. Three days later I had to reboot the modem, and the damned thing showed up again. So I had to contact them again. The second time it’s stayed off… So far.
You’ve made it easier to understand.
You’re right about the hackers. They will appreciate the challenge and the free wifi for their illegal pursuits.
Comments are closed.