MacInTouch Amazon link...

AirPort issues/alternatives

Channels
Apple, Security, Products
I was a bit surprised that Comcast doesn't explicitly tell customers who rent its cable modems that they're helping Comcast to create an omnipresent WiFi network. I think a case could be made that Comcast customers should be compensated for (or at least not charged for) renting access points that advance Comcast business as well as providing the customers their internet access!
I don't think they're trying to hide this fact, even though they don't advertise it.

They say the service doesn't lower your cable modem bandwidth, which might be true, since the raw cable has far more bandwidth capacity than anything you could subscribe to.

They also say it doesn't threaten your LAN security, because this guest network provides separate IP addresses and only routes packets to the Internet, which is probably true, although it's possible that a bug in the firmware could be exploited to violate this firewall.

I think you could make the argument that the additional SSID clutters up the spectrum, lowering the signal quality for everybody else - probably true in dense urban environments where spectrum is already pretty cluttered. You could also make a (weaker) argument that the additional SSID consumes more power and therefore raises your electric bills. Maybe, but it would really surprise me if this is significant compared to normal router/Wi-Fi usage without the 'xfinitywifi' network being active.

There was a lawsuit over this in 2014. It appears that the judge suspended the suit, compelling arbitration instead. I don't know the outcome, but I assume Comcast won, because the "xfinitywifi" SSID still exists.

Personally, I think that was correct. People claiming that Comcast doesn't have permission to run an extra network on "their" router seem to forget that when you're leasing the router, it isn't yours - it belongs to Comcast. If you want it to be your own router, you can buy one - Comcast doesn't run this network on purchased routers.
 


Call me cynical, but what are the odds that Comcast's reply would be that your discount has already been applied and that you'd be paying more otherwise?
When I signed up with Xfinity (Comcast), I was advised that there was a 'public' hotspot associated with my access point (combo modem/router). The primary reason for it (according to Xfinity) is to allow guests access without having to give out your own access password.

They also mentioned that it could be turned off, should you so desire. I haven't found any reason to so, other than trying it, I have left it on.

They do have a number of public WIFI hotspots in our area, including one right across the street from us. That makes it easy to connect if I am in the yard working. Saves on the cell connection with the phone. And, with the 'public' WIFI hotspots, who knows if they are connecting to my access point or the one on the pole across the street?
 


Call me cynical, but what are the odds that Comcast's reply would be that your discount has already been applied and that you'd be paying more otherwise?
I called Comcast and requested that they turn it off, which they did, and there was no change in my service rate.
 


Call me cynical, but what are the odds that Comcast's reply would be that your discount has already been applied and that you'd be paying more otherwise?
And my reply to that (remember, I don't rent a cable modem from them anymore) would be, show me the discount; i.e., I think the rental fee is the same or higher than it was before they developed their distributed network.
 


I was a bit surprised that Comcast doesn't explicitly tell customers who rent its cable modems that they're helping Comcast to create an omnipresent WiFi network.
If they did, I suspect it would become an uncomfortable conversation for them. The radios necessary to make it happen use additional electricity, and guess who pays for that?

Apart from that, the aspect I especially did not like (when I had such a router) is that I had to contact them to turn the feature off. While I'm pretty sure that change is nowadays possible via their website, the issue remains: if they can turn it off, they can turn it right back on. I'm not sure they wouldn't just because they shouldn't.

The only way to make sure is to buy your own router, which won't include the feature. That alone makes the expense worth every penny.
 


I have Frontier FIOS. Bought the Google mesh WiFi system off Amazon for my 4-bedroom house. So I have 150 Mbps everywhere. Plugged my Time Capsule into it via ethernet, so I can still use that for iMac and MacBook Pro backups. My Fios modem has wifi, too, but I don't use it.
 


