Tuesday, July 15, 2014
With Cable WiFi, Your Modem Is My Hotspot
Over the past few years, the cable industry has quietly pulled off a minor miracle of infrastructure. It’s built a nationwide WiFi network, and it’s given many of its subscribers access to it for free.
But this “Cable WiFi” project has some warts: security issues, unequal access, and missed opportunities.
How it worksYou may have seen wireless networks called “CableWiFi” pop up on your computers or mobile devices. These hotspots give wireless access to customers of Bright House Networks, Cablevision’s Optimum, Comcast’s XFINITY, Cox Communications, and Time Warner Cable. The five cable carriers also have free wireless networks for their own customers. Look for Bright House Networks, optimumwifi, xfinitywifi,CoxWiFi, or TWCWiFi signals, respectively.
Not a subscriber of one of these networks? You can often still get online even if you don’t subscribe, at hourly, daily, or weekly rates, or through free-trial options.
I spent a few afternoons trying this access around my Washington, D.C., neighborhood, and it was mostly a positive experience. I tried a free one-hour trial and paid ($2.95) one-hour passes on Comcast’s Cable WiFi network.
I got good speeds, up to 28 megabits per second at one point, which is faster than my home FiOS connection. But I was right in front of the building hosting the hotspot when that happened. Typically I got about 4 megabits a second, but occasionally I saw poor performance, down at dial-up speeds (under 100 kilobits a second).
Comcast’s helpful iPad app (photo above) gave me a database about local hotspots that I could use when i wasn’t online (to help me find a zone where I could connect), and it has a nifty augmented-reality view to visualize nearby networks.
So what’s not to like?
A risk of ISP impersonationWhen I ran my experiments, how did I know I connected to a legitimate cable company network? My Android phone showed a green padlock icon that, when tapped, confirmed that Comcast signed the page with an“extended validation” certificate, but my iPad’s Safari browser showed only a generic lock icon without further details.
Yes, I am a nerd who does things like inspect site certs.
If a connectivity con artist wanted to run malicious networks named “xfinitywifi” to harvest cable usernames and passwords — in turn,opening the door to draining bank accounts — he probably could.
I’ve yet to see reports of that, and neither has Comcast, by far the largest Cable WiFi operator. But tools to make it happen exist: Johannes Ullrich, a security researcher who helps run the SANS Internet Storm Center, said he’s already seen a script for the hacker-friendly Pineapple WiFi router to turn it into an xfinitywifi doppelganger.
Using Cable WiFi directories like those in Comcast’s app and on cable operators’ sites can help avoid “honeypot” hotspots (which are anything but sweet). Having more companies follow Time Warner Cable in supporting stronger “Passpoint” authentication should improve security, too.
In the meantime, Cable WiFi’s reliance on email usernames and passwords provides a very good reason to use a different account for accessing WiFi networks than you do for everything else, especially online banking and other sensitive sites.
Home Hotspot hijinksAnother wrinkle comes in how Comcast and others are accelerating their WiFi rollouts. They’re renting their cable subscribers modems that double as public hotspots, broadcasting a separate signal from their customers’ paid-for bandwidth.
That’s why you might get a strong signal in a residential neighborhood. The signal is coming from inside someone’s house.
Comcast has been especially energetic in deploying “Home Hotspots.” It has 3 million of them active. And of the 8 million total “xfinitywifi” signals it aims to have online by year-end, spokesman Charlie Douglas said, “a supermajority” will be home-based.
Comcast says it notifies subscribers before turning on a Home Hotspot, doesn’t let non-Comcast cable subscribers use them for free, and hides their locations from its maps. Subscribers can opt out (see our directions), but Douglas said “less than 1 percent” do.
I trust Comcast and Cablevision (which plans to follow Comcast’s practice) to wall off public access from paid connections. It’s not difficult to do, technically speaking.
But it’s a little cheeky for Comcast to give away bandwidth flowing into subscribers’ homes after years of experimenting with data caps. Its current offer in some markets is an insulting $5 discount if you accept a 5 GB cap. And if cable companies want to ask customers to market their services by providing public access from private property, then the least they can do is discount their ever-escalating modem rental rates.
That’s how other services have done it. The pioneering DSL provider Speakeasy Network invited customers to share bandwidth with this offer: We’ll bill your neighbor for access (and give her email and tech support) and cut your rate as part of the deal. Today, Fon helps telecom companies in other countries offer similar deals.
Part-time onlyIf you like cable WiFi, though, it’s difficult to use it more than infrequently. Its weekly rates represent a poor value, and you can’t buy into a longer term. Cable operators would rather keep wireless access a perk for current customers.
Time Warner publicist Judy Barbao said the idea with cable WiFi is to “offer additional value to their home Internet service.”
But that’s not the only way to do it. Cable operators could follow the example of Boingo Wireless and sell monthly WiFi to all comers — that Los Angeles firm charges $9.95 a month for unlimited domestic service, now $4.98 with a discount.
You’re not supposed to use Boingo as a residential connection, and few do. Spokeswoman Katie O’Neill said “the number of people who violate these terms and get a warning or suspension is very, very small.”
Could Cable WiFi withstand broader usage? TWC must think so, having signed a roaming deal that lets Boingo customers borrow its WiFi. But ultimately these hotspots have to go into homes to give people broad coverage.
Cable WiFi can be a useful service on its own. But if you look at the cable companies’ offerings and prices, you can discern that the service is really another case of the companies trying to keep people signed up to comprehensive but expensive bundles of voice, video, and Internet, while turning away customers who want to buy only the services they really need.