ISP-provided nationwide wifi hotspots

[MrJimPhelps]

I was watching Undercover Boss tonight – tonight’s episode was about a company named Vivint, which is an internet service provider. The boss went to a customer site and assisted with connecting that house to the internet. One of the tasks that he performed was installing a radio device which would provide a public wifi hotspot at that house, for use by other customers who were physically close enough to access it.

This confirms something I have long suspected – if you use an ISP-provided router, the router serves as a publicly-available wifi hotspot for the customers of the ISP.

This is one reason I prefer to have my own router — I don’t want my router to be a publicly available hotspot.

Group "L" (Linux Mint)
with Windows 8.1 running in a VM

Reply | Quote

[Kirsty]

MrJimPhelps wrote:

about a company named Vivint, which is an internet service provider.

This information does not appear correct, at first look:

Vivint Smart Home, Inc. is a US public smart home company in the United States and Canada… Vivint delivers an integrated smart home system with in-home consultation, professional installation and support delivered by its Smart Home Pros, as well as 24/7 customer care and monitoring
…
Vivint CEO Todd Pedersen appeared on the season finale of the CBS television show Undercover Boss in February 2015

Reply | Quote

[alphacharlie]

I believe that Xfinity from Comcast is or was set up exactly the same way, unless the customer specifically asked for the hotspot feature to be disabled, or else knew how to disable it themselves.

Of course, Xfinity considered it a feature.

Here is one official description:  https://www.xfinity.com/hub/mobile/unlimited-mobile-hotspot-cell-phone-plans

Reply | Quote

[Nathan Parker]

I use all my own routers now (tried my ISP’s, but they wouldn’t even let me have access to the interface, so I dropped that). I have a “Public” SSID setup, but I keep it password-protected. I only give it out to guests who are over here visiting and have a reason to use the Internet. I also have it on its own VLAN so the Public network can’t access any of my primary network.

Nathan Parker

1 user thanked author for this post.

NetDef

Reply | Quote

[OscarCP]

Does not setting up the WiFi connection password protected and on an encrypted channel prevent interlopers from free-riding on your connection? But I imagine that, if this is so, it would only work at a fixed location (i.e. home) with an assigned router (i.e. yours), not at Hot Spots set up so anyone, or even just the ISP customers, can use them. I’ll be interested to know if any of what I just wrote is right, and what part of it is wrong.

Windows 7 Professional, SP1, x64 Group W (ex B) & macOS Mojave + Linux (Mint)

Reply | Quote

[Alex5723]

Some ISPs routers have a hotspot feature enabled by default to use by any passing customer.
The hotspot feature can be turned off only by the ISP’s support.
This feature is usually not advertised and can be found only when the user logs-in into his router and goes over all settings.
I had in the past such router.

The free hotspot is on another channel and isn’t protected by router’s password.

• This reply was modified 4 months, 3 weeks ago by Alex5723.
• This reply was modified 4 months, 3 weeks ago by Alex5723.

Reply | Quote

[b]

Comcast hotspot service is advertised and can be disabled by a gateway user:

Xfinity WiFi Hotspots Overview

How to Turn Xfinity WiFi Home Hotspot On or Off Using My Account

1 user thanked author for this post.

NetDef

Reply | Quote

[NetDef]

Thoughts and facts:

 

Facts:  for Xfinity and certain smaller providers that do this it’s important to remember their local hot spots are on separate networks from your home LAN. They are completely isolated.  So a person that connects to the hotspot being provided from your ISP’s router in your home does NOT have a way to scan or directly connect to devices on your LAN.

For customers of that ISP this seems like a pretty great idea and has the potential to benefit everyone.

 

Thoughts:  I don’t like using the ISP’s equipment – preferring control over my connection at a far greater level than their stuff allows.  And self-owned equipment cannot participate in the open Wi-Fi system from that ISP.  Additionally — in crowded Wi-Fi areas these hot spots make channel congestion much worse.

~ Group "Weekend" ~

Reply | Quote

[OscarCP]

Actually my question (see my previous comment) was, True or False?, about only being protected at home, not at ISP hotspots, when using a password to access the router and choosing an encrypted WiFi channel between router and computer. It looks like it should be this way to me, but I might be missing something here, as I have not looked into this in much detail.

Windows 7 Professional, SP1, x64 Group W (ex B) & macOS Mojave + Linux (Mint)

Reply | Quote

[PaulK]

True.
Your router, with WPA2 with a non-trivial pass-phrase, is as secure as it can get for a home installation. Obviously each device that is to ‘talk’ to that router also must have the WPA2 capability. Older computers, and likely many IoT devices, are not capable of that level of security.

Some home routers have the capability of enabling a ‘Guest’ network, with a lower (or no) level of encryption. This separate network (different SSID) is distinct from the ‘main’ network(s), and – as NetDef comments – is isolated from the ‘regular’ home users. (My router has a Guest capability, but only on the 2.4 band. But, what is crippling is that accessing it requires an accessing dialog that I’ve only found to be available on IE, not on Firefox. I am back level on FF, perhaps later ones do work. )

As I understand it, functionally this Guest network provides the same public service that an ISP’s ‘hot-spot’ does. The difference is that Guest traffic is still ‘your account’ traffic. Hot-spot traffic is ISP traffic. This is significant if there is data billing.

As to the usage at a public-location hot spot: regardless of the level of security that one must set in order to use the spot, ensure that one’s computer is set for ‘Public Network’ – sharing nothing. More can be said, but it is too far off-topic.

1 user thanked author for this post.

OscarCP

Reply | Quote

[TaskForce141]

As part of Covid-19 assistance, Comcast is allowing anyone to connect to their Wi-Fi hotspots for free, with no data cap.   I would turn off that hotspot whenever you can. Why:

• Network congestion on already crowded Wi-Fi bands, especially 2.4 ghz.  The freeloaders could be streaming 4k Netflix/Youtube around the clock.  That’s saturating the local Wi-Fi, causing slowing, glitching, dropouts for paying customers.  In your avg. apartment complex, dozens of routers are stepping over each other, in an overlapping traffic jam for a clear channel.   The last thing you want is more traffic.
• Your modem/router is running hot with all those freeloaders attached to your connection.  It might die or degrade because of the extra traffic load.  Remember, some people let their Youtube stream on auto-play, so the traffic never stops.

Reply | Quote

[wavy]

If the public modem/router is compromised I would say all bets off. There is also a Man-in-The-Middle type attack that is possible. I feel safer setting up my home router as a VPN end point (Open VPN for me) and your computer as client. I leave my modem on when I travel. May of course be a bit slower but does not bother me.

🍻

Just because you don't know where you are going doesn't mean any road will get you there.

Reply | Quote

[Paul T]

wavy wrote:

public modem/router is compromised I would say all bets off

If your machine is protected via standard methods – firewall, AV etc – and you use https connections, then a compromised router is not much of an issue.

As always, take care when travelling and only use sensitive data when you are reasonably sure of the local security.

cheers, Paul

Reply | Quote

[Author]

Posts