Apart from that, the aspect I especially did not like (when I had such a router) is that I had to contact them to turn the feature off. While I'm pretty sure that change is nowadays possible via their website, the issue remains: if they can turn it off, they can turn it right back on. I'm not sure they wouldn't just because they shouldn't.
The process to turn off the 'public' WIFI is easily accessible on the web. And, as I said, they mentioned that there was such a network when they installed the modem and showed how to turn it off. Because they had to lay cable to my house (no cable TV), they also sent out the modem with a person to install and explain. Since there was no additional cost above the cable install itself, I let them make sure the modem was set up properly. And the installer was very comfortable in setting it up the way I wanted.

As far as electricity, I suspect the amount used would be so minuscule as to not be measurable, especially when compared to the usage created by other electronic devices (TVs, printers, computers, etc).
 


... I think you could make the argument that the additional SSID clutters up the spectrum, lowering the signal quality for everybody else - probably true in dense urban environments where spectrum is already pretty cluttered. ...
The Comcast SSIDs are names for access to the same WiFi channel as the customer uses via the same [radio] channel. There is no extra clutter of the spectrum. For example, if 'Customer-WiFi' is on channel 11, than 'xfinity' (from the same Comcast gateway) will also be on channel 11 using the same WiFi modem and RF equipment.

Software magic in the Comcast gateway separates the customer WiFi traffic to the cable from the public traffic. Speed settings are independent, because everything is managed in the gateway.

What can occur is congestion on a particular channel, due to lots of users, whether customer or random public. This is the primary justification for turning off the public access, either administratively or by using your own equipment.
 


A tangental FWIW: I think of my wifi/router like I do my computer chair: too important to skimp on, considering I'm sitting here almost all day, every day. Even though I have a 24-port switch for wired connections (which I prefer to wifi when feasible), having a good modem and wifi/router is essential (in my opinion) to a more pleasant daily experience.

I'm personally very happy with my Comcast 1Gb service, but I use none of their hardware. My modem is a Motorola MB8600 (DOCIS 3.1) and my router is a Linksys EA9500 (AC5400). The router is behind a Bitdefender "Box".*

With this setup, I get up to 960 Mbs download wired, and up to 660 Mbs on wifi.

Further, I can control all the settings exactly as I please, which is important to me, and why I mention it here.

(*Since some will ask: the Box slows down my connection by only 2 or 3%. Since I also have a bunch of IoT units (light switches mainly, plus Alexa), I'm willing to make that very modest tradeoff for security. your milage may vary.)
 


The Comcast SSIDs are names for access to the same WiFi channel as the customer uses via the same [radio] channel. There is no extra clutter of the spectrum. For example, if 'Customer-WiFi' is on channel 11, than 'xfinity' (from the same Comcast gateway) will also be on channel 11 using the same WiFi modem and RF equipment. Software magic in the Comcast gateway separates the customer WiFi traffic to the cable from the public traffic. Speed settings are independent, because everything is managed in the gateway.
What can occur is congestion on a particular channel, due to lots of users, whether customer or random public. This is the primary justification for turning off the public access, either administratively or by using your own equipment.
David is essentially correct - unless Comcast has some sharp engineers who are able to override the laws of physics. Two "radios" on the same frequency (after all, WiFi modems are just radios) will, without a doubt, affect the throughput of any device on that frequency. Even a modem that is not being used, as in no clients, still is broadcasting (that's how you can "find" it).

Years ago I had done tests with this, when Comcast started this mess with their Xfinty WiFi, checking throughput both with and without that radio turned on. This was when I discovered that one is unable to set the user WiFi and the Xfinity WiFi to different channels. I had Comcast tech support and then engineering really perplexed with that issue for quite some time. I can't locate the web page right now but subsequent to our extensive discussions Comcast added a very small type disclaimer to the bottom of a WiFi ad page noting that overall performance would be "slightly" affected. I actually had an engineer tell me, when brought to his attention, "we didn't think of that".

Some laws are really bad, but laws of physics (and radio transmissions) are sort of like gravity; they are good and they are the law.
 


The Comcast SSIDs are names for access to the same WiFi channel as the customer uses via the same [radio] channel. There is no extra clutter of the spectrum. For example, if 'Customer-WiFi' is on channel 11, than 'xfinity' (from the same Comcast gateway) will also be on channel 11 using the same WiFi modem and RF equipment.
Software magic in the Comcast gateway separates the customer WiFi traffic to the cable from the public traffic. Speed settings are independent, because everything is managed in the gateway. What can occur is congestion on a particular channel, due to lots of users, whether customer or random public. This is the primary justification for turning off the public access, either administratively or by using your own equipment.
Then there is rural America (and elsewhere), where someone hopping on a wifi channel would have to drive onto my property.
 


A tangental FWIW: I think of my wifi/router like I do my computer chair: too important to skimp on, considering I'm sitting here almost all day, every day. Even though I have a 24-port switch for wired connections (which I prefer to wifi when feasible), having a good modem and wifi/router is essential (in my opinion) to a more pleasant daily experience.
I'm personally very happy with my Comcast 1GB service, but I use none of their hardware. My modem is a Motorola MB8600 (DOCIS 3.1) and my router is a Linksys EA9500 (AC5400). The router is behind a Bitdefender "Box".*
With this setup, I get up to 960 Mbs download wired, and up to 660 Mbs on wifi.
Further, I can control all the settings exactly as I please, which is important to me, and why I mention it here.
(*Since some will ask: the Box slows down my connection by only 2 or 3%. Since I also have a bunch of IoT units (light switches mainly, plus Alexa), I'm willing to make that very modest tradeoff for security. your milage may vary.)
For an individual, can you really take advantage of a 1 Gig internet service? Do the outside backbone and the servers you visit have the ability to send out their pages at 1 Gbps? I have over 100 mbps at my office and 13 mbps at my house, and I can tell the difference when downloading a 2 gig update, but a lot of the time I can not tell much difference when loading a web page.
 


When I signed up with Xfinity (Comcast), I was advised that there was a 'public' hotspot associated with my access point (combo modem/router). The primary reason for it (according to Xfinity) is to allow guests access without having to give out your own access password. They also mentioned that it could be turned off, should you so desire. I haven't found any reason to so, other than trying it, I have left it on. They do have a number of public WIFI hotspots in our area, including one right across the street from us. That makes it easy to connect if I am in the yard working. Saves on the cell connection with the phone. And, with the 'public' WIFI hotspots, who knows if they are connecting to my access point or the one on the pole across the street?
If you're curious, you could download iStumbler, which can give you information about all SSIDs it discovers in your neighborhood. The Comcast ones will broadcast themselves, and you should be able to tell if you are connecting to theirs or your own.
 


If you're curious, you could download iStumbler, which can give you information about all SSIDs it discovers in your neighborhood. The Comcast ones will broadcast themselves, and you should be able to tell if you are connecting to theirs or your own.
WiFi Explorer from the macOS App Store is also quite useful. The connected channel is highlighted in the display.
 


Further, I can control all the settings exactly as I please, which is important to me, and why I mention it here.
The exception to that is, of course, the modem's firmware, for which the decision of when or, sadly, even if it ever gets updated remains the cable provider's exclusive prerogative. I wish that weren't the case...", but, oh well...

Still, if there is a version with a known problem, I believe it should be the customer's exclusive decision to install it or not, even though I recognize the importance of providers testing firmware for compatibility, etc. I also realize that allowing them to do the updates makes novices and people who simply don't care about taking time to install updates infinitely more secure. I would therefore suggest they continue to be automatic by default – with an off switch made available for everyone else.
(*Since some will ask: the Box slows down my connection by only 2 or 3%. Since I also have a bunch of IoT units (light switches mainly, plus Alexa), I'm willing to make that very modest tradeoff for security. your milage may vary.)
Interesting! I had long forgotten that even existed. Have you found that it has indeed provided additional security rather than a mere placebo effect? Does it require that any client software be installed? I didn't have such a good experience with their 2019 software under Windows, but a hardware solution might be nice.
 


For an individual, can you really take advantage of a 1 Gig internet service?
I take your point, but I I do a lot more than look at webpages and read email. I develop and support a number of websites for commercial clients. The faster service multiplies my upload speed to 48Mbs and since I'm also a programmer, the faster download speed is worth it for gigabyte-size downloads. (It doesn't hurt with Netflix either. ;-)
 


Interesting! I had long forgotten that even existed. Have you found that it has indeed provided additional security rather than a mere placebo effect? Does it require that any client software be installed? I didn't have such a good experience with their 2019 software under Windows, but a hardware solution might be nice.
Well, for that kind of $, it had better be more than wishful thinking! :-)

I did run some modest tests against a few things, when I first got it (it seemed to work), and the online log says it has blocked several things in the past week. That said, yes, it also requires a BitDefender annual license and software. It's $99 per/year for all the bad guys you can eat.

There are some 60+ items in my house connected to the net (not just computers, but media boxes, amps, light switches, DVD player, Tivos, iPhones, iPads and on and on), so it amortizes well.

If you have suggestions as to how to test the Box per se, I'd be happy to hear them.

Tom's has a review here:
 


If you have suggestions as to how to test the Box per se, I'd be happy to hear them.

Tom's has a review here:
That's quite a comprehensive review; thanks for that. It notes that the only metric to experience a noticeable change was latency, which (in their testing) increased by 25 percent. Do you use VOIP? I've been considering trading Comcast landline service for Ooma, and I fear it may be sensitive to such an increase.
 


That's quite a comprehensive review; thanks for that. It notes that the only metric to experience a noticeable change was latency, which (in their testing) increased by 25 percent. Do you use VOIP? I've been considering trading Comcast landline service for Ooma, and I fear it may be sensitive to such an increase.
I had Ooma, and loved it... but then my cell phone is unlimited minutes, and isn't tied to my house, so I gave away my Ooma unit. Sorry I can't be more help.
 


I had Ooma, and loved it... but then my cell phone is unlimited minutes, and isn't tied to my house, so I gave away my Ooma unit. Sorry I can't be more help.
Oh, but you have helped me; it's great to know it worked well enough for you to be able to say that you loved it. Thank you!
 


Oh, but you have helped me; it's great to know it worked well enough for you to be able to say that you loved it. Thank you!
I was not clear... that was before I got my Box. I have no idea how it works with a Box (although you could get a little switch and just put it in parallel with the box...).
 


I was not clear... that was before I got my Box. I have no idea how it works with a Box (although you could get a little switch and just put it in parallel with the box...).
Quite the contrary; it is I who was unclear. I understood you perfectly. I nonetheless very much appreciate hearing yet more evidence that I made the right choice in buying my Ooma hardware (which I have not yet had the time to set up, test, and experience.)

I also appreciate your switch advice!
 


I'm about done with my old AirPort Extreme and am seriously considering going with a Plume mesh network. Anybody out their using Plume who wants to comment on how it compares to other competing solutions?
 


Ric Ford

MacInTouch
I'm about done with my old AirPort Extreme and am seriously considering going with a Plume mesh network. Anybody out their using Plume who wants to comment on how it compares to other competing solutions?
That's an interesting "system" I hadn't heard of, but reading their website raised concerns for me about potentially intrusive/invasive monitoring and tracking, and I didn't find their documentation very transparent on those topics amidst its hand-waving about "artificial intelligence", "engagement", "curation", "monetizing/leveraging", "collecting data", "client steering", etc.

This company's marketing claims seem so vague and ambitious that I question its solidity and products, as well as their effects on security and privacy, but I expect many of the themes and approaches touted here may become more and more widespread (and intrusive) as they're adopted by major Internet, media and phone providers in various guises (and perhaps "leveraged" profitably by smaller companies, such as this one, as well).

A few initial questions:
  • Can you use a VPN to tunnel through this system?
  • What data, exactly, does this system collect? Is that clearly and definitively documented anywhere?
  • What data does the company store in the cloud (apparently Amazon AWS) and how well is that data (e.g. passwords) secured?
  • What's the company's pitch to providers (e.g. Comcast?) vs. to the public, e.g. re: tracking and security?
  • How exactly does the company's business model work? Where does it get its revenue? Is it profitable?
  • Is the company public or private? What's its ownership?
(I also have questions/issues regarding Google mesh systems and others regarding privacy/security, and about how artificial intelligence and control over Internet access will affect us going forward, regardless of Plume's part in the process.)
 


That's an interesting "system" I hadn't heard of, but reading their website raised concerns for me...
Comcast has taken a financial stake in Plume and is repacking their gear under the xFi label. I believe you can use a VPN but would need to put Plume in Bridge mode through another router.

Their cloud-based software is a membership subscription model with a one-time lifetime membership of $200. Here a review on Mashable. Here's another review.

What I'm trying to get a better sense of is how they manage your data.

They don't have huge financial backing but here's the Crunchbase overview. This press release on their new PowerPod deployment option in the UK also caught my eye.
 



For the life of me, I'd like to know what Apple's ultimate home networking strategy is. Seems like another key area they are overlooking. Search for Airport on the Apple web site and you are likely going to be steered to someone else's equipment. Is HomeKit even a thing yet that anyone uses? And I would never want a HomePod or other voice-activated "spy" in my house. AppleTV+? Who uses a TV anymore?

Just give me a fast, secure, easily deployable and configurable wireless networking solution that I control and own all aspects of (including the data).
 


Ric Ford

MacInTouch
What data, exactly, does this system collect? Is that clearly and definitively documented anywhere?
For what it's worth...
Plume said:
Plume Privacy Policy
...
  • Information about your connected devices: This information includes the type of device you use, operating system version, user agent information, a sampling of DNS requests, device hostname, the nickname given to the device and the unique addresses of the device....
  • Safety controls and security features: Safety controls and security features require the monitoring of device network traffic like source and destination traffic headers, IP addresses, ports and DNS requests. We use this information to protect home devices from contacting malicious Internet locations or websites and content that has been identified as inappropriate by Plume in accordance with the content filters set by the Plume App user, prevent them from being hacked, app reporting and analytics, and to identify device behavior that may indicate an anomaly or attack, when the security feature is On. The safety controls and security features can be turned Off for some or all home devices, which will turn off the data collection. If you are using the WiFi of someone while the safety controls and security features are On, note that the user of the Plume App may link the activity on your device to you, and see in the Plume App information about your use of the WiFi, such as whether your device is currently connected to the WiFi, since when it is connected, a blocked domain name that you tried to access, and the time when you tried to access it.
... We collect certain information via cookies, including your browser type, operating system, domains, IP address, the URL of the page that referred you, referring/exit pages, the different actions you performed, such as page views, how you interact with our Services and with third-party links, traffic and usage trends.
...
We may use our own analytics cookies or third party analytics providers to collect and process certain data analytics on our behalf. For example, we use Google Analytics, an analytics service provided by Google....These providers may also collect information about your use of other websites, apps, and online resources.
...
  • We allow third-party advertising partners to use cookies on our website to collect information about your browsing activities over time and across websites. We also work with these third-party advertising partners to market our services to you on other websites, apps and online services. For example, we use advertising services provided by third-party ad partners, such as Google Display Network and Google Analytics Demographics. Through a process called "retargeting," each service places a cookie on your browser when you visit our website so that they can identify you and serve you ads on other websites around the web based on your browsing activity.
  • Third-party content. Our website may contain links to other websites operated by third parties and may include social media features such as Facebook and Twitter buttons (such as "Like," "Tweet" or "Pin"). These third-party websites may collect information about you if you click on a link and the social media websites may automatically record information about your browsing behavior every time you visit a website that has a social media button.
...
  • We may share or transfer Personal Information as part of a business deal such as the financing, sale, merger, bankruptcy, sale of assets or reorganization of our company.
We may also share Personal Information with our business customers...
 


Amazon disclaimer:
As an Amazon Associate I earn from qualifying purchases.

Latest posts